892ee839f7d644f8f0858aeff8b0d90f57a3235aac7fc78c7fb79f5fc5029705 | Triage

Sharing

General

Target

0de112b7ceaa8b854e815fc625cca32c
Size

1000KB
Sample

231225-h1m8tsafam
MD5

0de112b7ceaa8b854e815fc625cca32c
SHA1

15bfd0045024b4bcc989b5af84a71a9c73605abc
SHA256

892ee839f7d644f8f0858aeff8b0d90f57a3235aac7fc78c7fb79f5fc5029705
SHA512

9980e25311154c8421a1959718ce6f2f2bf13354d70d8da7f6ccf26ccdde27b246970402e5c5e92b9ab74c0f2a7d5d997b94a95679ff879e28796c2d84926b47
SSDEEP

24576:hbdhnHpEo3j9qw3yN0aq1B+5vMiqt0gj2ed:hbLKij9F1qOL

Score

7^/10

Malware Config

Targets

- Target
  
  0de112b7ceaa8b854e815fc625cca32c
- Size
  
  1000KB
- MD5
  
  0de112b7ceaa8b854e815fc625cca32c
- SHA1
  
  15bfd0045024b4bcc989b5af84a71a9c73605abc
- SHA256
  
  892ee839f7d644f8f0858aeff8b0d90f57a3235aac7fc78c7fb79f5fc5029705
- SHA512
  
  9980e25311154c8421a1959718ce6f2f2bf13354d70d8da7f6ccf26ccdde27b246970402e5c5e92b9ab74c0f2a7d5d997b94a95679ff879e28796c2d84926b47
- SSDEEP
  
  24576:hbdhnHpEo3j9qw3yN0aq1B+5vMiqt0gj2ed:hbLKij9F1qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2