f51b5d485f93858c382f5bf8f40fe44efef64eb60c4181ea2f0f9e6c282e65e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

228595c0ef9d52dc581adfb8998d771d
Size

385KB
Sample

231225-qy359scbak
MD5

228595c0ef9d52dc581adfb8998d771d
SHA1

a865a003042b80fee6a82e945b24654122a0947b
SHA256

f51b5d485f93858c382f5bf8f40fe44efef64eb60c4181ea2f0f9e6c282e65e4
SHA512

6495afbc3694000b4ea7313fee35a7edb37285c15bfebfa402f6fe4b58eeecdbe4ccc99740acc6143d4e8b1a607d1ccd6b0a05edf80f274a3c6b1a63f207d894
SSDEEP

6144:n4NmhJF4kh4DW0VfgEObs70SfuC5PX0e4GBmOnJpzjZWdNTtdzo6Ov5cgB:n4+FPj0x0b4V5m0vUBSjv5cgB

Score

7^/10

Malware Config

Targets

- Target
  
  228595c0ef9d52dc581adfb8998d771d
- Size
  
  385KB
- MD5
  
  228595c0ef9d52dc581adfb8998d771d
- SHA1
  
  a865a003042b80fee6a82e945b24654122a0947b
- SHA256
  
  f51b5d485f93858c382f5bf8f40fe44efef64eb60c4181ea2f0f9e6c282e65e4
- SHA512
  
  6495afbc3694000b4ea7313fee35a7edb37285c15bfebfa402f6fe4b58eeecdbe4ccc99740acc6143d4e8b1a607d1ccd6b0a05edf80f274a3c6b1a63f207d894
- SSDEEP
  
  6144:n4NmhJF4kh4DW0VfgEObs70SfuC5PX0e4GBmOnJpzjZWdNTtdzo6Ov5cgB:n4+FPj0x0b4V5m0vUBSjv5cgB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2