4e19a40730603f320791276e223bff078d6a0102f8e57a14a9cfa8a4c071221f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d650789d2908031fe4eaf486fb62c554
Size

506KB
Sample

240319-rh5jtsef4z
MD5

d650789d2908031fe4eaf486fb62c554
SHA1

ab9c8204032550f569253ee436bde20cd1714da2
SHA256

4e19a40730603f320791276e223bff078d6a0102f8e57a14a9cfa8a4c071221f
SHA512

210a7e399800a8f34908509aaaa8ec86fa1332189cfed60846f40391daa303744539b40b79b96ad30cb89982908aa3e779bdd93e1cd1a61040a2511e1808a09b
SSDEEP

12288:76VCTc6144GTqR/dm043FXlbiL20HZk0VfkeqL:qrc44GOR/o043FgXHdkzL

Score

7^/10

Malware Config

Targets

- Target
  
  d650789d2908031fe4eaf486fb62c554
- Size
  
  506KB
- MD5
  
  d650789d2908031fe4eaf486fb62c554
- SHA1
  
  ab9c8204032550f569253ee436bde20cd1714da2
- SHA256
  
  4e19a40730603f320791276e223bff078d6a0102f8e57a14a9cfa8a4c071221f
- SHA512
  
  210a7e399800a8f34908509aaaa8ec86fa1332189cfed60846f40391daa303744539b40b79b96ad30cb89982908aa3e779bdd93e1cd1a61040a2511e1808a09b
- SSDEEP
  
  12288:76VCTc6144GTqR/dm043FXlbiL20HZk0VfkeqL:qrc44GOR/o043FgXHdkzL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2