5df3d6db668a709a3a492630fb858834d90719e95879089d235dbf9483ff0f0a | Triage

Sharing

General

Target

a1143032ba8532ff8e5fb100228ab0f5
Size

506KB
Sample

240224-gb3rjsbg4t
MD5

a1143032ba8532ff8e5fb100228ab0f5
SHA1

af144182e55e92b9a85072326e115677b5eb46ff
SHA256

5df3d6db668a709a3a492630fb858834d90719e95879089d235dbf9483ff0f0a
SHA512

d7c313f1bf4ae73afcbc5c2b52e96672c2f13269cc3452f38e1c55bc4b919586adfb6efa5d312e393160d28e59231c718f52f2e84a0ee29fe601352f096cf19b
SSDEEP

12288:wY+tOFcxNj46Eo0C6iWKv1XS2dWOIcugluiVb8v:wYqOylEo0C6ONW+oSbG

Score

7^/10

Malware Config

Targets

- Target
  
  a1143032ba8532ff8e5fb100228ab0f5
- Size
  
  506KB
- MD5
  
  a1143032ba8532ff8e5fb100228ab0f5
- SHA1
  
  af144182e55e92b9a85072326e115677b5eb46ff
- SHA256
  
  5df3d6db668a709a3a492630fb858834d90719e95879089d235dbf9483ff0f0a
- SHA512
  
  d7c313f1bf4ae73afcbc5c2b52e96672c2f13269cc3452f38e1c55bc4b919586adfb6efa5d312e393160d28e59231c718f52f2e84a0ee29fe601352f096cf19b
- SSDEEP
  
  12288:wY+tOFcxNj46Eo0C6iWKv1XS2dWOIcugluiVb8v:wYqOylEo0C6ONW+oSbG
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2