10025ab367879213268318d16fbeadbdf18c04a22e3f54646b93e48e2c9e4c10 | Triage

Sharing

General

Target

c9f16d098a3c48c0a077fc80029f699a
Size

1000KB
Sample

240314-3tsvysba2t
MD5

c9f16d098a3c48c0a077fc80029f699a
SHA1

9b9c7bae554bb4b1ed6f33c0aed1682786944206
SHA256

10025ab367879213268318d16fbeadbdf18c04a22e3f54646b93e48e2c9e4c10
SHA512

c27bc226effc3d910aacb6d3923f03acfdd20f59af6901975e8ca9053b06101f3449990a6b0b55c852ab4db671afff35aeae93626566b4de2a441ded7a8c47ec
SSDEEP

24576:A4eqycHbAx7sHYoxtxH5upaNV1B+5vMiqt0gj2ed:9ef7sHYoxru8qOL

Score

7^/10

Malware Config

Targets

- Target
  
  c9f16d098a3c48c0a077fc80029f699a
- Size
  
  1000KB
- MD5
  
  c9f16d098a3c48c0a077fc80029f699a
- SHA1
  
  9b9c7bae554bb4b1ed6f33c0aed1682786944206
- SHA256
  
  10025ab367879213268318d16fbeadbdf18c04a22e3f54646b93e48e2c9e4c10
- SHA512
  
  c27bc226effc3d910aacb6d3923f03acfdd20f59af6901975e8ca9053b06101f3449990a6b0b55c852ab4db671afff35aeae93626566b4de2a441ded7a8c47ec
- SSDEEP
  
  24576:A4eqycHbAx7sHYoxtxH5upaNV1B+5vMiqt0gj2ed:9ef7sHYoxru8qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2