11bc700b26b09c06b0d4317e4e8d0c26a5ca16834480c0ecf6a4f164ef7f88c6 | Triage

Sharing

General

Target

b84c1bcdfc54998b268bf88a240ef7b7
Size

1000KB
Sample

240306-1xe26aaf93
MD5

b84c1bcdfc54998b268bf88a240ef7b7
SHA1

7fb2603c8dc973af6c279b766c563ace934f9650
SHA256

11bc700b26b09c06b0d4317e4e8d0c26a5ca16834480c0ecf6a4f164ef7f88c6
SHA512

8646244c8987cbc14606cac589edf286216362230b8e1a8bb162477285544b46faea3107a024939e793815a8d78346e34f739d474482314e24aa247e11b581d3
SSDEEP

24576:M+sLP/2wz52q+ia/Z0/9OJ31B+5vMiqt0gj2ed:y/tuZ49OHqOL

Score

7^/10

Malware Config

Targets

- Target
  
  b84c1bcdfc54998b268bf88a240ef7b7
- Size
  
  1000KB
- MD5
  
  b84c1bcdfc54998b268bf88a240ef7b7
- SHA1
  
  7fb2603c8dc973af6c279b766c563ace934f9650
- SHA256
  
  11bc700b26b09c06b0d4317e4e8d0c26a5ca16834480c0ecf6a4f164ef7f88c6
- SHA512
  
  8646244c8987cbc14606cac589edf286216362230b8e1a8bb162477285544b46faea3107a024939e793815a8d78346e34f739d474482314e24aa247e11b581d3
- SSDEEP
  
  24576:M+sLP/2wz52q+ia/Z0/9OJ31B+5vMiqt0gj2ed:y/tuZ49OHqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2