3e7ca8ac2382993641497e1ef8befb23c318bc1295bad8ada496bcf80ba9c568 | Triage

Sharing

General

Target

3e7ca8ac2382993641497e1ef8befb23c318bc1295bad8ada496bcf80ba9c568
Size

27.7MB
Sample

241119-wbkcjazcrr
MD5

8070f6374c85c3ef486c86beaa0f0b5c
SHA1

8e901b967e7fc7eee225da66e8ce87e75a9f9a99
SHA256

3e7ca8ac2382993641497e1ef8befb23c318bc1295bad8ada496bcf80ba9c568
SHA512

c01cd91cb5b8ca9b2b97f5778ea3923974734135306966ea07a2265b21fbcb1d858de58af5e13cfba2597340eb9ab7472545de53d063d58b4c7034515f531032
SSDEEP

393216:JtbrFR5f5JWsPSl0l+DmVGauCZsoj3mT/tojNfIDpRfGgtcZq4:bt3WOSClSmVIdoj3w/tojyDDfrcZq

Score

8^/10

evasion execution

Malware Config

Targets

- Target
  
  3e7ca8ac2382993641497e1ef8befb23c318bc1295bad8ada496bcf80ba9c568
- Size
  
  27.7MB
- MD5
  
  8070f6374c85c3ef486c86beaa0f0b5c
- SHA1
  
  8e901b967e7fc7eee225da66e8ce87e75a9f9a99
- SHA256
  
  3e7ca8ac2382993641497e1ef8befb23c318bc1295bad8ada496bcf80ba9c568
- SHA512
  
  c01cd91cb5b8ca9b2b97f5778ea3923974734135306966ea07a2265b21fbcb1d858de58af5e13cfba2597340eb9ab7472545de53d063d58b4c7034515f531032
- SSDEEP
  
  393216:JtbrFR5f5JWsPSl0l+DmVGauCZsoj3mT/tojNfIDpRfGgtcZq4:bt3WOSClSmVIdoj3w/tojyDDfrcZq
Score

8^/10

evasion execution
- Stops running service(s)
  evasion execution
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

evasionexecution