97c0087da0bd9f31f135dadaf77e189d7c1bf640165f0d9f903a565dd12ce957 | Triage

Sharing

General

Target

0dc74eb5909b6324e4451dd5ca5e9ce9
Size

1000KB
Sample

231224-x9klmadgd7
MD5

0dc74eb5909b6324e4451dd5ca5e9ce9
SHA1

a5ceb667b5f22b29c9cf355f69c0f3f220d658fc
SHA256

97c0087da0bd9f31f135dadaf77e189d7c1bf640165f0d9f903a565dd12ce957
SHA512

349df40e33b5f80abeaf6f69748879817eb0441b3f3df992fcc965b1559659ca8eab789bcc8fd54d4ec8256cc5d9dae12ce86296efd38ffbf474a0ef1ea09f2a
SSDEEP

24576:AIHP60iLD0WjghOm8f1K1B+5vMiqt0gj2ed:THP65ffeOm8faqOL

Score

7^/10

Malware Config

Targets

- Target
  
  0dc74eb5909b6324e4451dd5ca5e9ce9
- Size
  
  1000KB
- MD5
  
  0dc74eb5909b6324e4451dd5ca5e9ce9
- SHA1
  
  a5ceb667b5f22b29c9cf355f69c0f3f220d658fc
- SHA256
  
  97c0087da0bd9f31f135dadaf77e189d7c1bf640165f0d9f903a565dd12ce957
- SHA512
  
  349df40e33b5f80abeaf6f69748879817eb0441b3f3df992fcc965b1559659ca8eab789bcc8fd54d4ec8256cc5d9dae12ce86296efd38ffbf474a0ef1ea09f2a
- SSDEEP
  
  24576:AIHP60iLD0WjghOm8f1K1B+5vMiqt0gj2ed:THP65ffeOm8faqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2