50302c7713990867aaa7e6c10ec8d43c930172be9022e1a88bc881e6cbb0f217 | Triage

Sharing

General

Target

8eee154bc9abe1abe6a24131083df902
Size

506KB
Sample

240204-mmr23shfam
MD5

8eee154bc9abe1abe6a24131083df902
SHA1

8ebf8cd206e9a66034795fe01cb07e2034d18637
SHA256

50302c7713990867aaa7e6c10ec8d43c930172be9022e1a88bc881e6cbb0f217
SHA512

31eb4fb02d711bb87ee13f8a202912b50e600ba5ab2e83be5f23a4c81cd6bf25cd790a857589b04cb984c57f9e5a61400fdc64976cb6c53083d98f1417ed22f0
SSDEEP

12288:Dd87btGK0WBBanptiwLTozquJoMVdhzoWTYDb1:pcGBWoeqozquJZV/oWg1

Score

7^/10

Malware Config

Targets

- Target
  
  8eee154bc9abe1abe6a24131083df902
- Size
  
  506KB
- MD5
  
  8eee154bc9abe1abe6a24131083df902
- SHA1
  
  8ebf8cd206e9a66034795fe01cb07e2034d18637
- SHA256
  
  50302c7713990867aaa7e6c10ec8d43c930172be9022e1a88bc881e6cbb0f217
- SHA512
  
  31eb4fb02d711bb87ee13f8a202912b50e600ba5ab2e83be5f23a4c81cd6bf25cd790a857589b04cb984c57f9e5a61400fdc64976cb6c53083d98f1417ed22f0
- SSDEEP
  
  12288:Dd87btGK0WBBanptiwLTozquJoMVdhzoWTYDb1:pcGBWoeqozquJZV/oWg1
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2