7a9fa89b3c625e4c4cc8b10e6f19480cbb4e2543d40d3a42757a25cb30f06383 | Triage

Sharing

General

Target

d72536d266dd94898e3b0073a4bcd031
Size

506KB
Sample

240319-z8xwnsga57
MD5

d72536d266dd94898e3b0073a4bcd031
SHA1

0dd3dfea7d15483ef838f878050798244e6eb668
SHA256

7a9fa89b3c625e4c4cc8b10e6f19480cbb4e2543d40d3a42757a25cb30f06383
SHA512

781fd1ca3518827e68e00b426a9dc4442114b576c83f327aa280366f9c06bf228323e728ffd84182d3edf3b0250fea0f42482487f732b7fbe00ab4312e65a005
SSDEEP

12288:hVxUS4SxgVzjwJhMVu5dYJ0fzNjtzJ+nL9Djeax:3zFghUJhhd3rNZzInL9Daax

Score

7^/10

Malware Config

Targets

- Target
  
  d72536d266dd94898e3b0073a4bcd031
- Size
  
  506KB
- MD5
  
  d72536d266dd94898e3b0073a4bcd031
- SHA1
  
  0dd3dfea7d15483ef838f878050798244e6eb668
- SHA256
  
  7a9fa89b3c625e4c4cc8b10e6f19480cbb4e2543d40d3a42757a25cb30f06383
- SHA512
  
  781fd1ca3518827e68e00b426a9dc4442114b576c83f327aa280366f9c06bf228323e728ffd84182d3edf3b0250fea0f42482487f732b7fbe00ab4312e65a005
- SSDEEP
  
  12288:hVxUS4SxgVzjwJhMVu5dYJ0fzNjtzJ+nL9Djeax:3zFghUJhhd3rNZzInL9Daax
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2