08588b1c69bb8ca7af2db4d8742917cdbe1df5f66cd133045b029607b939d95c | Triage

Sharing

General

Target

15c20b6c6aaa057e952d0d0017989c16
Size

241KB
Sample

231225-l2lm6sbecl
MD5

15c20b6c6aaa057e952d0d0017989c16
SHA1

e1728e4f80dab4ec8eb98c2695740f13d7c87cd3
SHA256

08588b1c69bb8ca7af2db4d8742917cdbe1df5f66cd133045b029607b939d95c
SHA512

c1d42f7388a6739f03db5c2564a78fee95f5c3a692e4fb037d4b519777378e024dc1f18c2d2693659032c43933a158100b6a5e55f2c75b72189cd351f4f96fb8
SSDEEP

6144:GJegkwo8yDUXN34LswvxFN7xlj+21x6qIPa01xG/xXg:O9zyQXCpvx7Vw21cz1Ww

Score

7^/10

Malware Config

Targets

- Target
  
  15c20b6c6aaa057e952d0d0017989c16
- Size
  
  241KB
- MD5
  
  15c20b6c6aaa057e952d0d0017989c16
- SHA1
  
  e1728e4f80dab4ec8eb98c2695740f13d7c87cd3
- SHA256
  
  08588b1c69bb8ca7af2db4d8742917cdbe1df5f66cd133045b029607b939d95c
- SHA512
  
  c1d42f7388a6739f03db5c2564a78fee95f5c3a692e4fb037d4b519777378e024dc1f18c2d2693659032c43933a158100b6a5e55f2c75b72189cd351f4f96fb8
- SSDEEP
  
  6144:GJegkwo8yDUXN34LswvxFN7xlj+21x6qIPa01xG/xXg:O9zyQXCpvx7Vw21cz1Ww
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2