33d4a48e121734c624ef1f5cc6819e7e546041943b540bdb2d9acb38c54b72bd | Triage

Sharing

General

Target

8044af50fe95c7ed15532c1464d5dc1d
Size

506KB
Sample

240129-tkqvkafbdk
MD5

8044af50fe95c7ed15532c1464d5dc1d
SHA1

3bd680036d9b5445ae37537a43cac2aa337dde1a
SHA256

33d4a48e121734c624ef1f5cc6819e7e546041943b540bdb2d9acb38c54b72bd
SHA512

c82175219ba3e7f912621372a3959df0172def08197989560d93be1e4a42e90dca179cdc8cafc6b15583377faac24bbf612c17efb57f49a336be068335634910
SSDEEP

12288:q6SxVwOuj3wrQvWNx1oxtj8LGVciJNHoeRIgOdn:q6Sx6Osgs8foxtj8LGVciJrRIgOdn

Score

7^/10

Malware Config

Targets

- Target
  
  8044af50fe95c7ed15532c1464d5dc1d
- Size
  
  506KB
- MD5
  
  8044af50fe95c7ed15532c1464d5dc1d
- SHA1
  
  3bd680036d9b5445ae37537a43cac2aa337dde1a
- SHA256
  
  33d4a48e121734c624ef1f5cc6819e7e546041943b540bdb2d9acb38c54b72bd
- SHA512
  
  c82175219ba3e7f912621372a3959df0172def08197989560d93be1e4a42e90dca179cdc8cafc6b15583377faac24bbf612c17efb57f49a336be068335634910
- SSDEEP
  
  12288:q6SxVwOuj3wrQvWNx1oxtj8LGVciJNHoeRIgOdn:q6Sx6Osgs8foxtj8LGVciJrRIgOdn
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2