bae00b778d6cf7e8c2c7b65b6fb23a439b7ba76439108a46f936bfcb2278bbc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c870808aa7673b66364058da73fb2307
Size

506KB
Sample

240314-mxkezscd56
MD5

c870808aa7673b66364058da73fb2307
SHA1

ed65839ad8fa0948e169176144ee0ed322a02276
SHA256

bae00b778d6cf7e8c2c7b65b6fb23a439b7ba76439108a46f936bfcb2278bbc3
SHA512

e7a9a5ec5ae9ac0fe110efd4fa2c93e6743cf40442faf02892a779b95e4154059d6e165b2f611c5faaab18eecdd584be29af0c866f6b5f038281d45c6f6f5c96
SSDEEP

12288:brP5soR7JdBEzQMko7CL3gazDU0BSUcEa9JBorx:bjjtadkD0MUCcTs1

Score

7^/10

Malware Config

Targets

- Target
  
  c870808aa7673b66364058da73fb2307
- Size
  
  506KB
- MD5
  
  c870808aa7673b66364058da73fb2307
- SHA1
  
  ed65839ad8fa0948e169176144ee0ed322a02276
- SHA256
  
  bae00b778d6cf7e8c2c7b65b6fb23a439b7ba76439108a46f936bfcb2278bbc3
- SHA512
  
  e7a9a5ec5ae9ac0fe110efd4fa2c93e6743cf40442faf02892a779b95e4154059d6e165b2f611c5faaab18eecdd584be29af0c866f6b5f038281d45c6f6f5c96
- SSDEEP
  
  12288:brP5soR7JdBEzQMko7CL3gazDU0BSUcEa9JBorx:bjjtadkD0MUCcTs1
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2