8916c62b951a6ccef33dd174f4e7fda7abaea6410a1c81634a5a9329717cc0ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7f34d0e879c013e4606057c54679e51
Size

241KB
Sample

240306-vwtk9sec6y
MD5

b7f34d0e879c013e4606057c54679e51
SHA1

92f1b50714664c9a70775a725c7dc58ad6524ada
SHA256

8916c62b951a6ccef33dd174f4e7fda7abaea6410a1c81634a5a9329717cc0ae
SHA512

c2da0548ae02d9eae9adaf0049ae728d4cc7673599465ce0de7e495c4e3cbe61468058fb3b9133b13e8f3f54c1f62fe84bac2980cff66cae6cd3b689083beb0c
SSDEEP

6144:Ap2IDajQoxfTOpt7RmVX4aOn+NoL1o3szw9PoryjhYwVMk115:Ap2IW8mK37SX4QqCsz+kWhRM2T

Score

7^/10

Malware Config

Targets

- Target
  
  b7f34d0e879c013e4606057c54679e51
- Size
  
  241KB
- MD5
  
  b7f34d0e879c013e4606057c54679e51
- SHA1
  
  92f1b50714664c9a70775a725c7dc58ad6524ada
- SHA256
  
  8916c62b951a6ccef33dd174f4e7fda7abaea6410a1c81634a5a9329717cc0ae
- SHA512
  
  c2da0548ae02d9eae9adaf0049ae728d4cc7673599465ce0de7e495c4e3cbe61468058fb3b9133b13e8f3f54c1f62fe84bac2980cff66cae6cd3b689083beb0c
- SSDEEP
  
  6144:Ap2IDajQoxfTOpt7RmVX4aOn+NoL1o3szw9PoryjhYwVMk115:Ap2IW8mK37SX4QqCsz+kWhRM2T
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2