118fa42acbc71374fdb96172f0e9e68385f5ed3046470c616b675c6b41b7622e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00fd7dd7a4017196cba1a01f44ea8ac8
Size

241KB
Sample

231224-rt4rnsehen
MD5

00fd7dd7a4017196cba1a01f44ea8ac8
SHA1

e607e5b61c3b4b0ac486cc52f5f1e4c2c8cdd022
SHA256

118fa42acbc71374fdb96172f0e9e68385f5ed3046470c616b675c6b41b7622e
SHA512

aede473931e20a8c7584cf6f9ef0026d11e8b7ee2d813ebfe743bca3a730783d7177602a5b75951648d9ddcfd4845be710a213031cdad634065490872d098dac
SSDEEP

6144:vdT1lC9ZvTYpQO2Q4HudEYForFawAPDK6TNFQxPDaO3GGXeRK:V1QGyId9k8PJbQN3GGyK

Score

7^/10

Malware Config

Targets

- Target
  
  00fd7dd7a4017196cba1a01f44ea8ac8
- Size
  
  241KB
- MD5
  
  00fd7dd7a4017196cba1a01f44ea8ac8
- SHA1
  
  e607e5b61c3b4b0ac486cc52f5f1e4c2c8cdd022
- SHA256
  
  118fa42acbc71374fdb96172f0e9e68385f5ed3046470c616b675c6b41b7622e
- SHA512
  
  aede473931e20a8c7584cf6f9ef0026d11e8b7ee2d813ebfe743bca3a730783d7177602a5b75951648d9ddcfd4845be710a213031cdad634065490872d098dac
- SSDEEP
  
  6144:vdT1lC9ZvTYpQO2Q4HudEYForFawAPDK6TNFQxPDaO3GGXeRK:V1QGyId9k8PJbQN3GGyK
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2