3dcbb454901ec7abac12a4ccd70ae4737003269f1fb2d93a7fcb115f62f4ec95 | Triage

Sharing

General

Target

d6950de30b17788894ae91f0fc276a5a
Size

506KB
Sample

240319-tyepfsha7x
MD5

d6950de30b17788894ae91f0fc276a5a
SHA1

45e9524c62f38e6538b1504e0542ac361a07e818
SHA256

3dcbb454901ec7abac12a4ccd70ae4737003269f1fb2d93a7fcb115f62f4ec95
SHA512

a1a7f2cb73cecef6c5488fff571bcc3747ef7b09399778ef382d51c6ad0510618d99dd97d71fddbbc4290d30feadcddc26c893e68a379153af90624442cca137
SSDEEP

12288:ulSAk6QnICkx68EMzQVo2G+q2Rxp2mFcA0u9lyqZ6zTBLmVP6Dcr3eafsmZvnHTE:qSA1QbkxMMzQVo2G+q2R+he9EqZ6zTBZ

Score

7^/10

Malware Config

Targets

- Target
  
  d6950de30b17788894ae91f0fc276a5a
- Size
  
  506KB
- MD5
  
  d6950de30b17788894ae91f0fc276a5a
- SHA1
  
  45e9524c62f38e6538b1504e0542ac361a07e818
- SHA256
  
  3dcbb454901ec7abac12a4ccd70ae4737003269f1fb2d93a7fcb115f62f4ec95
- SHA512
  
  a1a7f2cb73cecef6c5488fff571bcc3747ef7b09399778ef382d51c6ad0510618d99dd97d71fddbbc4290d30feadcddc26c893e68a379153af90624442cca137
- SSDEEP
  
  12288:ulSAk6QnICkx68EMzQVo2G+q2Rxp2mFcA0u9lyqZ6zTBLmVP6Dcr3eafsmZvnHTE:qSA1QbkxMMzQVo2G+q2R+he9EqZ6zTBZ
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2