ba262064bdf7e217bea69341bdafcc7b394de08ae72c4fb4ed317542089a17e6 | Triage

Sharing

General

Target

e144712121b25abba6de9e1d100539a2
Size

1000KB
Sample

240327-kr4wbsbh2s
MD5

e144712121b25abba6de9e1d100539a2
SHA1

4c83b7a40caac2c1d7ca746b194c35afe83e6ba4
SHA256

ba262064bdf7e217bea69341bdafcc7b394de08ae72c4fb4ed317542089a17e6
SHA512

34a2e9dfb8a8b9c8632ed9a40a9b42cda9ed21335adc46e2ff5676a656fb8565da3fb8845825ff61526c75b600d3a79393d63774be454183807ca407bc07b291
SSDEEP

24576:m3qGd8A0PCT9AI0k6waD1B+5vMiqt0gj2ed:jAxxRwrqOL

Score

7^/10

Malware Config

Targets

- Target
  
  e144712121b25abba6de9e1d100539a2
- Size
  
  1000KB
- MD5
  
  e144712121b25abba6de9e1d100539a2
- SHA1
  
  4c83b7a40caac2c1d7ca746b194c35afe83e6ba4
- SHA256
  
  ba262064bdf7e217bea69341bdafcc7b394de08ae72c4fb4ed317542089a17e6
- SHA512
  
  34a2e9dfb8a8b9c8632ed9a40a9b42cda9ed21335adc46e2ff5676a656fb8565da3fb8845825ff61526c75b600d3a79393d63774be454183807ca407bc07b291
- SSDEEP
  
  24576:m3qGd8A0PCT9AI0k6waD1B+5vMiqt0gj2ed:jAxxRwrqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2