c8b8820bd52819a9d48f273b0fdb377bea60a453f6a4f4c93cfa7f68064285f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a30f1d56d1658779217014b86e77ec96
Size

1000KB
Sample

240225-gqphgadd22
MD5

a30f1d56d1658779217014b86e77ec96
SHA1

61a435a1a3c522dc25df6dec8156e5e247cc5f01
SHA256

c8b8820bd52819a9d48f273b0fdb377bea60a453f6a4f4c93cfa7f68064285f6
SHA512

84ad4dee99123c81262ede437329c68a014a0157d3ce9fb025d888c8a38cbbffc7326e7c6cee5c6d50dd7379b843780f7f7f2a8a9c97a17cc4f440dec8dbbc3e
SSDEEP

24576:wP6TXbB7sIf/p/ggyF1B+5vMiqt0gj2ed:wPuXVgI3p/ggoqOL

Score

7^/10

Malware Config

Targets

- Target
  
  a30f1d56d1658779217014b86e77ec96
- Size
  
  1000KB
- MD5
  
  a30f1d56d1658779217014b86e77ec96
- SHA1
  
  61a435a1a3c522dc25df6dec8156e5e247cc5f01
- SHA256
  
  c8b8820bd52819a9d48f273b0fdb377bea60a453f6a4f4c93cfa7f68064285f6
- SHA512
  
  84ad4dee99123c81262ede437329c68a014a0157d3ce9fb025d888c8a38cbbffc7326e7c6cee5c6d50dd7379b843780f7f7f2a8a9c97a17cc4f440dec8dbbc3e
- SSDEEP
  
  24576:wP6TXbB7sIf/p/ggyF1B+5vMiqt0gj2ed:wPuXVgI3p/ggoqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2