7b0e6677c380db79e30a8d2c658424e2b5d7104f05c4465b6c98f772e9d514f3 | Triage

Sharing

General

Target

bed1366b4384c6cb82e23b25cf687d16
Size

506KB
Sample

240310-rlc9raec47
MD5

bed1366b4384c6cb82e23b25cf687d16
SHA1

04fb4a022440efe44bcd47e413d5554e1ea9e038
SHA256

7b0e6677c380db79e30a8d2c658424e2b5d7104f05c4465b6c98f772e9d514f3
SHA512

24bd466a8dc902ca930d304a5d8c2cc0770f7d4ab848987e4fe42dae0cbbf284b8d59e60c3cc16769f164195cc55e92a8fff51188a1a57872d12f17df8a60fae
SSDEEP

12288:QvZUMqaR47sQ3V0qDLGinvFQpf9ZpvhkdA2Bd+Sy:QT2sQ3hDiiYpv2dQ

Score

7^/10

Malware Config

Targets

- Target
  
  bed1366b4384c6cb82e23b25cf687d16
- Size
  
  506KB
- MD5
  
  bed1366b4384c6cb82e23b25cf687d16
- SHA1
  
  04fb4a022440efe44bcd47e413d5554e1ea9e038
- SHA256
  
  7b0e6677c380db79e30a8d2c658424e2b5d7104f05c4465b6c98f772e9d514f3
- SHA512
  
  24bd466a8dc902ca930d304a5d8c2cc0770f7d4ab848987e4fe42dae0cbbf284b8d59e60c3cc16769f164195cc55e92a8fff51188a1a57872d12f17df8a60fae
- SSDEEP
  
  12288:QvZUMqaR47sQ3V0qDLGinvFQpf9ZpvhkdA2Bd+Sy:QT2sQ3hDiiYpv2dQ
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2