7d1d3ecfd57defb7de5e8e35424268874a5981814070366b35c164385658c8b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba63ac3a409b1ded61b8c723e0f28f21
Size

241KB
Sample

240308-dx8m5sfb5w
MD5

ba63ac3a409b1ded61b8c723e0f28f21
SHA1

b1fa398f91527062ec5ec83a79ad21978ce66c70
SHA256

7d1d3ecfd57defb7de5e8e35424268874a5981814070366b35c164385658c8b7
SHA512

ed13b336bcdd6854fdc2386b0f64c41a99383b7302defcffd10788f03e4858aeca0075d91a2c6df0bb9f7bec1f28c65527b9728043f870b799175e3e142c8d2c
SSDEEP

6144:PJ6Sxr7gnlzPBsIzpnh1r1QHuXcw6mugH:P7r7oBHpfNMwj

Score

7^/10

Malware Config

Targets

- Target
  
  ba63ac3a409b1ded61b8c723e0f28f21
- Size
  
  241KB
- MD5
  
  ba63ac3a409b1ded61b8c723e0f28f21
- SHA1
  
  b1fa398f91527062ec5ec83a79ad21978ce66c70
- SHA256
  
  7d1d3ecfd57defb7de5e8e35424268874a5981814070366b35c164385658c8b7
- SHA512
  
  ed13b336bcdd6854fdc2386b0f64c41a99383b7302defcffd10788f03e4858aeca0075d91a2c6df0bb9f7bec1f28c65527b9728043f870b799175e3e142c8d2c
- SSDEEP
  
  6144:PJ6Sxr7gnlzPBsIzpnh1r1QHuXcw6mugH:P7r7oBHpfNMwj
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2