ba682ab44d39cc7369b2a053f20204a24c0af3fa540a0d9fa4cad73442b02528 | Triage

Sharing

General

Target

ae32adaf957d405dc5b56ffd97ff3c6b
Size

506KB
Sample

240229-lnzymsdd45
MD5

ae32adaf957d405dc5b56ffd97ff3c6b
SHA1

dc4059f95fa3ae58f2c820a19d222afd8bfab472
SHA256

ba682ab44d39cc7369b2a053f20204a24c0af3fa540a0d9fa4cad73442b02528
SHA512

a64325fe387a15368e9f4844f507b7297f58526551cf9757d361e8a6e83d3c5899d66a54b5f9d9ac75d7f2c45737678879e6a645c1577a71a9d67f149349eec0
SSDEEP

12288:v2/LbqYsmso5GAaNU6W1L7lY35isCLg22kN14TV6LXKdSQcC0BTQu:8fqqgtOg2Og4Dc7B0u

Score

7^/10

Malware Config

Targets

- Target
  
  ae32adaf957d405dc5b56ffd97ff3c6b
- Size
  
  506KB
- MD5
  
  ae32adaf957d405dc5b56ffd97ff3c6b
- SHA1
  
  dc4059f95fa3ae58f2c820a19d222afd8bfab472
- SHA256
  
  ba682ab44d39cc7369b2a053f20204a24c0af3fa540a0d9fa4cad73442b02528
- SHA512
  
  a64325fe387a15368e9f4844f507b7297f58526551cf9757d361e8a6e83d3c5899d66a54b5f9d9ac75d7f2c45737678879e6a645c1577a71a9d67f149349eec0
- SSDEEP
  
  12288:v2/LbqYsmso5GAaNU6W1L7lY35isCLg22kN14TV6LXKdSQcC0BTQu:8fqqgtOg2Og4Dc7B0u
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2