9a4bd81c7b8249a29b533c6150da11488e8ceb84600cabeb3057fc46272a0f33 | Triage

Sharing

General

Target

tmp
Size

10.1MB
Sample

231122-zcxk2afb8w
MD5

c84b7fa4f942bb3576d51872fd6cc6db
SHA1

0904bd06dc3cb730bd49caa6833616cbdddef7fe
SHA256

9a4bd81c7b8249a29b533c6150da11488e8ceb84600cabeb3057fc46272a0f33
SHA512

9eaf088cfccf6f904796779d47ffa38587d12a6a9c56ce8dc83c75bf1ed87fcc03dd885902c01ddd63144142a897cb5e2bbb47df695e2a529fd75eeb6a09a705
SSDEEP

98304:U5xvZNijgyJjdtJlGGWRpyWZQSYT7w9yso9DeFsEsT1o4:MvZAjgKdIRpyWaSY/866sG4

Score

7^/10

Malware Config

Targets

- Target
  
  tmp
- Size
  
  10.1MB
- MD5
  
  c84b7fa4f942bb3576d51872fd6cc6db
- SHA1
  
  0904bd06dc3cb730bd49caa6833616cbdddef7fe
- SHA256
  
  9a4bd81c7b8249a29b533c6150da11488e8ceb84600cabeb3057fc46272a0f33
- SHA512
  
  9eaf088cfccf6f904796779d47ffa38587d12a6a9c56ce8dc83c75bf1ed87fcc03dd885902c01ddd63144142a897cb5e2bbb47df695e2a529fd75eeb6a09a705
- SSDEEP
  
  98304:U5xvZNijgyJjdtJlGGWRpyWZQSYT7w9yso9DeFsEsT1o4:MvZAjgKdIRpyWaSY/866sG4
Score

7^/10
- Deletes itself
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2