dd22e9d5f096f56cdfb199144d9498af6d529e6a831c21efa46b60740af5483a | Triage

Sharing

General

Target

7f418d22b7d92dc92b12d25517d7067a
Size

1000KB
Sample

240129-jdnfrachh6
MD5

7f418d22b7d92dc92b12d25517d7067a
SHA1

fff33cda2fe6b52a3ff0887057b4ab2517773fe5
SHA256

dd22e9d5f096f56cdfb199144d9498af6d529e6a831c21efa46b60740af5483a
SHA512

ab89bf98c5b632439cf83fa1f0982ed88e89abfde811086c60588325ec72a7ffa2aa11bcd4282d3e0b7d7b46333dca3450837174404a592ae6c6ed042fe715d8
SSDEEP

24576:a78K/A31v4LU3x0D7y1B+5vMiqt0gj2ed:a7bA3aU36IqOL

Score

7^/10

Malware Config

Targets

- Target
  
  7f418d22b7d92dc92b12d25517d7067a
- Size
  
  1000KB
- MD5
  
  7f418d22b7d92dc92b12d25517d7067a
- SHA1
  
  fff33cda2fe6b52a3ff0887057b4ab2517773fe5
- SHA256
  
  dd22e9d5f096f56cdfb199144d9498af6d529e6a831c21efa46b60740af5483a
- SHA512
  
  ab89bf98c5b632439cf83fa1f0982ed88e89abfde811086c60588325ec72a7ffa2aa11bcd4282d3e0b7d7b46333dca3450837174404a592ae6c6ed042fe715d8
- SSDEEP
  
  24576:a78K/A31v4LU3x0D7y1B+5vMiqt0gj2ed:a7bA3aU36IqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2