8f390ad5f6ebbc03cfd4810fcff60605b63f2c96b0dbec0b1cf9cbe05fa93673 | Triage

Sharing

General

Target

a26f20c9cd29e95483b6ef09b803e06a
Size

1000KB
Sample

240224-wynngaaf58
MD5

a26f20c9cd29e95483b6ef09b803e06a
SHA1

89c13534db06efa0b702835f43652b23e1db1fd8
SHA256

8f390ad5f6ebbc03cfd4810fcff60605b63f2c96b0dbec0b1cf9cbe05fa93673
SHA512

63ca630e1c3a38e57abe314c3281a0dee310fa5203eeb5850e815a751982ca414a029ad15a68863717ddc5ae7636f6af8ff6e2a3545a38a89fdf1e895697ffc4
SSDEEP

24576:3b2AW9Icck/sVDtC2NR1B+5vMiqt0gj2ed:L2AWOk/sVDtRtqOL

Score

7^/10

Malware Config

Targets

- Target
  
  a26f20c9cd29e95483b6ef09b803e06a
- Size
  
  1000KB
- MD5
  
  a26f20c9cd29e95483b6ef09b803e06a
- SHA1
  
  89c13534db06efa0b702835f43652b23e1db1fd8
- SHA256
  
  8f390ad5f6ebbc03cfd4810fcff60605b63f2c96b0dbec0b1cf9cbe05fa93673
- SHA512
  
  63ca630e1c3a38e57abe314c3281a0dee310fa5203eeb5850e815a751982ca414a029ad15a68863717ddc5ae7636f6af8ff6e2a3545a38a89fdf1e895697ffc4
- SSDEEP
  
  24576:3b2AW9Icck/sVDtC2NR1B+5vMiqt0gj2ed:L2AWOk/sVDtRtqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2