888929489070752bc17d03c220613359c3bbab136cc0783573eab6b833c8b7b6 | Triage

Sharing

General

Target

c3667fa86eb30567dfd5c7d3b180cee9
Size

1000KB
Sample

240312-pymmvabb27
MD5

c3667fa86eb30567dfd5c7d3b180cee9
SHA1

faa4f29753f20f378df2d87a857f1188e9c6f6eb
SHA256

888929489070752bc17d03c220613359c3bbab136cc0783573eab6b833c8b7b6
SHA512

3a66f824125d285a4cbe406166edc5df50ba504b05ffb24d8033e640e874437170edeaa9fe0db762bb5f92de5d24688131517a2a0c99b3a1c3d605dcfd8b88e7
SSDEEP

24576:4ZTk53guBBJZ6yfdVmu8XsTV/1B+5vMiqt0gj2ed:4Z4jXeyV4XCxqOL

Score

7^/10

Malware Config

Targets

- Target
  
  c3667fa86eb30567dfd5c7d3b180cee9
- Size
  
  1000KB
- MD5
  
  c3667fa86eb30567dfd5c7d3b180cee9
- SHA1
  
  faa4f29753f20f378df2d87a857f1188e9c6f6eb
- SHA256
  
  888929489070752bc17d03c220613359c3bbab136cc0783573eab6b833c8b7b6
- SHA512
  
  3a66f824125d285a4cbe406166edc5df50ba504b05ffb24d8033e640e874437170edeaa9fe0db762bb5f92de5d24688131517a2a0c99b3a1c3d605dcfd8b88e7
- SSDEEP
  
  24576:4ZTk53guBBJZ6yfdVmu8XsTV/1B+5vMiqt0gj2ed:4Z4jXeyV4XCxqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2