0b93a5820beb82ea9239aa4ce95c20ce65edce09728aa9cccaccfd22213c3d42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb15a5d095f7ba34aa4551bf71dca479
Size

506KB
Sample

240308-mznv7aeb7s
MD5

bb15a5d095f7ba34aa4551bf71dca479
SHA1

d65e4cc1e02bf52056f5eb6eb69edd1b36ba258f
SHA256

0b93a5820beb82ea9239aa4ce95c20ce65edce09728aa9cccaccfd22213c3d42
SHA512

dbcef0797c4af926a01e329712486dffaed752564c6f6775848e7c9cab6f39e325dbcfdc78fa0ef42d764ac28f87aef987e36bb44c5d42684a98156d5cd5f4ed
SSDEEP

12288:FZDRIl5wY60As7DRKlBORFPOwWUoCI8y9y7xIHcX:FhuphAs7EBORJN9C9ym2

Score

7^/10

Malware Config

Targets

- Target
  
  bb15a5d095f7ba34aa4551bf71dca479
- Size
  
  506KB
- MD5
  
  bb15a5d095f7ba34aa4551bf71dca479
- SHA1
  
  d65e4cc1e02bf52056f5eb6eb69edd1b36ba258f
- SHA256
  
  0b93a5820beb82ea9239aa4ce95c20ce65edce09728aa9cccaccfd22213c3d42
- SHA512
  
  dbcef0797c4af926a01e329712486dffaed752564c6f6775848e7c9cab6f39e325dbcfdc78fa0ef42d764ac28f87aef987e36bb44c5d42684a98156d5cd5f4ed
- SSDEEP
  
  12288:FZDRIl5wY60As7DRKlBORFPOwWUoCI8y9y7xIHcX:FhuphAs7EBORJN9C9ym2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2