c2ea28d4742e4c7822dfbbb7f23e06a28668170acd087cc42884dd3faf70197d | Triage

Sharing

General

Target

d573280a91aa6e8669a50f791872f618
Size

506KB
Sample

240319-hdtgbsdc9v
MD5

d573280a91aa6e8669a50f791872f618
SHA1

1e2817bf222b61290e537513c6558d64cc83abea
SHA256

c2ea28d4742e4c7822dfbbb7f23e06a28668170acd087cc42884dd3faf70197d
SHA512

3eb1b7d49a869cd47d710f82eb1f826e934b8f0bc9093d1808f1c088ab7c02f6a044e037da420115f4701f0323488679cca3a3562dd1b05ce2c3892855c83445
SSDEEP

12288:TypxH5YHafmLFuLhiKtPeqGaRGrH7Ryc5lM6/DjDJ0GbnX:TypPY6fMMiKtPaaRs7Uck6dTbnX

Score

7^/10

Malware Config

Targets

- Target
  
  d573280a91aa6e8669a50f791872f618
- Size
  
  506KB
- MD5
  
  d573280a91aa6e8669a50f791872f618
- SHA1
  
  1e2817bf222b61290e537513c6558d64cc83abea
- SHA256
  
  c2ea28d4742e4c7822dfbbb7f23e06a28668170acd087cc42884dd3faf70197d
- SHA512
  
  3eb1b7d49a869cd47d710f82eb1f826e934b8f0bc9093d1808f1c088ab7c02f6a044e037da420115f4701f0323488679cca3a3562dd1b05ce2c3892855c83445
- SSDEEP
  
  12288:TypxH5YHafmLFuLhiKtPeqGaRGrH7Ryc5lM6/DjDJ0GbnX:TypPY6fMMiKtPaaRs7Uck6dTbnX
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2