64266c0bcfd7e910be716ff3997b3e4d75863ebbfb6e82347960776a5bd495a7 | Triage

Sharing

General

Target

c363c953ad30be020a31fbe0b5b75de9
Size

506KB
Sample

240312-ptcl3sah44
MD5

c363c953ad30be020a31fbe0b5b75de9
SHA1

17ecae61981c08f6e5a61f1f5a35e783c32e771e
SHA256

64266c0bcfd7e910be716ff3997b3e4d75863ebbfb6e82347960776a5bd495a7
SHA512

f236fa5633ec9a1c423e594b6168f6d900772ac7dfebfffca044567c5eb13f9c082ae141149fddc16b45429224147dc42142434848707d1c50c544165a5d76f5
SSDEEP

12288:Ix/0d2JjlJzGVDPBYCq8WODLv2jT+c6OODH4I:Ix/m2RlQVD5QKLvX4I

Score

7^/10

Malware Config

Targets

- Target
  
  c363c953ad30be020a31fbe0b5b75de9
- Size
  
  506KB
- MD5
  
  c363c953ad30be020a31fbe0b5b75de9
- SHA1
  
  17ecae61981c08f6e5a61f1f5a35e783c32e771e
- SHA256
  
  64266c0bcfd7e910be716ff3997b3e4d75863ebbfb6e82347960776a5bd495a7
- SHA512
  
  f236fa5633ec9a1c423e594b6168f6d900772ac7dfebfffca044567c5eb13f9c082ae141149fddc16b45429224147dc42142434848707d1c50c544165a5d76f5
- SSDEEP
  
  12288:Ix/0d2JjlJzGVDPBYCq8WODLv2jT+c6OODH4I:Ix/m2RlQVD5QKLvX4I
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2