f192e89f9f4f77dff7177857b7d51f2283a1bdb7c5d3401d53552c1552d28171 | Triage

Sharing

General

Target

c3f849f61b5c680943891aa4aab2aa3d
Size

1000KB
Sample

240312-wbfz4shc33
MD5

c3f849f61b5c680943891aa4aab2aa3d
SHA1

d467951a840c03cde392ae34468968e88e1301a3
SHA256

f192e89f9f4f77dff7177857b7d51f2283a1bdb7c5d3401d53552c1552d28171
SHA512

911be1e705ad80079582c96656f74709c623f378ace8842649f43182f908e32d3a4d084397379994e3b092c5005c71403dd05a85cce23307947b79cf55bfb390
SSDEEP

24576:GK/v6V82JBzsDZ+HXvVolQoQZsis1m1wBIMHyoNYk8Cl7G/qY4Hc1AToEO1B+5vK:fv6V8azsDZ+HXvVolQo8fMm1wBIMHyMA

Score

7^/10

Malware Config

Targets

- Target
  
  c3f849f61b5c680943891aa4aab2aa3d
- Size
  
  1000KB
- MD5
  
  c3f849f61b5c680943891aa4aab2aa3d
- SHA1
  
  d467951a840c03cde392ae34468968e88e1301a3
- SHA256
  
  f192e89f9f4f77dff7177857b7d51f2283a1bdb7c5d3401d53552c1552d28171
- SHA512
  
  911be1e705ad80079582c96656f74709c623f378ace8842649f43182f908e32d3a4d084397379994e3b092c5005c71403dd05a85cce23307947b79cf55bfb390
- SSDEEP
  
  24576:GK/v6V82JBzsDZ+HXvVolQoQZsis1m1wBIMHyoNYk8Cl7G/qY4Hc1AToEO1B+5vK:fv6V8azsDZ+HXvVolQo8fMm1wBIMHyMA
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2