249e86c4e0fa85a618353c5ce81bf6bba9b7237419a5a99575a947e4ffaea5ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01b9a16f1ffca0ebd25583858e65e9a7
Size

771KB
Sample

231224-r1xlyagfer
MD5

01b9a16f1ffca0ebd25583858e65e9a7
SHA1

ea1330b7802f7da539d65dd19f36ae6745fb242c
SHA256

249e86c4e0fa85a618353c5ce81bf6bba9b7237419a5a99575a947e4ffaea5ad
SHA512

0dc152d0c3122904b4a34109f2c1d2155ab12c2dcf5961b2a8eb4f6d2bd60c97df68a28c2460020e739beba8632f6c6b043d53bdfa5a0bad49af01dff9e30d44
SSDEEP

12288:yzINvMGcfleCpqPs03JmyQS4+y63/ub10VHmDXTuFaa2AtyGTKOF25ZoJJyhRgeG:yzINvMNECpf+TCb10hJaothZ2/T6FBBB

Score

7^/10

Malware Config

Targets

- Target
  
  01b9a16f1ffca0ebd25583858e65e9a7
- Size
  
  771KB
- MD5
  
  01b9a16f1ffca0ebd25583858e65e9a7
- SHA1
  
  ea1330b7802f7da539d65dd19f36ae6745fb242c
- SHA256
  
  249e86c4e0fa85a618353c5ce81bf6bba9b7237419a5a99575a947e4ffaea5ad
- SHA512
  
  0dc152d0c3122904b4a34109f2c1d2155ab12c2dcf5961b2a8eb4f6d2bd60c97df68a28c2460020e739beba8632f6c6b043d53bdfa5a0bad49af01dff9e30d44
- SSDEEP
  
  12288:yzINvMGcfleCpqPs03JmyQS4+y63/ub10VHmDXTuFaa2AtyGTKOF25ZoJJyhRgeG:yzINvMNECpf+TCb10hJaothZ2/T6FBBB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2