40e1b2179a2a33b3dd81164a3d11d29d3b00f76f060acae151233dfcc45db3d8 | Triage

Sharing

General

Target

c9a03a5585c527f53c3896a494da9a7a
Size

1000KB
Sample

240314-zzlr2shc89
MD5

c9a03a5585c527f53c3896a494da9a7a
SHA1

d67b21d86bb1a1a158133fa8b72d5346e59d08fd
SHA256

40e1b2179a2a33b3dd81164a3d11d29d3b00f76f060acae151233dfcc45db3d8
SHA512

2757abf60dd40623dd252ecc26c9b07412e9c6bcd131db9ef4f6e90c93a8b1f85b44fceb3d89a4ae93d04947d7e8543a107f649cc4d814d0667509eed2d54b16
SSDEEP

24576:S9pnisPF1SOnZR8aQ2Y+PGAvFA1B+5vMiqt0gj2ed:UiYn78anFKqOL

Score

7^/10

Malware Config

Targets

- Target
  
  c9a03a5585c527f53c3896a494da9a7a
- Size
  
  1000KB
- MD5
  
  c9a03a5585c527f53c3896a494da9a7a
- SHA1
  
  d67b21d86bb1a1a158133fa8b72d5346e59d08fd
- SHA256
  
  40e1b2179a2a33b3dd81164a3d11d29d3b00f76f060acae151233dfcc45db3d8
- SHA512
  
  2757abf60dd40623dd252ecc26c9b07412e9c6bcd131db9ef4f6e90c93a8b1f85b44fceb3d89a4ae93d04947d7e8543a107f649cc4d814d0667509eed2d54b16
- SSDEEP
  
  24576:S9pnisPF1SOnZR8aQ2Y+PGAvFA1B+5vMiqt0gj2ed:UiYn78anFKqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2