2dbd4014f7db6b0f865e424d67cbab9a89d8495a2aba62a00ed4ffd60c32f0b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e71294b6a26db9e6ff42574ac8a613c
Size

506KB
Sample

240204-g5mmesdfgq
MD5

8e71294b6a26db9e6ff42574ac8a613c
SHA1

0889c9037ee0328ef116fbae98e983cd66e94cb9
SHA256

2dbd4014f7db6b0f865e424d67cbab9a89d8495a2aba62a00ed4ffd60c32f0b6
SHA512

636a4da6e393b246158de752f05ad4bebf28b1263372671bff0713224028f18407513f2206ce6a97c66476ed2eb88345ace2f3444d76b6c12e4e6fc3f92df541
SSDEEP

12288:nlLeBKVdXr/Eeu6iLtE9X1FwkbvDnbXb9T:ngBsmzLtEFYkbDb9

Score

7^/10

Malware Config

Targets

- Target
  
  8e71294b6a26db9e6ff42574ac8a613c
- Size
  
  506KB
- MD5
  
  8e71294b6a26db9e6ff42574ac8a613c
- SHA1
  
  0889c9037ee0328ef116fbae98e983cd66e94cb9
- SHA256
  
  2dbd4014f7db6b0f865e424d67cbab9a89d8495a2aba62a00ed4ffd60c32f0b6
- SHA512
  
  636a4da6e393b246158de752f05ad4bebf28b1263372671bff0713224028f18407513f2206ce6a97c66476ed2eb88345ace2f3444d76b6c12e4e6fc3f92df541
- SSDEEP
  
  12288:nlLeBKVdXr/Eeu6iLtE9X1FwkbvDnbXb9T:ngBsmzLtEFYkbDb9
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2