be30c9f47f45f865f72b989e0f8a59a1462ef15a768762d14804589e5deec0f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8652a8af93aacfef8cc2a819358cb6c7
Size

1000KB
Sample

240201-jj6jhsggak
MD5

8652a8af93aacfef8cc2a819358cb6c7
SHA1

8e0e08909248f2e4a9080b39600caa1cfff6b505
SHA256

be30c9f47f45f865f72b989e0f8a59a1462ef15a768762d14804589e5deec0f3
SHA512

b930ca85a94666ca40cf693be4c08e768e3f7a905af7dbe7f5bcf6ab91637d95ec8dbcf8e1b879b049afd6615aa6d9fba39857fe44b4aeec76ba5288f84ea4c1
SSDEEP

24576:GL/UTHbRsn8g3bir3Jalg1B+5vMiqt0gj2ed:0MTH+8grKaMqOL

Score

7^/10

Malware Config

Targets

- Target
  
  8652a8af93aacfef8cc2a819358cb6c7
- Size
  
  1000KB
- MD5
  
  8652a8af93aacfef8cc2a819358cb6c7
- SHA1
  
  8e0e08909248f2e4a9080b39600caa1cfff6b505
- SHA256
  
  be30c9f47f45f865f72b989e0f8a59a1462ef15a768762d14804589e5deec0f3
- SHA512
  
  b930ca85a94666ca40cf693be4c08e768e3f7a905af7dbe7f5bcf6ab91637d95ec8dbcf8e1b879b049afd6615aa6d9fba39857fe44b4aeec76ba5288f84ea4c1
- SSDEEP
  
  24576:GL/UTHbRsn8g3bir3Jalg1B+5vMiqt0gj2ed:0MTH+8grKaMqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2