47b4b673df59ce67b083f8f2a0c4e62289df10928bbbc18663a0d6d73f40f108 | Triage

Sharing

General

Target

970ab9f83f9a5390cbccd73f54765c1f
Size

2.0MB
Sample

240212-nkpplsbh9y
MD5

970ab9f83f9a5390cbccd73f54765c1f
SHA1

985a8b60cac50854f9409adbf9cddcfb67fc47b7
SHA256

47b4b673df59ce67b083f8f2a0c4e62289df10928bbbc18663a0d6d73f40f108
SHA512

86124f97dc234f6b43fb2dcdd381ddb82f4a506cfe10db2734976e548e2180ca2630979c276468e8a03a139adcf2440e848f50af36e2c0105a4ba6d1530e12f4
SSDEEP

24576:k6Sx6Osgs8foxtj8LGVciJrRIgOde1B+5vMiqt0gj2e2bcwyQ6zmMuF5meRbUcYn:Jgs8Qx5+uIvdsqO0bcw6zYmLqO7

Score

7^/10

Malware Config

Targets

- Target
  
  970ab9f83f9a5390cbccd73f54765c1f
- Size
  
  2.0MB
- MD5
  
  970ab9f83f9a5390cbccd73f54765c1f
- SHA1
  
  985a8b60cac50854f9409adbf9cddcfb67fc47b7
- SHA256
  
  47b4b673df59ce67b083f8f2a0c4e62289df10928bbbc18663a0d6d73f40f108
- SHA512
  
  86124f97dc234f6b43fb2dcdd381ddb82f4a506cfe10db2734976e548e2180ca2630979c276468e8a03a139adcf2440e848f50af36e2c0105a4ba6d1530e12f4
- SSDEEP
  
  24576:k6Sx6Osgs8foxtj8LGVciJrRIgOde1B+5vMiqt0gj2e2bcwyQ6zmMuF5meRbUcYn:Jgs8Qx5+uIvdsqO0bcw6zYmLqO7
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2