3906dfac1e06177813649f2fd6a2f5d2102b79db1264b284fa61e79b3829860b | Triage

Sharing

General

Target

cdd0edc67729b05d92d7db1604aef877
Size

1000KB
Sample

240316-mgp1jaha7y
MD5

cdd0edc67729b05d92d7db1604aef877
SHA1

1578ac0e606e323b09573843eb002e53f8bab7c8
SHA256

3906dfac1e06177813649f2fd6a2f5d2102b79db1264b284fa61e79b3829860b
SHA512

f5a0746eb00e1ceb47d3d5ed9159fbd36611021c71eaad319520f9042705b4af81960aecc4bb5fda077e5a01f0495a8b1db8057854753fa4ad7a3fc8390a19c3
SSDEEP

24576:0fvBOCghNbmgHv2oa4jADC5O1B+5vMiqt0gj2ed:0xOCglv2WjADVqOL

Score

7^/10

Malware Config

Targets

- Target
  
  cdd0edc67729b05d92d7db1604aef877
- Size
  
  1000KB
- MD5
  
  cdd0edc67729b05d92d7db1604aef877
- SHA1
  
  1578ac0e606e323b09573843eb002e53f8bab7c8
- SHA256
  
  3906dfac1e06177813649f2fd6a2f5d2102b79db1264b284fa61e79b3829860b
- SHA512
  
  f5a0746eb00e1ceb47d3d5ed9159fbd36611021c71eaad319520f9042705b4af81960aecc4bb5fda077e5a01f0495a8b1db8057854753fa4ad7a3fc8390a19c3
- SSDEEP
  
  24576:0fvBOCghNbmgHv2oa4jADC5O1B+5vMiqt0gj2ed:0xOCglv2WjADVqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2