8e42bf5ee1d2b7104eb7c3f5a7e68d31480f4a371ff22d0d207494dd48546b00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c92305fba2b555e233fb4c550f07a1a
Size

241KB
Sample

231225-hjtz2shbd8
MD5

0c92305fba2b555e233fb4c550f07a1a
SHA1

d5374850c94069688d1afcb0a4775080cacc6023
SHA256

8e42bf5ee1d2b7104eb7c3f5a7e68d31480f4a371ff22d0d207494dd48546b00
SHA512

f59acb1f44d857b61b3201143bf1b0765803f32875a1f3817a0bd27c75aa16400b9c02678929a889fd3cf19f5fa9bb2696d14681cd4d78e1ac92f277a30627b9
SSDEEP

6144:3Wkaqzd6WBi4S01j/apFq1jHIujEVRVC8FE+24Z0tbKIBy0:3W2Hi451DaeMujE88+IZgKV0

Score

7^/10

Malware Config

Targets

- Target
  
  0c92305fba2b555e233fb4c550f07a1a
- Size
  
  241KB
- MD5
  
  0c92305fba2b555e233fb4c550f07a1a
- SHA1
  
  d5374850c94069688d1afcb0a4775080cacc6023
- SHA256
  
  8e42bf5ee1d2b7104eb7c3f5a7e68d31480f4a371ff22d0d207494dd48546b00
- SHA512
  
  f59acb1f44d857b61b3201143bf1b0765803f32875a1f3817a0bd27c75aa16400b9c02678929a889fd3cf19f5fa9bb2696d14681cd4d78e1ac92f277a30627b9
- SSDEEP
  
  6144:3Wkaqzd6WBi4S01j/apFq1jHIujEVRVC8FE+24Z0tbKIBy0:3W2Hi451DaeMujE88+IZgKV0
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2