3e6ddf8ad6a9c16f7172737ea1f70108aaa5cb984ff37876d446872df8fed6dc | Triage

Sharing

General

Target

9c08c21638b683c04872f3c98793b244
Size

506KB
Sample

240214-sxm4rsfd52
MD5

9c08c21638b683c04872f3c98793b244
SHA1

4102bf61426a1efd00238fda1d5fdb5bd868b3dd
SHA256

3e6ddf8ad6a9c16f7172737ea1f70108aaa5cb984ff37876d446872df8fed6dc
SHA512

976781328850e7520d5ef01e1a1ea8d7433ad0d4d680e22580c5a1f26fd9bdadc301d33ec748d47f35e8fb78a0dc9f99ba61c239d877aab04e1bbc692cbe1155
SSDEEP

12288:WguUmdkxnxqD3d4anhDo0+E39eWjLlJ3aFS:WguUckG3dzo0XlpaE

Score

7^/10

Malware Config

Targets

- Target
  
  9c08c21638b683c04872f3c98793b244
- Size
  
  506KB
- MD5
  
  9c08c21638b683c04872f3c98793b244
- SHA1
  
  4102bf61426a1efd00238fda1d5fdb5bd868b3dd
- SHA256
  
  3e6ddf8ad6a9c16f7172737ea1f70108aaa5cb984ff37876d446872df8fed6dc
- SHA512
  
  976781328850e7520d5ef01e1a1ea8d7433ad0d4d680e22580c5a1f26fd9bdadc301d33ec748d47f35e8fb78a0dc9f99ba61c239d877aab04e1bbc692cbe1155
- SSDEEP
  
  12288:WguUmdkxnxqD3d4anhDo0+E39eWjLlJ3aFS:WguUckG3dzo0XlpaE
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2