8eb74bfc604bf83b18c8b086e13e28172424ab82de3d0a13a1fb4639df298738 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d62610ff0191e3ade483f86daa87d34f
Size

771KB
Sample

240319-pyanaacc83
MD5

d62610ff0191e3ade483f86daa87d34f
SHA1

4d323f65772a05ba60cb4bdb2d56065f154b3c63
SHA256

8eb74bfc604bf83b18c8b086e13e28172424ab82de3d0a13a1fb4639df298738
SHA512

61799a5c7352d8c763f9796f4e3df9ed48478b8d15de7ca00bfb3ad270d4f579e0cc10bb1973a232f0126d5a68f48ab9ce9c07f309475c55672c52985c1fe311
SSDEEP

24576:j8qitCzDM9qr42DlpP/EiZXyyioDQ/fUF1B+5vM0:jKODuqrvDlp3Z7icc

Score

7^/10

Malware Config

Targets

- Target
  
  d62610ff0191e3ade483f86daa87d34f
- Size
  
  771KB
- MD5
  
  d62610ff0191e3ade483f86daa87d34f
- SHA1
  
  4d323f65772a05ba60cb4bdb2d56065f154b3c63
- SHA256
  
  8eb74bfc604bf83b18c8b086e13e28172424ab82de3d0a13a1fb4639df298738
- SHA512
  
  61799a5c7352d8c763f9796f4e3df9ed48478b8d15de7ca00bfb3ad270d4f579e0cc10bb1973a232f0126d5a68f48ab9ce9c07f309475c55672c52985c1fe311
- SSDEEP
  
  24576:j8qitCzDM9qr42DlpP/EiZXyyioDQ/fUF1B+5vM0:jKODuqrvDlp3Z7icc
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2