91ca34519f4ec83fcd179dbdd2ac6cdb6da509b37ba8fe021517edd0025cedbe | Triage

Sharing

General

Target

95e4a40e2b61c00947160104d4c8a94d
Size

1000KB
Sample

240212-bv4kasgd32
MD5

95e4a40e2b61c00947160104d4c8a94d
SHA1

c498c470e952f995173ef76e900793ee0765581d
SHA256

91ca34519f4ec83fcd179dbdd2ac6cdb6da509b37ba8fe021517edd0025cedbe
SHA512

e3a46c7bcb6fd1fed3cc462a424d5d023b7e4dc7cb1589d7610d2cc283b0590161eaef6d8a469b6be7de37a036fdff4c468ed1947a010ec0c6f9c63d5be2c637
SSDEEP

12288:u8JvfSREkDsTEt3PP8FooSPfJEImY+FHq3agnRBplpIQni7RvXVGKkok04SXVLS7:M8iHcl9N1SoX4S7yb1B+5vMiqt0gj2ed

Score

7^/10

Malware Config

Targets

- Target
  
  95e4a40e2b61c00947160104d4c8a94d
- Size
  
  1000KB
- MD5
  
  95e4a40e2b61c00947160104d4c8a94d
- SHA1
  
  c498c470e952f995173ef76e900793ee0765581d
- SHA256
  
  91ca34519f4ec83fcd179dbdd2ac6cdb6da509b37ba8fe021517edd0025cedbe
- SHA512
  
  e3a46c7bcb6fd1fed3cc462a424d5d023b7e4dc7cb1589d7610d2cc283b0590161eaef6d8a469b6be7de37a036fdff4c468ed1947a010ec0c6f9c63d5be2c637
- SSDEEP
  
  12288:u8JvfSREkDsTEt3PP8FooSPfJEImY+FHq3agnRBplpIQni7RvXVGKkok04SXVLS7:M8iHcl9N1SoX4S7yb1B+5vMiqt0gj2ed
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2