bc4da93ba2cc9d86f3503d39bdb5a2f49e791655418fb56ef7c7d25b67f3151a | Triage

Sharing

General

Target

1680589563b03c2d726c81b11d62c0bf
Size

506KB
Sample

231224-2mhkzagde7
MD5

1680589563b03c2d726c81b11d62c0bf
SHA1

4c3df47d45e0354a91e0964d77c1536871f7f26c
SHA256

bc4da93ba2cc9d86f3503d39bdb5a2f49e791655418fb56ef7c7d25b67f3151a
SHA512

88cb05355bd662b1feb39b0e5b46f192fec56ce4076d4413a2f10c78ea0b9661e76c5381f2238ef07a2c626c29d352a45d2372c6b911effd822084ad07eea607
SSDEEP

12288:DJzkBuzfn3YALa9Hg4OSiOGxJn6VMMjozxFUannBUvD0djZLS:hbLnHv67j4xFUanBVdlu

Score

7^/10

Malware Config

Targets

- Target
  
  1680589563b03c2d726c81b11d62c0bf
- Size
  
  506KB
- MD5
  
  1680589563b03c2d726c81b11d62c0bf
- SHA1
  
  4c3df47d45e0354a91e0964d77c1536871f7f26c
- SHA256
  
  bc4da93ba2cc9d86f3503d39bdb5a2f49e791655418fb56ef7c7d25b67f3151a
- SHA512
  
  88cb05355bd662b1feb39b0e5b46f192fec56ce4076d4413a2f10c78ea0b9661e76c5381f2238ef07a2c626c29d352a45d2372c6b911effd822084ad07eea607
- SSDEEP
  
  12288:DJzkBuzfn3YALa9Hg4OSiOGxJn6VMMjozxFUannBUvD0djZLS:hbLnHv67j4xFUanBVdlu
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2