67dc3507a8b252ee09a23fcc1c977484a0d98810b6285664f345888240d68b5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a892f6cf6e6396427ceb8611561c1bd
Size

506KB
Sample

231225-s8v9hsccd6
MD5

2a892f6cf6e6396427ceb8611561c1bd
SHA1

4bcfb4201877e08683f48592f3871f1cc8966d19
SHA256

67dc3507a8b252ee09a23fcc1c977484a0d98810b6285664f345888240d68b5a
SHA512

7c211e7b12408c3edef01e07319066dcfedcb4af815c4770aea4bfd9561c2ac881ebad8f7662ac66a340bb031b28366b0ac40412a1f3563f1548eecc080abf5d
SSDEEP

12288:dzshDUeSJZDQU5e8F6HTOMu61p2z0BGo2RWEnjIKoG:tCYPJZUR8F6Hu61pq0dI9njIKoG

Score

7^/10

Malware Config

Targets

- Target
  
  2a892f6cf6e6396427ceb8611561c1bd
- Size
  
  506KB
- MD5
  
  2a892f6cf6e6396427ceb8611561c1bd
- SHA1
  
  4bcfb4201877e08683f48592f3871f1cc8966d19
- SHA256
  
  67dc3507a8b252ee09a23fcc1c977484a0d98810b6285664f345888240d68b5a
- SHA512
  
  7c211e7b12408c3edef01e07319066dcfedcb4af815c4770aea4bfd9561c2ac881ebad8f7662ac66a340bb031b28366b0ac40412a1f3563f1548eecc080abf5d
- SSDEEP
  
  12288:dzshDUeSJZDQU5e8F6HTOMu61p2z0BGo2RWEnjIKoG:tCYPJZUR8F6Hu61pq0dI9njIKoG
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2