6fa66095e2a47acab14a9780200a18a06241e0130b1ed71645d8fe1dfd9eefe9 | Triage

Sharing

General

Target

0ede4cb539d18eff602baa20fdef459a
Size

506KB
Sample

231225-jbqs4adfa4
MD5

0ede4cb539d18eff602baa20fdef459a
SHA1

e0fadb85dc5250f8b2e1b3ae7b9c83a149ed105e
SHA256

6fa66095e2a47acab14a9780200a18a06241e0130b1ed71645d8fe1dfd9eefe9
SHA512

4fb8d01baa64328af4e34be52778508a9370eb6f0ea4d8b79c5db8538dd177918d09b584d1207a609a1429c8cfe200f1a1bdc793a5a1ceb353327b0f4b9f8d66
SSDEEP

12288:6m5aghmSWYdVJpvC+kmiAeb1MH35cqSgQ70zbU3SvMY:b5JhRPivb1MH3+lZQY31Y

Score

7^/10

Malware Config

Targets

- Target
  
  0ede4cb539d18eff602baa20fdef459a
- Size
  
  506KB
- MD5
  
  0ede4cb539d18eff602baa20fdef459a
- SHA1
  
  e0fadb85dc5250f8b2e1b3ae7b9c83a149ed105e
- SHA256
  
  6fa66095e2a47acab14a9780200a18a06241e0130b1ed71645d8fe1dfd9eefe9
- SHA512
  
  4fb8d01baa64328af4e34be52778508a9370eb6f0ea4d8b79c5db8538dd177918d09b584d1207a609a1429c8cfe200f1a1bdc793a5a1ceb353327b0f4b9f8d66
- SSDEEP
  
  12288:6m5aghmSWYdVJpvC+kmiAeb1MH35cqSgQ70zbU3SvMY:b5JhRPivb1MH3+lZQY31Y
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2