eb30de221302551c1e2f820bed22c7dc2bfe6b38e54954d97c2454219f8a9f27 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac287a911cbb2a767f1b20bd63066bca
Size

1000KB
Sample

240228-sa9dgsec68
MD5

ac287a911cbb2a767f1b20bd63066bca
SHA1

c4117f3b79dbe1b67044b125e199c1de91f87c7d
SHA256

eb30de221302551c1e2f820bed22c7dc2bfe6b38e54954d97c2454219f8a9f27
SHA512

b9b884192913ce63f2857f2f5e90b95072449f5b8e0badff24164ccb9072235efee00f70a94128e35d4968a9d3003105f10f39033f012f2a0d52898a261cf6e6
SSDEEP

24576:ABLN+8LlhbP1sWwYxHyC/b/zYb1B+5vMiqt0gj2ed:ABLN+o/bP/wY7KqOL

Score

7^/10

Malware Config

Targets

- Target
  
  ac287a911cbb2a767f1b20bd63066bca
- Size
  
  1000KB
- MD5
  
  ac287a911cbb2a767f1b20bd63066bca
- SHA1
  
  c4117f3b79dbe1b67044b125e199c1de91f87c7d
- SHA256
  
  eb30de221302551c1e2f820bed22c7dc2bfe6b38e54954d97c2454219f8a9f27
- SHA512
  
  b9b884192913ce63f2857f2f5e90b95072449f5b8e0badff24164ccb9072235efee00f70a94128e35d4968a9d3003105f10f39033f012f2a0d52898a261cf6e6
- SSDEEP
  
  24576:ABLN+8LlhbP1sWwYxHyC/b/zYb1B+5vMiqt0gj2ed:ABLN+o/bP/wY7KqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2