ce5bda753b363b066b9e7b080d35b967ac5a7e2d1deab4c848aac915834d3b7e | Triage

Sharing

General

Target

a3af6aa502a99bb20ece392a42b9951d
Size

241KB
Sample

240225-nrkdgabe5x
MD5

a3af6aa502a99bb20ece392a42b9951d
SHA1

9ca59779a49ad07ca5252787f361335e5897d742
SHA256

ce5bda753b363b066b9e7b080d35b967ac5a7e2d1deab4c848aac915834d3b7e
SHA512

984fbff774f549a1416c502a97072dcb37a075f46d4dd35cc68c3ab426d43ac518e87874b2fa4da59e855d41beaa8c90b420903c206d4a488adc9b8a63d65118
SSDEEP

6144:WMTjgi/Zp2RwS/T9i0Nq+qw0c/DrrvOz8ICXFyb/59lyfSF+:WAB/uBJen8rrgxv/599+

Score

7^/10

Malware Config

Targets

- Target
  
  a3af6aa502a99bb20ece392a42b9951d
- Size
  
  241KB
- MD5
  
  a3af6aa502a99bb20ece392a42b9951d
- SHA1
  
  9ca59779a49ad07ca5252787f361335e5897d742
- SHA256
  
  ce5bda753b363b066b9e7b080d35b967ac5a7e2d1deab4c848aac915834d3b7e
- SHA512
  
  984fbff774f549a1416c502a97072dcb37a075f46d4dd35cc68c3ab426d43ac518e87874b2fa4da59e855d41beaa8c90b420903c206d4a488adc9b8a63d65118
- SSDEEP
  
  6144:WMTjgi/Zp2RwS/T9i0Nq+qw0c/DrrvOz8ICXFyb/59lyfSF+:WAB/uBJen8rrgxv/599+
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2