fa4e78493b2c05c19f547ba0518b3cc60fc1292c1c4382efd1ea658902fba44a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78df62ebf8b929d0ad91255c54f8ec20
Size

241KB
Sample

240127-bfk5eaaad9
MD5

78df62ebf8b929d0ad91255c54f8ec20
SHA1

69d9f0a8a98e46d49d906f0e9d71e83dc1e9fc55
SHA256

fa4e78493b2c05c19f547ba0518b3cc60fc1292c1c4382efd1ea658902fba44a
SHA512

705816732c32ab9b13821fef0d1a3b711b2ce0ebe5f00039cc095ce82e00d2f66a53390e5576da984544de1543986da0ef280a5527e29b80a119e6f2d682358c
SSDEEP

6144:YgHnEtl0RoNDvdEU7DbvWqW3nrrQbll7jR4DQji3MEDE:lkjsoF73Inr8xlHR4yi8iE

Score

7^/10

Malware Config

Targets

- Target
  
  78df62ebf8b929d0ad91255c54f8ec20
- Size
  
  241KB
- MD5
  
  78df62ebf8b929d0ad91255c54f8ec20
- SHA1
  
  69d9f0a8a98e46d49d906f0e9d71e83dc1e9fc55
- SHA256
  
  fa4e78493b2c05c19f547ba0518b3cc60fc1292c1c4382efd1ea658902fba44a
- SHA512
  
  705816732c32ab9b13821fef0d1a3b711b2ce0ebe5f00039cc095ce82e00d2f66a53390e5576da984544de1543986da0ef280a5527e29b80a119e6f2d682358c
- SSDEEP
  
  6144:YgHnEtl0RoNDvdEU7DbvWqW3nrrQbll7jR4DQji3MEDE:lkjsoF73Inr8xlHR4yi8iE
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2