16b22bbdb6ef215b69a938f4b2c13a831de28ff28bb292f55711accd5f4804ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18e34fcb41b2e11eaaca77e0509667dd
Size

385KB
Sample

231225-m17ppaaha8
MD5

18e34fcb41b2e11eaaca77e0509667dd
SHA1

d4bb78d3803fbb6ce5651e78b55e184ffd71578a
SHA256

16b22bbdb6ef215b69a938f4b2c13a831de28ff28bb292f55711accd5f4804ad
SHA512

63cb5abbbcdfa410648e30dd550f9ac715d0d36c1e5e06df5b39bb97e3266f15e71a4b3cd304183a896a6d0d8138a4f8c68047981778a4a339bfaee3b341b97e
SSDEEP

6144:9o3yDzoQOeHT/JQ6xtBgDo1UMG/nw9wGz9+gwd34Oow2aOTMX19DEAFHEoxzfo10:zMQ5HTxjxtBgZModtgWoFAnQS5xzfocB

Score

7^/10

Malware Config

Targets

- Target
  
  18e34fcb41b2e11eaaca77e0509667dd
- Size
  
  385KB
- MD5
  
  18e34fcb41b2e11eaaca77e0509667dd
- SHA1
  
  d4bb78d3803fbb6ce5651e78b55e184ffd71578a
- SHA256
  
  16b22bbdb6ef215b69a938f4b2c13a831de28ff28bb292f55711accd5f4804ad
- SHA512
  
  63cb5abbbcdfa410648e30dd550f9ac715d0d36c1e5e06df5b39bb97e3266f15e71a4b3cd304183a896a6d0d8138a4f8c68047981778a4a339bfaee3b341b97e
- SSDEEP
  
  6144:9o3yDzoQOeHT/JQ6xtBgDo1UMG/nw9wGz9+gwd34Oow2aOTMX19DEAFHEoxzfo10:zMQ5HTxjxtBgZModtgWoFAnQS5xzfocB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2