d59d6207992e6c2bfd99891716af29bcd2dd9cd50cea8414e19b6132b4eb45ed | Triage

Sharing

General

Target

c89ddc52871f2eb039bc71ea74054dca
Size

1000KB
Sample

240314-pnsq4sca4w
MD5

c89ddc52871f2eb039bc71ea74054dca
SHA1

b0dc0636bbdf37bb23e195e191901270a0701187
SHA256

d59d6207992e6c2bfd99891716af29bcd2dd9cd50cea8414e19b6132b4eb45ed
SHA512

517507dab9dcb81b1cb449ad7f88723a23817dd2c5df2db3637aff0392623f8c77123d046760ddc55244eabef9a133408a1420f87e574e50dfcafec2d2656239
SSDEEP

24576:GCSB73oW1YURzgCVQZbOFjcH1B+5vMiqt0gj2ed:EB0W1fBV4KFjc3qOL

Score

7^/10

Malware Config

Targets

- Target
  
  c89ddc52871f2eb039bc71ea74054dca
- Size
  
  1000KB
- MD5
  
  c89ddc52871f2eb039bc71ea74054dca
- SHA1
  
  b0dc0636bbdf37bb23e195e191901270a0701187
- SHA256
  
  d59d6207992e6c2bfd99891716af29bcd2dd9cd50cea8414e19b6132b4eb45ed
- SHA512
  
  517507dab9dcb81b1cb449ad7f88723a23817dd2c5df2db3637aff0392623f8c77123d046760ddc55244eabef9a133408a1420f87e574e50dfcafec2d2656239
- SSDEEP
  
  24576:GCSB73oW1YURzgCVQZbOFjcH1B+5vMiqt0gj2ed:EB0W1fBV4KFjc3qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2