fcc40608bd203d8611ef32f0a12ba60a60d3de316ba6fc79f3b093517a49ddc0 | Triage

Sharing

General

Target

7a525b492d5678253fa3f5b38408a1d8
Size

506KB
Sample

240127-p9k86aeeam
MD5

7a525b492d5678253fa3f5b38408a1d8
SHA1

1adf8745113b9ec8454bf98ee1b44caaafb70a90
SHA256

fcc40608bd203d8611ef32f0a12ba60a60d3de316ba6fc79f3b093517a49ddc0
SHA512

b955722d4a93c75bc14a7bee0425884379346b9f3dfad309159f50c7531a5c053a100ac9eb188ffa7f6556edbe286a71a6fefd17638bfdf7344ab6d93c8e2a5d
SSDEEP

12288:9HYQh0Za0aMNNnv8123le8Sjxv3PIfSicJ9yjXF3fS:9xuaMNtv8Setv9ibS

Score

7^/10

Malware Config

Targets

- Target
  
  7a525b492d5678253fa3f5b38408a1d8
- Size
  
  506KB
- MD5
  
  7a525b492d5678253fa3f5b38408a1d8
- SHA1
  
  1adf8745113b9ec8454bf98ee1b44caaafb70a90
- SHA256
  
  fcc40608bd203d8611ef32f0a12ba60a60d3de316ba6fc79f3b093517a49ddc0
- SHA512
  
  b955722d4a93c75bc14a7bee0425884379346b9f3dfad309159f50c7531a5c053a100ac9eb188ffa7f6556edbe286a71a6fefd17638bfdf7344ab6d93c8e2a5d
- SSDEEP
  
  12288:9HYQh0Za0aMNNnv8123le8Sjxv3PIfSicJ9yjXF3fS:9xuaMNtv8Setv9ibS
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2