ade7fa0b646459ebf7b863d4ff58970f60cf40434fa05932713fb85dc13eb049 | Triage

Sharing

General

Target

bb7b963071ef3e6d3abb74078ef964b7
Size

1000KB
Sample

240308-rn1g3aaa9t
MD5

bb7b963071ef3e6d3abb74078ef964b7
SHA1

73b05b38ff0ce1dbe7537b899e868833c12799df
SHA256

ade7fa0b646459ebf7b863d4ff58970f60cf40434fa05932713fb85dc13eb049
SHA512

77a1a45284d5035c01bed02b899802dcb4f5894e7b57e0f1385d708aa7c6230da512136cf2e9d15a2360e7dc4bf6938cdf67a2365949a14e2e24e53de3852ef0
SSDEEP

24576:yQTIlI1cAKUvJ6sZokKBx/wCtli1B+5vMiqt0gj2ed:Ql+PKYBorIqCqOL

Score

7^/10

Malware Config

Targets

- Target
  
  bb7b963071ef3e6d3abb74078ef964b7
- Size
  
  1000KB
- MD5
  
  bb7b963071ef3e6d3abb74078ef964b7
- SHA1
  
  73b05b38ff0ce1dbe7537b899e868833c12799df
- SHA256
  
  ade7fa0b646459ebf7b863d4ff58970f60cf40434fa05932713fb85dc13eb049
- SHA512
  
  77a1a45284d5035c01bed02b899802dcb4f5894e7b57e0f1385d708aa7c6230da512136cf2e9d15a2360e7dc4bf6938cdf67a2365949a14e2e24e53de3852ef0
- SSDEEP
  
  24576:yQTIlI1cAKUvJ6sZokKBx/wCtli1B+5vMiqt0gj2ed:Ql+PKYBorIqCqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2