51be3feede4c954d726ab7bdd372843d33f60f4581765c0fcedda1292293c0cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e9e69f97d6ddf3b7629499ba382085f
Size

1000KB
Sample

240129-cpzjtshbel
MD5

7e9e69f97d6ddf3b7629499ba382085f
SHA1

ca1725953cb8e699d73d63791d8a8e18c4848284
SHA256

51be3feede4c954d726ab7bdd372843d33f60f4581765c0fcedda1292293c0cb
SHA512

724d97fb2cb5cd72787e434790ca4470402f34e7bd095ad2e0f1f092ad9bcf234ecb2169d15d9314f204d52c0510409f3ecc451cfb811ba3e355c2b0d34ddf0e
SSDEEP

24576:Tg8sB6UD2yZZvkEU7Ng8kthU2rhdmX2guZOny1B+5vMiqt0gj2ed:Tg5bZvkEU7Ng8k3U2ddmX2guZOYqOL

Score

7^/10

Malware Config

Targets

- Target
  
  7e9e69f97d6ddf3b7629499ba382085f
- Size
  
  1000KB
- MD5
  
  7e9e69f97d6ddf3b7629499ba382085f
- SHA1
  
  ca1725953cb8e699d73d63791d8a8e18c4848284
- SHA256
  
  51be3feede4c954d726ab7bdd372843d33f60f4581765c0fcedda1292293c0cb
- SHA512
  
  724d97fb2cb5cd72787e434790ca4470402f34e7bd095ad2e0f1f092ad9bcf234ecb2169d15d9314f204d52c0510409f3ecc451cfb811ba3e355c2b0d34ddf0e
- SSDEEP
  
  24576:Tg8sB6UD2yZZvkEU7Ng8kthU2rhdmX2guZOny1B+5vMiqt0gj2ed:Tg5bZvkEU7Ng8k3U2ddmX2guZOYqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2