General
-
Target
9c491c78b22b0877bd7f015323c1f420
-
Size
506KB
-
Sample
240214-wfeb3sab59
-
MD5
9c491c78b22b0877bd7f015323c1f420
-
SHA1
268771c26aeb7125c3ad53f6377a9d9fbdc470e4
-
SHA256
f3a8cc87a936b10f7d98d12c17451b8ac017173e481b66e5c2e8995989b6f5eb
-
SHA512
f194b2d47bb67b0aca6f9323f827519e0af3989a149f23d60e67f54f23f487b531923c709f50f6dad8ea2968b4d5019df3a67c7e7ea09f386e6cb23bde6c095a
-
SSDEEP
12288:xA7vQbloYBEt3g+LdNoPGZu1ZPtg2yo/FpbQ:xA7/sElLdUZmo/Y
Malware Config
Targets
-
-
Target
9c491c78b22b0877bd7f015323c1f420
-
Size
506KB
-
MD5
9c491c78b22b0877bd7f015323c1f420
-
SHA1
268771c26aeb7125c3ad53f6377a9d9fbdc470e4
-
SHA256
f3a8cc87a936b10f7d98d12c17451b8ac017173e481b66e5c2e8995989b6f5eb
-
SHA512
f194b2d47bb67b0aca6f9323f827519e0af3989a149f23d60e67f54f23f487b531923c709f50f6dad8ea2968b4d5019df3a67c7e7ea09f386e6cb23bde6c095a
-
SSDEEP
12288:xA7vQbloYBEt3g+LdNoPGZu1ZPtg2yo/FpbQ:xA7/sElLdUZmo/Y
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-