75a6842f4147db418fd602e3e0e74b57de48dcc0e13617464a98cff9729ad5cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15f738ec1017beaef279cfcd464bd35c
Size

506KB
Sample

231224-2f3bssdgfq
MD5

15f738ec1017beaef279cfcd464bd35c
SHA1

1280a3e2ba20b81f447e1db58b95c5f05c1f63b1
SHA256

75a6842f4147db418fd602e3e0e74b57de48dcc0e13617464a98cff9729ad5cb
SHA512

30ae7f45504e16d3109d6b652fdb76bbb717ba54dc0d97b68e231b942725563122801be19ae8463dd13a42561979013459e5db73b009ca9dd4c892888dfecf07
SSDEEP

12288:wonNzYhjsWivNuStBpO/I7miKMpJaJzpCQ93HYTH2qC:woNKjsWivNTfO/Ymi7faNx0C

Score

7^/10

Malware Config

Targets

- Target
  
  15f738ec1017beaef279cfcd464bd35c
- Size
  
  506KB
- MD5
  
  15f738ec1017beaef279cfcd464bd35c
- SHA1
  
  1280a3e2ba20b81f447e1db58b95c5f05c1f63b1
- SHA256
  
  75a6842f4147db418fd602e3e0e74b57de48dcc0e13617464a98cff9729ad5cb
- SHA512
  
  30ae7f45504e16d3109d6b652fdb76bbb717ba54dc0d97b68e231b942725563122801be19ae8463dd13a42561979013459e5db73b009ca9dd4c892888dfecf07
- SSDEEP
  
  12288:wonNzYhjsWivNuStBpO/I7miKMpJaJzpCQ93HYTH2qC:woNKjsWivNTfO/Ymi7faNx0C
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2