1f43cdb4c91202745e992fae7692164c2be3ceb98ea60831fa35ec96761d37c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85c8c7481b1d5a1513843e8e902aea57
Size

241KB
Sample

240201-dtpe4aabf6
MD5

85c8c7481b1d5a1513843e8e902aea57
SHA1

e6c3e0d7c8b4afa1b345aec6e8dc6e87ab671e9e
SHA256

1f43cdb4c91202745e992fae7692164c2be3ceb98ea60831fa35ec96761d37c6
SHA512

9774cffd6bb3d3f7cb61f3012346d2595711941d54a1a6aa91c54e09fcfe1d3c3cfd0817d99cb14680de6d6b035689cf5c7abf919a69161f417d13429ced0164
SSDEEP

6144:GAOJv2ClHLIAU/cdw1eETh+38+bl4ta9/X9SJ:GAOMCuNB1eETh+Pb2MBtSJ

Score

7^/10

Malware Config

Targets

- Target
  
  85c8c7481b1d5a1513843e8e902aea57
- Size
  
  241KB
- MD5
  
  85c8c7481b1d5a1513843e8e902aea57
- SHA1
  
  e6c3e0d7c8b4afa1b345aec6e8dc6e87ab671e9e
- SHA256
  
  1f43cdb4c91202745e992fae7692164c2be3ceb98ea60831fa35ec96761d37c6
- SHA512
  
  9774cffd6bb3d3f7cb61f3012346d2595711941d54a1a6aa91c54e09fcfe1d3c3cfd0817d99cb14680de6d6b035689cf5c7abf919a69161f417d13429ced0164
- SSDEEP
  
  6144:GAOJv2ClHLIAU/cdw1eETh+38+bl4ta9/X9SJ:GAOMCuNB1eETh+Pb2MBtSJ
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2