d5a745cc3e8dee41b9c942d2f5514a9da3cef19837f465e6e6c0c6a0605f17b3 | Triage

Sharing

General

Target

a9b6a680e63b8801f372d742acc48c30
Size

1000KB
Sample

240227-vq913aeg54
MD5

a9b6a680e63b8801f372d742acc48c30
SHA1

07995d6635797dd9d1f0afeea743c5e954699219
SHA256

d5a745cc3e8dee41b9c942d2f5514a9da3cef19837f465e6e6c0c6a0605f17b3
SHA512

51e6d5122cc40e5e4290fc5212665fc1a6504949e93db7912e095b99ab42cd44c5a4ebf75050dc8ca8deb5add3fe5df56917b86edffa8f918886359cf85d60f0
SSDEEP

24576:G8zqQsqS2WYiTV5H20j6cfq/1B+5vMiqt0gj2ed:GpQmZFCqOL

Score

7^/10

Malware Config

Targets

- Target
  
  a9b6a680e63b8801f372d742acc48c30
- Size
  
  1000KB
- MD5
  
  a9b6a680e63b8801f372d742acc48c30
- SHA1
  
  07995d6635797dd9d1f0afeea743c5e954699219
- SHA256
  
  d5a745cc3e8dee41b9c942d2f5514a9da3cef19837f465e6e6c0c6a0605f17b3
- SHA512
  
  51e6d5122cc40e5e4290fc5212665fc1a6504949e93db7912e095b99ab42cd44c5a4ebf75050dc8ca8deb5add3fe5df56917b86edffa8f918886359cf85d60f0
- SSDEEP
  
  24576:G8zqQsqS2WYiTV5H20j6cfq/1B+5vMiqt0gj2ed:GpQmZFCqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2