e609e57f0647b29f53009785a4af0dd7b2702327393f33ad9a03ae1a349d7fe6 | Triage

Sharing

General

Target

422da6ec9ebe7dbad56bcfbc78164e3d
Size

506KB
Sample

231225-23pn8aebcr
MD5

422da6ec9ebe7dbad56bcfbc78164e3d
SHA1

d7d91c06e3dda19581e98a8c077c3d2e428d5898
SHA256

e609e57f0647b29f53009785a4af0dd7b2702327393f33ad9a03ae1a349d7fe6
SHA512

df76a8b4f50675ace03c2fe3a6e37c1c80e33342dee3868c55c7a0f0d6cf07626d64cc4dbae0b2f650e7ef7e6cf09a57bffcad8ad4e5faf5c02bcc72f6264e32
SSDEEP

12288:e0g9GqK4wU4Q4vjXSHByGSpGBczz3UTf3sds5gK9g/:e07dQms7j0z3UTfPH9g/

Score

7^/10

Malware Config

Targets

- Target
  
  422da6ec9ebe7dbad56bcfbc78164e3d
- Size
  
  506KB
- MD5
  
  422da6ec9ebe7dbad56bcfbc78164e3d
- SHA1
  
  d7d91c06e3dda19581e98a8c077c3d2e428d5898
- SHA256
  
  e609e57f0647b29f53009785a4af0dd7b2702327393f33ad9a03ae1a349d7fe6
- SHA512
  
  df76a8b4f50675ace03c2fe3a6e37c1c80e33342dee3868c55c7a0f0d6cf07626d64cc4dbae0b2f650e7ef7e6cf09a57bffcad8ad4e5faf5c02bcc72f6264e32
- SSDEEP
  
  12288:e0g9GqK4wU4Q4vjXSHByGSpGBczz3UTf3sds5gK9g/:e07dQms7j0z3UTfPH9g/
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2