69e384a5a2ae06e080dc4b1dd5c781ceac03ebf482306dacc70d8be6e3ac53e9 | Triage

Sharing

General

Target

85ac4acc25feaf3267699d7c53c41c3a
Size

1000KB
Sample

240201-csc51abbfq
MD5

85ac4acc25feaf3267699d7c53c41c3a
SHA1

4302053e670e6aa3a4de2f2be680bb8b496de038
SHA256

69e384a5a2ae06e080dc4b1dd5c781ceac03ebf482306dacc70d8be6e3ac53e9
SHA512

6e98867415698b1b64a1f737073e72e0273fafb378c2ecdcfb896f9460c26c9c9dd12557c31a73ba445f9f5890da8f9dad5c0629ed961d8eac6851df80c79629
SSDEEP

24576:2NbIlahToZ+ATM6WqQS561B+5vMiqt0gj2ed:2ZIshToZC6T5QqOL

Score

7^/10

Malware Config

Targets

- Target
  
  85ac4acc25feaf3267699d7c53c41c3a
- Size
  
  1000KB
- MD5
  
  85ac4acc25feaf3267699d7c53c41c3a
- SHA1
  
  4302053e670e6aa3a4de2f2be680bb8b496de038
- SHA256
  
  69e384a5a2ae06e080dc4b1dd5c781ceac03ebf482306dacc70d8be6e3ac53e9
- SHA512
  
  6e98867415698b1b64a1f737073e72e0273fafb378c2ecdcfb896f9460c26c9c9dd12557c31a73ba445f9f5890da8f9dad5c0629ed961d8eac6851df80c79629
- SSDEEP
  
  24576:2NbIlahToZ+ATM6WqQS561B+5vMiqt0gj2ed:2ZIshToZC6T5QqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2