4c9ce725b6f842cde26b5a1282edb58fde9fa254039ca9959a79bf7768c2e754 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14f3f03430fc33c6b89e545be9f3e07d
Size

506KB
Sample

231225-lqcwwsbaa5
MD5

14f3f03430fc33c6b89e545be9f3e07d
SHA1

8bd525627eaa31f5f88e08a3553559515dd47316
SHA256

4c9ce725b6f842cde26b5a1282edb58fde9fa254039ca9959a79bf7768c2e754
SHA512

5ffbdd4566c2d2382e9958b0b10c0b3b89adf730b8e51cf4c7f4fe0f502667b44619ba2d2414aa897d76f167a0e1f3be7bc8b185411c5b9bbdb46f10bd6a618e
SSDEEP

12288:UWC9JaJjcuopX+qu3IZykxlbNuqJrxo0E7LN+h:aa/o0Hr0YqlxoXEh

Score

7^/10

Malware Config

Targets

- Target
  
  14f3f03430fc33c6b89e545be9f3e07d
- Size
  
  506KB
- MD5
  
  14f3f03430fc33c6b89e545be9f3e07d
- SHA1
  
  8bd525627eaa31f5f88e08a3553559515dd47316
- SHA256
  
  4c9ce725b6f842cde26b5a1282edb58fde9fa254039ca9959a79bf7768c2e754
- SHA512
  
  5ffbdd4566c2d2382e9958b0b10c0b3b89adf730b8e51cf4c7f4fe0f502667b44619ba2d2414aa897d76f167a0e1f3be7bc8b185411c5b9bbdb46f10bd6a618e
- SSDEEP
  
  12288:UWC9JaJjcuopX+qu3IZykxlbNuqJrxo0E7LN+h:aa/o0Hr0YqlxoXEh
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2