8fd3705f915e8f625cfab35232ad085519684aa70d00aaa6754376e4b5f13baf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ded4fa0df0efdc77ecf3c0e30c6120b6
Size

241KB
Sample

240326-le3yyaaa61
MD5

ded4fa0df0efdc77ecf3c0e30c6120b6
SHA1

c532b843f754b62105f8563bd0d0dbd3d242c8fa
SHA256

8fd3705f915e8f625cfab35232ad085519684aa70d00aaa6754376e4b5f13baf
SHA512

b995187ed944de69702e1c60c6612d357dba73c218723e1036383338e8989d242aebc2fa88f41d591a4291b88938d0f5c66bab84f443377a018d248eb13baca5
SSDEEP

6144:Zc1SBpZRBZxzszqDfObIspG3o0Lz+hVkErdWRiE/g9TsK4p3sH:ZcEB1rxzO6OUsWLmrkMagGK4hm

Score

7^/10

Malware Config

Targets

- Target
  
  ded4fa0df0efdc77ecf3c0e30c6120b6
- Size
  
  241KB
- MD5
  
  ded4fa0df0efdc77ecf3c0e30c6120b6
- SHA1
  
  c532b843f754b62105f8563bd0d0dbd3d242c8fa
- SHA256
  
  8fd3705f915e8f625cfab35232ad085519684aa70d00aaa6754376e4b5f13baf
- SHA512
  
  b995187ed944de69702e1c60c6612d357dba73c218723e1036383338e8989d242aebc2fa88f41d591a4291b88938d0f5c66bab84f443377a018d248eb13baca5
- SSDEEP
  
  6144:Zc1SBpZRBZxzszqDfObIspG3o0Lz+hVkErdWRiE/g9TsK4p3sH:ZcEB1rxzO6OUsWLmrkMagGK4hm
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2