e2a8710255aa32d500295ea0372449906a479d62e90494da3eeac2e256001204 | Triage

Sharing

General

Target

8ad8c924ea41e40accee2ced2ccae0dd
Size

506KB
Sample

240202-3t6f2seedl
MD5

8ad8c924ea41e40accee2ced2ccae0dd
SHA1

cbce91f4691ff8f2e8d4ebb0bd9c333a7462e302
SHA256

e2a8710255aa32d500295ea0372449906a479d62e90494da3eeac2e256001204
SHA512

be900a8050eb914c36ccaf2b8666eb92a54831fe1950602574a3133057b20d3109953cc47892cac66f60565d8d7d5719bfb85574af62b065ca667be336bbbb9f
SSDEEP

12288:xmP2B+hF/DYor02OaKoyvi7OBrS1f9Yh2TNai72:xVB+Lf0xirKAai72

Score

7^/10

Malware Config

Targets

- Target
  
  8ad8c924ea41e40accee2ced2ccae0dd
- Size
  
  506KB
- MD5
  
  8ad8c924ea41e40accee2ced2ccae0dd
- SHA1
  
  cbce91f4691ff8f2e8d4ebb0bd9c333a7462e302
- SHA256
  
  e2a8710255aa32d500295ea0372449906a479d62e90494da3eeac2e256001204
- SHA512
  
  be900a8050eb914c36ccaf2b8666eb92a54831fe1950602574a3133057b20d3109953cc47892cac66f60565d8d7d5719bfb85574af62b065ca667be336bbbb9f
- SSDEEP
  
  12288:xmP2B+hF/DYor02OaKoyvi7OBrS1f9Yh2TNai72:xVB+Lf0xirKAai72
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2