f46b9aeafe296ebbad909e927fad26a21b05fbbc68cb446299c224fd27ea7fb0 | Triage

Resubmissions

03-07-2024 11:55

240703-n3eblasbmf 6

03-07-2024 11:47

240703-nya4da1fqa 6

24-06-2024 09:08

240624-k4bqbavbqf 6

Sharing

General

Target

f46b9aeafe296ebbad909e927fad26a21b05fbbc68cb446299c224fd27ea7fb0
Size

5.0MB
Sample

240624-k4bqbavbqf
MD5

d460bb3fb4b3aa150b7f7d0fae0fc9e5
SHA1

277435044e6219200a8c72bea1a3d2cd2eff291b
SHA256

f46b9aeafe296ebbad909e927fad26a21b05fbbc68cb446299c224fd27ea7fb0
SHA512

e77c39cd95fbba29baf9c6e7ba593830d6881f8d537ba36b07ebe333b4abcf10697755815ae30970dc29911291737e9c5b4d51e88f0ac349971a1653aab107f0
SSDEEP

98304:Uh4WPtUlGKtV58B7Pg1iX24Y5YZZqPnhIX4Pla6pMsA6H+nDsM/:UJ1Ul1tLwyiX2nYqPn6ytpzhysM

Score

6^/10

Malware Config

Targets

- Target
  
  f46b9aeafe296ebbad909e927fad26a21b05fbbc68cb446299c224fd27ea7fb0
- Size
  
  5.0MB
- MD5
  
  d460bb3fb4b3aa150b7f7d0fae0fc9e5
- SHA1
  
  277435044e6219200a8c72bea1a3d2cd2eff291b
- SHA256
  
  f46b9aeafe296ebbad909e927fad26a21b05fbbc68cb446299c224fd27ea7fb0
- SHA512
  
  e77c39cd95fbba29baf9c6e7ba593830d6881f8d537ba36b07ebe333b4abcf10697755815ae30970dc29911291737e9c5b4d51e88f0ac349971a1653aab107f0
- SSDEEP
  
  98304:Uh4WPtUlGKtV58B7Pg1iX24Y5YZZqPnhIX4Pla6pMsA6H+nDsM/:UJ1Ul1tLwyiX2nYqPn6ytpzhysM
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2