d922ceef7bcce6a04d144811341679b79931abfff3de997d6f0ca9a8057463d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f92ace6aa178020d2520d360cc0031a
Size

241KB
Sample

231224-ystnmsfchp
MD5

0f92ace6aa178020d2520d360cc0031a
SHA1

d73ce57bb26eef305bfc06e88a7ad726368d2c57
SHA256

d922ceef7bcce6a04d144811341679b79931abfff3de997d6f0ca9a8057463d8
SHA512

8bd8161a782014273d218a2efb69e689b632f33d390219ec7ba2080d6efacf1d65c9674351c86a2f0f6806b4f8b358e3e48fe9c6fc2185cb549df29ba8bcf33c
SSDEEP

6144:OGoMopzdTZfXfQyhMiZfjG+sb+j14OKcWm2cYc4mE+Q8j257uXgn7j:tnoz1ZfXIAfx4OvUU46QKY7uXOj

Score

7^/10

Malware Config

Targets

- Target
  
  0f92ace6aa178020d2520d360cc0031a
- Size
  
  241KB
- MD5
  
  0f92ace6aa178020d2520d360cc0031a
- SHA1
  
  d73ce57bb26eef305bfc06e88a7ad726368d2c57
- SHA256
  
  d922ceef7bcce6a04d144811341679b79931abfff3de997d6f0ca9a8057463d8
- SHA512
  
  8bd8161a782014273d218a2efb69e689b632f33d390219ec7ba2080d6efacf1d65c9674351c86a2f0f6806b4f8b358e3e48fe9c6fc2185cb549df29ba8bcf33c
- SSDEEP
  
  6144:OGoMopzdTZfXfQyhMiZfjG+sb+j14OKcWm2cYc4mE+Q8j257uXgn7j:tnoz1ZfXIAfx4OvUU46QKY7uXOj
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2