6fd965e27946970c6fc1b2fa03d74dce84558f6c07c3c7fd0983198337a60a94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e24b8a20d1aaeacb8e69101946b7d590.bin
Size

1012KB
Sample

240329-esyg2saa88
MD5

e24b8a20d1aaeacb8e69101946b7d590
SHA1

1ce2c685a0b731edd422cd2c9bb146d7326c4efa
SHA256

6fd965e27946970c6fc1b2fa03d74dce84558f6c07c3c7fd0983198337a60a94
SHA512

ae59fd8fcb52c58c1702c4eda6761979d1f00b3c6104a29e8a423e18a62fa9ee9df0b4e61f7eca3d94ec7ea388b2d679f79faee00f606dda802f41a22d5bbcab
SSDEEP

24576:5PASR/seopY7zcmR2UBHIY91B+5vMiqt0gj2eR:dAIoikBUWYxqO7

Score

7^/10

Malware Config

Targets

- Target
  
  e24b8a20d1aaeacb8e69101946b7d590.bin
- Size
  
  1012KB
- MD5
  
  e24b8a20d1aaeacb8e69101946b7d590
- SHA1
  
  1ce2c685a0b731edd422cd2c9bb146d7326c4efa
- SHA256
  
  6fd965e27946970c6fc1b2fa03d74dce84558f6c07c3c7fd0983198337a60a94
- SHA512
  
  ae59fd8fcb52c58c1702c4eda6761979d1f00b3c6104a29e8a423e18a62fa9ee9df0b4e61f7eca3d94ec7ea388b2d679f79faee00f606dda802f41a22d5bbcab
- SSDEEP
  
  24576:5PASR/seopY7zcmR2UBHIY91B+5vMiqt0gj2eR:dAIoikBUWYxqO7
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2