892a98fefda29ac9c3e350844b70fdfceecd282032e35e453c9cbfda08769aad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2e6918e04d1d611b7076616fce7a4af
Size

506KB
Sample

240312-j9s14sed99
MD5

c2e6918e04d1d611b7076616fce7a4af
SHA1

4893b71c985e389d6779cceb32b965f7a51287a2
SHA256

892a98fefda29ac9c3e350844b70fdfceecd282032e35e453c9cbfda08769aad
SHA512

024d897dd51a3c58066f1e78c82f8168dd916cd86a8ffda1c828561ea666f23329f60911a5a5fce901a14f9746f687cecb04b01956995858a2155608b67a73bf
SSDEEP

12288:/F4fgf/0SH6pbwz+j2hBxWVQCGjPb7IS21HuhyZfs/uMu:/Ff/0SHaj2TCQCGjoS2RfTMu

Score

7^/10

Malware Config

Targets

- Target
  
  c2e6918e04d1d611b7076616fce7a4af
- Size
  
  506KB
- MD5
  
  c2e6918e04d1d611b7076616fce7a4af
- SHA1
  
  4893b71c985e389d6779cceb32b965f7a51287a2
- SHA256
  
  892a98fefda29ac9c3e350844b70fdfceecd282032e35e453c9cbfda08769aad
- SHA512
  
  024d897dd51a3c58066f1e78c82f8168dd916cd86a8ffda1c828561ea666f23329f60911a5a5fce901a14f9746f687cecb04b01956995858a2155608b67a73bf
- SSDEEP
  
  12288:/F4fgf/0SH6pbwz+j2hBxWVQCGjPb7IS21HuhyZfs/uMu:/Ff/0SHaj2TCQCGjoS2RfTMu
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2