f98b79d8353242f3dc59ab4a47d41986b2a4725f2b03bdf7eccc626f5c44bdcc | Triage

Sharing

General

Target

82a3e324f5eaeb6961b6d1d8801d3cfa.bin
Size

535KB
Sample

240201-cym76abchn
MD5

82a3e324f5eaeb6961b6d1d8801d3cfa
SHA1

5f4c5b3f2ddf0b35355cf47b2492fc2dd4598ee5
SHA256

f98b79d8353242f3dc59ab4a47d41986b2a4725f2b03bdf7eccc626f5c44bdcc
SHA512

6571b15929ca3f3d9cab7a7eeff49aabc4b96a6e543880cb369a655bf17751727c9820a391be8d174ca38736a27d1e102b607d4fd32b19512166d3a7ad8cc05e
SSDEEP

6144:UgkAIdxqvB4AY11S2OWQ4dolrdCFiH1HU5TfqTe70uOVmb+rNesqoDUr8MZafNF3:KQ4AnMulkYVHUpD/U4sqZ83DSBP8Mw

Score

7^/10

Malware Config

Targets

- Target
  
  82a3e324f5eaeb6961b6d1d8801d3cfa.bin
- Size
  
  535KB
- MD5
  
  82a3e324f5eaeb6961b6d1d8801d3cfa
- SHA1
  
  5f4c5b3f2ddf0b35355cf47b2492fc2dd4598ee5
- SHA256
  
  f98b79d8353242f3dc59ab4a47d41986b2a4725f2b03bdf7eccc626f5c44bdcc
- SHA512
  
  6571b15929ca3f3d9cab7a7eeff49aabc4b96a6e543880cb369a655bf17751727c9820a391be8d174ca38736a27d1e102b607d4fd32b19512166d3a7ad8cc05e
- SSDEEP
  
  6144:UgkAIdxqvB4AY11S2OWQ4dolrdCFiH1HU5TfqTe70uOVmb+rNesqoDUr8MZafNF3:KQ4AnMulkYVHUpD/U4sqZ83DSBP8Mw
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2