122693d617af577512ab8fd033bba151a5be787a9fe5c66c3507c512915cd7ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb2be75a50c4a543e7e5c0280929565b
Size

506KB
Sample

240308-nvcsssfa5v
MD5

bb2be75a50c4a543e7e5c0280929565b
SHA1

f97ad30ff89b89757ebbac9fd4dd87fa3e205266
SHA256

122693d617af577512ab8fd033bba151a5be787a9fe5c66c3507c512915cd7ef
SHA512

0b1c922f2eed1fadf1a29668455ce5981f58e8c0f0602be2823f148aa49a5f04fcd3db9843741ecd7fe981ecbbda452259f16ec7b3c7298ae995e383748d754b
SSDEEP

6144:6TnNZxAibxTcSiPl1yCQHQNGeJDvEXuDmwxZfg1lr/26nXgFhY8WhcgM094K:Shxbxg9PLyCQHwGovCckt/v4Y83e

Score

7^/10

Malware Config

Targets

- Target
  
  bb2be75a50c4a543e7e5c0280929565b
- Size
  
  506KB
- MD5
  
  bb2be75a50c4a543e7e5c0280929565b
- SHA1
  
  f97ad30ff89b89757ebbac9fd4dd87fa3e205266
- SHA256
  
  122693d617af577512ab8fd033bba151a5be787a9fe5c66c3507c512915cd7ef
- SHA512
  
  0b1c922f2eed1fadf1a29668455ce5981f58e8c0f0602be2823f148aa49a5f04fcd3db9843741ecd7fe981ecbbda452259f16ec7b3c7298ae995e383748d754b
- SSDEEP
  
  6144:6TnNZxAibxTcSiPl1yCQHQNGeJDvEXuDmwxZfg1lr/26nXgFhY8WhcgM094K:Shxbxg9PLyCQHwGovCckt/v4Y83e
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2