6e2adac86bb28b688d3498ed3cd921bfa4806fd1a21db8dc6a161c170d6e1919 | Triage

Sharing

General

Target

ac2c25da1fd17fc509806872986d3681
Size

506KB
Sample

240228-sfxxmsed7x
MD5

ac2c25da1fd17fc509806872986d3681
SHA1

a100d5b04126b3dfa53d387108f63e972b7b14a5
SHA256

6e2adac86bb28b688d3498ed3cd921bfa4806fd1a21db8dc6a161c170d6e1919
SHA512

f54392a58bbe759ab45ac92b648e97e92e10f01a6a51cea8b52df8fd5f892309ad422b9f9f8b278d8dd1b32c801e93e20c0cdf5051919b952753d40a04145d79
SSDEEP

12288:A/GrxkmeRu9zJe9r6DCKzO+yRcsao237E9LLLC2iQuGMo6:dxIOMODCcy1T23SLLZiQuQ6

Score

7^/10

Malware Config

Targets

- Target
  
  ac2c25da1fd17fc509806872986d3681
- Size
  
  506KB
- MD5
  
  ac2c25da1fd17fc509806872986d3681
- SHA1
  
  a100d5b04126b3dfa53d387108f63e972b7b14a5
- SHA256
  
  6e2adac86bb28b688d3498ed3cd921bfa4806fd1a21db8dc6a161c170d6e1919
- SHA512
  
  f54392a58bbe759ab45ac92b648e97e92e10f01a6a51cea8b52df8fd5f892309ad422b9f9f8b278d8dd1b32c801e93e20c0cdf5051919b952753d40a04145d79
- SSDEEP
  
  12288:A/GrxkmeRu9zJe9r6DCKzO+yRcsao237E9LLLC2iQuGMo6:dxIOMODCcy1T23SLLZiQuQ6
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2