191d1fd31f305fe034dd6d2db9e0c043941b61bd245695c5807836714f426e11 | Triage

Sharing

General

Target

b9b80f428c5cfacd69c312236625987a
Size

1000KB
Sample

240307-1hbq7afe6s
MD5

b9b80f428c5cfacd69c312236625987a
SHA1

db845a20bddedd2491afb28b0d57ef76a7f4d7ac
SHA256

191d1fd31f305fe034dd6d2db9e0c043941b61bd245695c5807836714f426e11
SHA512

89942306f3a879f53cd8422faa07f9a37382382a48079aad5dab1bb2297d089b978020f113e03a12ee1bec8a119ce0a9fb7dd4615584ee452b3738c708e7d6f3
SSDEEP

24576:f0J3S506S1vPSY2ukZ1B+5vMiqt0gj2ed:+k03YYdkFqOL

Score

7^/10

Malware Config

Targets

- Target
  
  b9b80f428c5cfacd69c312236625987a
- Size
  
  1000KB
- MD5
  
  b9b80f428c5cfacd69c312236625987a
- SHA1
  
  db845a20bddedd2491afb28b0d57ef76a7f4d7ac
- SHA256
  
  191d1fd31f305fe034dd6d2db9e0c043941b61bd245695c5807836714f426e11
- SHA512
  
  89942306f3a879f53cd8422faa07f9a37382382a48079aad5dab1bb2297d089b978020f113e03a12ee1bec8a119ce0a9fb7dd4615584ee452b3738c708e7d6f3
- SSDEEP
  
  24576:f0J3S506S1vPSY2ukZ1B+5vMiqt0gj2ed:+k03YYdkFqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2