4beea8b3c7a45c9a7bca2626a81a2c69dbf4b5e793f7ec629fd586cfb76f5e32 | Triage

Sharing

General

Target

bd7deef93371618f3c62c2b6f983c60e
Size

506KB
Sample

240310-dfv1qaaf77
MD5

bd7deef93371618f3c62c2b6f983c60e
SHA1

9742c7dcc7570d00859fd13f34326fce597d1cb0
SHA256

4beea8b3c7a45c9a7bca2626a81a2c69dbf4b5e793f7ec629fd586cfb76f5e32
SHA512

4250a386502a2978a1d444875697ff031e36b855b12344d5ca7122b24920f380ebf5b5da56152796390947390306e2f45b8bd74899bbcf65a01b04d01817537c
SSDEEP

12288:QzGXsPJm5yf2w1oJHryAymIPMJb9/MddvoDSJguCj+cLq3olCK6hb27GV14:UGcPJm5bw1krBysFMddRXAN6hlV14

Score

7^/10

Malware Config

Targets

- Target
  
  bd7deef93371618f3c62c2b6f983c60e
- Size
  
  506KB
- MD5
  
  bd7deef93371618f3c62c2b6f983c60e
- SHA1
  
  9742c7dcc7570d00859fd13f34326fce597d1cb0
- SHA256
  
  4beea8b3c7a45c9a7bca2626a81a2c69dbf4b5e793f7ec629fd586cfb76f5e32
- SHA512
  
  4250a386502a2978a1d444875697ff031e36b855b12344d5ca7122b24920f380ebf5b5da56152796390947390306e2f45b8bd74899bbcf65a01b04d01817537c
- SSDEEP
  
  12288:QzGXsPJm5yf2w1oJHryAymIPMJb9/MddvoDSJguCj+cLq3olCK6hb27GV14:UGcPJm5bw1krBysFMddRXAN6hlV14
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2