cadc8838c26a906f9dd9cfed178546e322f67f714d4951169482d781a07ffc98 | Triage

Sharing

General

Target

Respecialist.exe
Size

826KB
Sample

240307-q6d64scg29
MD5

bcc1f12af6334f819cac261f50fc6f3f
SHA1

68ef28761831b5ce423b174549f78843a8ffcbaa
SHA256

cadc8838c26a906f9dd9cfed178546e322f67f714d4951169482d781a07ffc98
SHA512

77512f726964cb995f830bfab6aa7fbec3b3a5b270b08d57d4a0395a570aa5c3b6b3185bce9bb6baf4ccafcd6260a2a514282ec45f65d6ab93dac7ac5cda4f4f
SSDEEP

12288:zgOiqjFiNnytiTYG8ERU8Nsb9uF/5MkQ5HOKBAUhtHuuU69E:zgYFyy4c1EdsDOSAUbPR9E

Score

7^/10

Malware Config

Targets

- Target
  
  Respecialist.exe
- Size
  
  826KB
- MD5
  
  bcc1f12af6334f819cac261f50fc6f3f
- SHA1
  
  68ef28761831b5ce423b174549f78843a8ffcbaa
- SHA256
  
  cadc8838c26a906f9dd9cfed178546e322f67f714d4951169482d781a07ffc98
- SHA512
  
  77512f726964cb995f830bfab6aa7fbec3b3a5b270b08d57d4a0395a570aa5c3b6b3185bce9bb6baf4ccafcd6260a2a514282ec45f65d6ab93dac7ac5cda4f4f
- SSDEEP
  
  12288:zgOiqjFiNnytiTYG8ERU8Nsb9uF/5MkQ5HOKBAUhtHuuU69E:zgYFyy4c1EdsDOSAUbPR9E
Score

7^/10
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4