8500d18c66d8274470567dde9dabb42cbad51aff365f5de180db5caabfe01e62 | Triage

Sharing

General

Target

d402ed7576161abcd87bc8b74f4f7cff
Size

1000KB
Sample

240318-t9l8nsea3t
MD5

d402ed7576161abcd87bc8b74f4f7cff
SHA1

b2579ea931c55d2943df8274c91f8f4c3687f0e4
SHA256

8500d18c66d8274470567dde9dabb42cbad51aff365f5de180db5caabfe01e62
SHA512

a0c4a770a7674b3a79ccd514894b61a10b29b94e307dbbe7b003b0af7ba5fab8f5938659bc01992296ebc31ea440b71494b5a46b777f3487fb9de4845d0b2089
SSDEEP

24576:7yMBGslWX1ytJkV5SUgg1B+5vMiqt0gj2ed:GMBGslQym5KqqOL

Score

7^/10

Malware Config

Targets

- Target
  
  d402ed7576161abcd87bc8b74f4f7cff
- Size
  
  1000KB
- MD5
  
  d402ed7576161abcd87bc8b74f4f7cff
- SHA1
  
  b2579ea931c55d2943df8274c91f8f4c3687f0e4
- SHA256
  
  8500d18c66d8274470567dde9dabb42cbad51aff365f5de180db5caabfe01e62
- SHA512
  
  a0c4a770a7674b3a79ccd514894b61a10b29b94e307dbbe7b003b0af7ba5fab8f5938659bc01992296ebc31ea440b71494b5a46b777f3487fb9de4845d0b2089
- SSDEEP
  
  24576:7yMBGslWX1ytJkV5SUgg1B+5vMiqt0gj2ed:GMBGslQym5KqqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2