258f18f8d5b3ff5b76a1c09ec5cd224cd028e9340bde81b61495534a549ac015 | Triage

Sharing

General

Target

8fbb02c32e025162462d57f9a19985bb
Size

506KB
Sample

240204-vx9nwahahn
MD5

8fbb02c32e025162462d57f9a19985bb
SHA1

13a8179ce4b00dd7df8bcbd297d0ef838e9df5ee
SHA256

258f18f8d5b3ff5b76a1c09ec5cd224cd028e9340bde81b61495534a549ac015
SHA512

ef49ae6453f188a8c3e4b622ed18311b12fcd7c3775f8d682a52eec0808502729915115a4acdc7495b4372a51f8592a64c5295f6cf9197fb08f2ef87ca1761ce
SSDEEP

12288:/apqvYuCg/NtO5MTQelYmx7/+cfSC36QRT1gdTYt4u9OnllX:/axog5E3/+CqQx1QA4AOnH

Score

7^/10

Malware Config

Targets

- Target
  
  8fbb02c32e025162462d57f9a19985bb
- Size
  
  506KB
- MD5
  
  8fbb02c32e025162462d57f9a19985bb
- SHA1
  
  13a8179ce4b00dd7df8bcbd297d0ef838e9df5ee
- SHA256
  
  258f18f8d5b3ff5b76a1c09ec5cd224cd028e9340bde81b61495534a549ac015
- SHA512
  
  ef49ae6453f188a8c3e4b622ed18311b12fcd7c3775f8d682a52eec0808502729915115a4acdc7495b4372a51f8592a64c5295f6cf9197fb08f2ef87ca1761ce
- SSDEEP
  
  12288:/apqvYuCg/NtO5MTQelYmx7/+cfSC36QRT1gdTYt4u9OnllX:/axog5E3/+CqQx1QA4AOnH
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2