395d8877e1ad9dc89349a67921a3ff6131a9886c0fa653b559e00aac2f8fa871 | Triage

Sharing

General

Target

9786e70c196c9fea094caf4078cd3235
Size

241KB
Sample

240212-s73bfahf6s
MD5

9786e70c196c9fea094caf4078cd3235
SHA1

c584d01b9cb0649b5664e1f6b27ab1a18ab2ad05
SHA256

395d8877e1ad9dc89349a67921a3ff6131a9886c0fa653b559e00aac2f8fa871
SHA512

14267c80b2b2c86947f52a321ba834268a1f18d7a1514383f4de87300e96940841c85809d2a00050ed056e11df9ae44adc9f962fee3757490ff7622efa5859ef
SSDEEP

3072:bZrKkF2VD2c2XdBxFVf2zYT7xrKvhalM2M5JBDW4mKdMBozSSEPjQRdIJf8JYJFS:bZr6NMnFVfrHVMalM2M5J/MB2ajYYGeu

Score

7^/10

Malware Config

Targets

- Target
  
  9786e70c196c9fea094caf4078cd3235
- Size
  
  241KB
- MD5
  
  9786e70c196c9fea094caf4078cd3235
- SHA1
  
  c584d01b9cb0649b5664e1f6b27ab1a18ab2ad05
- SHA256
  
  395d8877e1ad9dc89349a67921a3ff6131a9886c0fa653b559e00aac2f8fa871
- SHA512
  
  14267c80b2b2c86947f52a321ba834268a1f18d7a1514383f4de87300e96940841c85809d2a00050ed056e11df9ae44adc9f962fee3757490ff7622efa5859ef
- SSDEEP
  
  3072:bZrKkF2VD2c2XdBxFVf2zYT7xrKvhalM2M5JBDW4mKdMBozSSEPjQRdIJf8JYJFS:bZr6NMnFVfrHVMalM2M5J/MB2ajYYGeu
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2