e205685449dfcbdc2b5128a68c86f8272b46bcf6f649088269c790ac008fa803 | Triage

Sharing

General

Target

a468ec4d10506f7ec7adbc4eacf9d347
Size

506KB
Sample

240225-wfc41sad31
MD5

a468ec4d10506f7ec7adbc4eacf9d347
SHA1

c6d05cb4b093391565b215bcc0e3e2dc276bd243
SHA256

e205685449dfcbdc2b5128a68c86f8272b46bcf6f649088269c790ac008fa803
SHA512

bcb41a67fafb0927cfb548d3e03c2619f72b3f5ac407dac63f66f325c39fb0a48a25bdd6b93bb0d771a1a6dacce1092629d6ff9425363f4916d9ebb1c9fd9f60
SSDEEP

12288:Mtt5uXEFXORcnqnKVpQYP/9GGo3jWBMFGVqrM8z7s1uA:kXORcnJVIzHGqY83s

Score

7^/10

Malware Config

Targets

- Target
  
  a468ec4d10506f7ec7adbc4eacf9d347
- Size
  
  506KB
- MD5
  
  a468ec4d10506f7ec7adbc4eacf9d347
- SHA1
  
  c6d05cb4b093391565b215bcc0e3e2dc276bd243
- SHA256
  
  e205685449dfcbdc2b5128a68c86f8272b46bcf6f649088269c790ac008fa803
- SHA512
  
  bcb41a67fafb0927cfb548d3e03c2619f72b3f5ac407dac63f66f325c39fb0a48a25bdd6b93bb0d771a1a6dacce1092629d6ff9425363f4916d9ebb1c9fd9f60
- SSDEEP
  
  12288:Mtt5uXEFXORcnqnKVpQYP/9GGo3jWBMFGVqrM8z7s1uA:kXORcnJVIzHGqY83s
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2