5fbeb1bf4bced3ffd47184d5d85ba7357c0e6da58763d79038a4b25cbcae702f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

969ab81972e4e622b09cac07bb864a1c
Size

506KB
Sample

240212-h8exeshd83
MD5

969ab81972e4e622b09cac07bb864a1c
SHA1

8d39902f361366606796d188e2a877dfaac5b11d
SHA256

5fbeb1bf4bced3ffd47184d5d85ba7357c0e6da58763d79038a4b25cbcae702f
SHA512

e91043963ee37b9408b2bd65f9f043550c991d15332f994159167e2688c86a67e3a0182569daca36d7def588701e3412ce6c479dab1427b22e774ff14421ef13
SSDEEP

12288:d5xj1ZhTIZBb9sPqIFGPvIIJC8R9k2rLz6PEh:d5rTib9sPVFGPAIC83hrL+2

Score

7^/10

Malware Config

Targets

- Target
  
  969ab81972e4e622b09cac07bb864a1c
- Size
  
  506KB
- MD5
  
  969ab81972e4e622b09cac07bb864a1c
- SHA1
  
  8d39902f361366606796d188e2a877dfaac5b11d
- SHA256
  
  5fbeb1bf4bced3ffd47184d5d85ba7357c0e6da58763d79038a4b25cbcae702f
- SHA512
  
  e91043963ee37b9408b2bd65f9f043550c991d15332f994159167e2688c86a67e3a0182569daca36d7def588701e3412ce6c479dab1427b22e774ff14421ef13
- SSDEEP
  
  12288:d5xj1ZhTIZBb9sPqIFGPvIIJC8R9k2rLz6PEh:d5rTib9sPVFGPAIC83hrL+2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2