43c27fd9e641162c67d14705cfda4e7dfe338b50749d9c0214c072889fe24a53 | Triage

Sharing

General

Target

1c8f056fc8dad56d749af4a302df50c9
Size

506KB
Sample

231225-anx89sadhn
MD5

1c8f056fc8dad56d749af4a302df50c9
SHA1

042dd5122256ef2473a01912223dc60336f21151
SHA256

43c27fd9e641162c67d14705cfda4e7dfe338b50749d9c0214c072889fe24a53
SHA512

7bb8bda6656f9f0651b07543fae380785b2b60a57ebe90129a6319aeee67590102d2a9e50cfcdd41b4e297e87f9fe4870eb60c3eeae66a2408cb03e4939c65e0
SSDEEP

12288:bThAxgV9einaZf8B7OKeWIv1PL6QhaMMSQ3VuZdUOR:bTbQincgOKzM1mQh8VuZF

Score

7^/10

Malware Config

Targets

- Target
  
  1c8f056fc8dad56d749af4a302df50c9
- Size
  
  506KB
- MD5
  
  1c8f056fc8dad56d749af4a302df50c9
- SHA1
  
  042dd5122256ef2473a01912223dc60336f21151
- SHA256
  
  43c27fd9e641162c67d14705cfda4e7dfe338b50749d9c0214c072889fe24a53
- SHA512
  
  7bb8bda6656f9f0651b07543fae380785b2b60a57ebe90129a6319aeee67590102d2a9e50cfcdd41b4e297e87f9fe4870eb60c3eeae66a2408cb03e4939c65e0
- SSDEEP
  
  12288:bThAxgV9einaZf8B7OKeWIv1PL6QhaMMSQ3VuZdUOR:bTbQincgOKzM1mQh8VuZF
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2