6bf9c9ba619df6c15befba8cea695b6e7df1ce7a8b843d304eecc71248e2c858 | Triage

Sharing

General

Target

97e46ad2eed9f3079baaeb4d0f7f476b
Size

771KB
Sample

240212-3gahvaec2x
MD5

97e46ad2eed9f3079baaeb4d0f7f476b
SHA1

014680bbbbefd977b50002233af54ab07d4846af
SHA256

6bf9c9ba619df6c15befba8cea695b6e7df1ce7a8b843d304eecc71248e2c858
SHA512

8003fb326212fc129981d6e463fd9fe6e6a45ba3e53b66d561b810d875a6347b366a010823b59b0a52f88a046d2dbd5bccb125e21c7f3ea8a6c37b0e0cd1db4b
SSDEEP

12288:GJ3/IV44aRFPdUURBsOolngTTX3hAOpSXWZL4YfZZG+ECaBwQ2tb5JLrnyl0:GdpRFFUpXlWTHhAPqL4Yyt1B+5vM0

Score

7^/10

Malware Config

Targets

- Target
  
  97e46ad2eed9f3079baaeb4d0f7f476b
- Size
  
  771KB
- MD5
  
  97e46ad2eed9f3079baaeb4d0f7f476b
- SHA1
  
  014680bbbbefd977b50002233af54ab07d4846af
- SHA256
  
  6bf9c9ba619df6c15befba8cea695b6e7df1ce7a8b843d304eecc71248e2c858
- SHA512
  
  8003fb326212fc129981d6e463fd9fe6e6a45ba3e53b66d561b810d875a6347b366a010823b59b0a52f88a046d2dbd5bccb125e21c7f3ea8a6c37b0e0cd1db4b
- SSDEEP
  
  12288:GJ3/IV44aRFPdUURBsOolngTTX3hAOpSXWZL4YfZZG+ECaBwQ2tb5JLrnyl0:GdpRFFUpXlWTHhAPqL4Yyt1B+5vM0
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2