8485a8bd572d2a7e2e888411d642a332abce1b75db8f555e20349157f93adb51 | Triage

Sharing

General

Target

0fff2038ddd48206049e4bd13f2a7569
Size

1000KB
Sample

231225-jna86seeer
MD5

0fff2038ddd48206049e4bd13f2a7569
SHA1

9a4ff02db97fad2ee008e784a57fbfdac98bfe48
SHA256

8485a8bd572d2a7e2e888411d642a332abce1b75db8f555e20349157f93adb51
SHA512

1743327aa8fc28e3837edddc799da61535f8d8a95cd330f93883d44a4945cc05d5f86447bf01955c41681265933def2b92551cbd7ac65652169f7b7205128790
SSDEEP

24576:q6scd4/3Vc5YXLS5D7XmjfQ1B+5vMiqt0gj2ed:mcmfm5Y76D7pqOL

Score

7^/10

Malware Config

Targets

- Target
  
  0fff2038ddd48206049e4bd13f2a7569
- Size
  
  1000KB
- MD5
  
  0fff2038ddd48206049e4bd13f2a7569
- SHA1
  
  9a4ff02db97fad2ee008e784a57fbfdac98bfe48
- SHA256
  
  8485a8bd572d2a7e2e888411d642a332abce1b75db8f555e20349157f93adb51
- SHA512
  
  1743327aa8fc28e3837edddc799da61535f8d8a95cd330f93883d44a4945cc05d5f86447bf01955c41681265933def2b92551cbd7ac65652169f7b7205128790
- SSDEEP
  
  24576:q6scd4/3Vc5YXLS5D7XmjfQ1B+5vMiqt0gj2ed:mcmfm5Y76D7pqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2