40eb70941f4687f98cb4a77f1affc25b986b2a882ed98e153e48d813a6143513 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6d49812f8cda43d356569ebd0d667e6
Size

1000KB
Sample

240319-w89npaca7x
MD5

d6d49812f8cda43d356569ebd0d667e6
SHA1

e72896d2a83ecbb304a7847c850946011359d70b
SHA256

40eb70941f4687f98cb4a77f1affc25b986b2a882ed98e153e48d813a6143513
SHA512

87aa1433f4bf9e6c1108bb81b7d831dd2a154beffcdb758ee23b1d7c64391456a0d0e7cb8332ca90f02133ebddcbedc5b97cbe84b95c017ba3dfab218b686af6
SSDEEP

24576:Sb5n+ktyVr/Ms+c6lbBv1B+5vMiqt0gj2ed:K0J/n+cqb5qOL

Score

7^/10

Malware Config

Targets

- Target
  
  d6d49812f8cda43d356569ebd0d667e6
- Size
  
  1000KB
- MD5
  
  d6d49812f8cda43d356569ebd0d667e6
- SHA1
  
  e72896d2a83ecbb304a7847c850946011359d70b
- SHA256
  
  40eb70941f4687f98cb4a77f1affc25b986b2a882ed98e153e48d813a6143513
- SHA512
  
  87aa1433f4bf9e6c1108bb81b7d831dd2a154beffcdb758ee23b1d7c64391456a0d0e7cb8332ca90f02133ebddcbedc5b97cbe84b95c017ba3dfab218b686af6
- SSDEEP
  
  24576:Sb5n+ktyVr/Ms+c6lbBv1B+5vMiqt0gj2ed:K0J/n+cqb5qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2