000b1d29ffcba9e7857adc44b8db330bd9c79acbe04b6a3dcead8aaca23858f4 | Triage

Sharing

General

Target

8988ecc44487097f40d4a230d1825706
Size

1000KB
Sample

240202-pv9yzagbdr
MD5

8988ecc44487097f40d4a230d1825706
SHA1

77cd05ccc9551f718d6ebb31acdc3d540c02d048
SHA256

000b1d29ffcba9e7857adc44b8db330bd9c79acbe04b6a3dcead8aaca23858f4
SHA512

15732c7d8a6b8101c71cd942ae90be0ea224758c9dbeef2b18ac09d2ebe58a8d503d7485174a905e899cf40ab54e57516561a25e28ca23fd9bee200fece060f2
SSDEEP

24576:4zqF01RFZ6dvHUJ4ht5eAZmxO1B+5vMiqt0gj2ed:4mF0HFQdvHUWht5ZqOL

Score

7^/10

Malware Config

Targets

- Target
  
  8988ecc44487097f40d4a230d1825706
- Size
  
  1000KB
- MD5
  
  8988ecc44487097f40d4a230d1825706
- SHA1
  
  77cd05ccc9551f718d6ebb31acdc3d540c02d048
- SHA256
  
  000b1d29ffcba9e7857adc44b8db330bd9c79acbe04b6a3dcead8aaca23858f4
- SHA512
  
  15732c7d8a6b8101c71cd942ae90be0ea224758c9dbeef2b18ac09d2ebe58a8d503d7485174a905e899cf40ab54e57516561a25e28ca23fd9bee200fece060f2
- SSDEEP
  
  24576:4zqF01RFZ6dvHUJ4ht5eAZmxO1B+5vMiqt0gj2ed:4mF0HFQdvHUWht5ZqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2