General

  • Target

    85cbefb9ece6a14dc2600b20645b579c66276d8748a34a4690d1d8a8841be135

  • Size

    2.8MB

  • Sample

    241113-3zvlqs1kc1

  • MD5

    e580002df4af1052f01b62750f80d8a6

  • SHA1

    6d964e37e3282b652e14dc924b279ab542aeceb8

  • SHA256

    85cbefb9ece6a14dc2600b20645b579c66276d8748a34a4690d1d8a8841be135

  • SHA512

    af88547622a11ae7991da6f80a41ff2d4dfb42ee9f82cbd8bfb4019407aa02d5a6c8904276accd3943b72114007c5f5c56c5e386bb3d8554be5062cf3fc22e66

  • SSDEEP

    49152:kSZIlM2ho2YWFgWspGGOP5JvHoPfZb4+4IgPHTzII5Wk1jE1FXTcbMhsWSGb:DZeMqYWFX/EZ0+eIoWk+gbMQGb

Malware Config

Targets

    • Target

      85cbefb9ece6a14dc2600b20645b579c66276d8748a34a4690d1d8a8841be135

    • Size

      2.8MB

    • MD5

      e580002df4af1052f01b62750f80d8a6

    • SHA1

      6d964e37e3282b652e14dc924b279ab542aeceb8

    • SHA256

      85cbefb9ece6a14dc2600b20645b579c66276d8748a34a4690d1d8a8841be135

    • SHA512

      af88547622a11ae7991da6f80a41ff2d4dfb42ee9f82cbd8bfb4019407aa02d5a6c8904276accd3943b72114007c5f5c56c5e386bb3d8554be5062cf3fc22e66

    • SSDEEP

      49152:kSZIlM2ho2YWFgWspGGOP5JvHoPfZb4+4IgPHTzII5Wk1jE1FXTcbMhsWSGb:DZeMqYWFX/EZ0+eIoWk+gbMQGb

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks