010d2cfc5e602b85e69209be1a93b9142ab0ab2ff9cf665f3d0c8ee474addaa6 | Triage

Sharing

General

Target

b780d734763f06256d19cea98b595bc5
Size

1000KB
Sample

240306-qnls8sch28
MD5

b780d734763f06256d19cea98b595bc5
SHA1

028f52fc51f8271fee607d39345c3c2e71fc5814
SHA256

010d2cfc5e602b85e69209be1a93b9142ab0ab2ff9cf665f3d0c8ee474addaa6
SHA512

07d84d285983c93a728ff0531ea704f7131332707a659b8eae032f9e39d0147dff45bbd62d1577498f67cf68e21e0b8a6ffd2a23776952179f79e94eb89457f7
SSDEEP

24576:UZzkw4xgRn3GFf04OZxDsZH1B+5vMiqt0gj2ed:mkw5W904OZxQpqOL

Score

7^/10

Malware Config

Targets

- Target
  
  b780d734763f06256d19cea98b595bc5
- Size
  
  1000KB
- MD5
  
  b780d734763f06256d19cea98b595bc5
- SHA1
  
  028f52fc51f8271fee607d39345c3c2e71fc5814
- SHA256
  
  010d2cfc5e602b85e69209be1a93b9142ab0ab2ff9cf665f3d0c8ee474addaa6
- SHA512
  
  07d84d285983c93a728ff0531ea704f7131332707a659b8eae032f9e39d0147dff45bbd62d1577498f67cf68e21e0b8a6ffd2a23776952179f79e94eb89457f7
- SSDEEP
  
  24576:UZzkw4xgRn3GFf04OZxDsZH1B+5vMiqt0gj2ed:mkw5W904OZxQpqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2