cf8aa575bf380f1735f709b7f4334fbaefb48a57396c9795bbddaa5237bd7824 | Triage

Sharing

General

Target

1bf668f8d5995062310934c18b1b1858
Size

1000KB
Sample

231225-ny3hmafbhp
MD5

1bf668f8d5995062310934c18b1b1858
SHA1

fdafdb1b52a1932276c1c86d92cd2f026ea85085
SHA256

cf8aa575bf380f1735f709b7f4334fbaefb48a57396c9795bbddaa5237bd7824
SHA512

dcd04ac8019fa449b682f235d62d15a43ed8a2dcd86b89fb1b9e8f0373d30968454efbabf1b2e964880d6e4009d952a6265fe86a1c2a1bad90e55900d3eb64c3
SSDEEP

24576:auqtxgumV5w9N/8eyYSy8G1B+5vMiqt0gj2ed:cXgpe92BlqqOL

Score

7^/10

Malware Config

Targets

- Target
  
  1bf668f8d5995062310934c18b1b1858
- Size
  
  1000KB
- MD5
  
  1bf668f8d5995062310934c18b1b1858
- SHA1
  
  fdafdb1b52a1932276c1c86d92cd2f026ea85085
- SHA256
  
  cf8aa575bf380f1735f709b7f4334fbaefb48a57396c9795bbddaa5237bd7824
- SHA512
  
  dcd04ac8019fa449b682f235d62d15a43ed8a2dcd86b89fb1b9e8f0373d30968454efbabf1b2e964880d6e4009d952a6265fe86a1c2a1bad90e55900d3eb64c3
- SSDEEP
  
  24576:auqtxgumV5w9N/8eyYSy8G1B+5vMiqt0gj2ed:cXgpe92BlqqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2