7b5bddd1e583cbb13ecc44110a725eb4659b5865c38f811db05ea24315947a55 | Triage

Sharing

General

Target

ab9f77059380929311dbf6c472b474f4
Size

1000KB
Sample

240228-l37xssha45
MD5

ab9f77059380929311dbf6c472b474f4
SHA1

6572adb608dc45e2df2ae24d3029bfc2510e4cb1
SHA256

7b5bddd1e583cbb13ecc44110a725eb4659b5865c38f811db05ea24315947a55
SHA512

1257bd59dd8ccb1d34627cda429413bed20e078d91c147f22920458608049997a77f26f81b2384b7978958e84a72121a77cb715e8203b3318ea5f61390b04deb
SSDEEP

24576:x6VHn/Zb4vHA7p6GJ81B+5vMiqt0gj2ed:xWl4vOpbUqOL

Score

7^/10

Malware Config

Targets

- Target
  
  ab9f77059380929311dbf6c472b474f4
- Size
  
  1000KB
- MD5
  
  ab9f77059380929311dbf6c472b474f4
- SHA1
  
  6572adb608dc45e2df2ae24d3029bfc2510e4cb1
- SHA256
  
  7b5bddd1e583cbb13ecc44110a725eb4659b5865c38f811db05ea24315947a55
- SHA512
  
  1257bd59dd8ccb1d34627cda429413bed20e078d91c147f22920458608049997a77f26f81b2384b7978958e84a72121a77cb715e8203b3318ea5f61390b04deb
- SSDEEP
  
  24576:x6VHn/Zb4vHA7p6GJ81B+5vMiqt0gj2ed:xWl4vOpbUqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2