b23d496185cb75a1fa0bdea3411b24a0626754f83ec4908c15d973693dc08929 | Triage

Sharing

General

Target

2d616f0d8e73412352df5162a0b30931
Size

1000KB
Sample

231225-t1msvafgal
MD5

2d616f0d8e73412352df5162a0b30931
SHA1

141ba24119afd536743e1a2fc938554bd176df67
SHA256

b23d496185cb75a1fa0bdea3411b24a0626754f83ec4908c15d973693dc08929
SHA512

202898e8ee0a33eb96f4360512579980979e90721c012e3d71d9e6ba26bf51b84a5aea8a44f3091253bc21572acd35a5f1d8948e96f80a2a61541a8b5528bbfe
SSDEEP

24576:9Gsuf9MRWEIRG40jiQB+SU4TGG1B+5vMiqt0gj2ed:9GNf71G407IsRqOL

Score

7^/10

Malware Config

Targets

- Target
  
  2d616f0d8e73412352df5162a0b30931
- Size
  
  1000KB
- MD5
  
  2d616f0d8e73412352df5162a0b30931
- SHA1
  
  141ba24119afd536743e1a2fc938554bd176df67
- SHA256
  
  b23d496185cb75a1fa0bdea3411b24a0626754f83ec4908c15d973693dc08929
- SHA512
  
  202898e8ee0a33eb96f4360512579980979e90721c012e3d71d9e6ba26bf51b84a5aea8a44f3091253bc21572acd35a5f1d8948e96f80a2a61541a8b5528bbfe
- SSDEEP
  
  24576:9Gsuf9MRWEIRG40jiQB+SU4TGG1B+5vMiqt0gj2ed:9GNf71G407IsRqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2