92c0f3125f236eccb65dd646740570cadca818aa8e2a41f3a5b033e005b56aed | Triage

Sharing

General

Target

aa76be02c81cf95f9d0ca7323f76b2ad
Size

506KB
Sample

240227-3tw8daee71
MD5

aa76be02c81cf95f9d0ca7323f76b2ad
SHA1

cd4bbf6ffb47754a4bcf8acb4fa91105ac617f33
SHA256

92c0f3125f236eccb65dd646740570cadca818aa8e2a41f3a5b033e005b56aed
SHA512

fa17f906c263041889318de1994d6c0757db377659583c07042b7a49b52d7328156abbde086e95fee0e90fcff8a4676e45c53d6efa7dccbca265d1a1d413608c
SSDEEP

12288:2Nry6QZQwsLfmF1B3oWN32W4w4Ye6FBks:2ryZs7qB4K2W4rYe6FBks

Score

7^/10

Malware Config

Targets

- Target
  
  aa76be02c81cf95f9d0ca7323f76b2ad
- Size
  
  506KB
- MD5
  
  aa76be02c81cf95f9d0ca7323f76b2ad
- SHA1
  
  cd4bbf6ffb47754a4bcf8acb4fa91105ac617f33
- SHA256
  
  92c0f3125f236eccb65dd646740570cadca818aa8e2a41f3a5b033e005b56aed
- SHA512
  
  fa17f906c263041889318de1994d6c0757db377659583c07042b7a49b52d7328156abbde086e95fee0e90fcff8a4676e45c53d6efa7dccbca265d1a1d413608c
- SSDEEP
  
  12288:2Nry6QZQwsLfmF1B3oWN32W4w4Ye6FBks:2ryZs7qB4K2W4rYe6FBks
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2