e6c4823ef75a65cbc76e33193e0996a72167465a130b83f0726ccabf38fefba9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dc01f4002c6b2edf4cef0492e54a952
Size

385KB
Sample

231225-t5mcwaaae5
MD5

2dc01f4002c6b2edf4cef0492e54a952
SHA1

107bca6afb2b369c49e3e8fca00febe3812c0891
SHA256

e6c4823ef75a65cbc76e33193e0996a72167465a130b83f0726ccabf38fefba9
SHA512

2fec110356ef2854accc641b07f31d42d07aca60b6933066b206c1077524c1084403d195b411026b77b7a38a3dbb37e3502bd0050cd837f5ee98ee41a9e4cb5c
SSDEEP

12288:JRwj5J2tB/oYMmudpV1+zZ993/Xix8pdxTpmrB:+Rmu/+z1vX1pdxTpmrB

Score

7^/10

Malware Config

Targets

- Target
  
  2dc01f4002c6b2edf4cef0492e54a952
- Size
  
  385KB
- MD5
  
  2dc01f4002c6b2edf4cef0492e54a952
- SHA1
  
  107bca6afb2b369c49e3e8fca00febe3812c0891
- SHA256
  
  e6c4823ef75a65cbc76e33193e0996a72167465a130b83f0726ccabf38fefba9
- SHA512
  
  2fec110356ef2854accc641b07f31d42d07aca60b6933066b206c1077524c1084403d195b411026b77b7a38a3dbb37e3502bd0050cd837f5ee98ee41a9e4cb5c
- SSDEEP
  
  12288:JRwj5J2tB/oYMmudpV1+zZ993/Xix8pdxTpmrB:+Rmu/+z1vX1pdxTpmrB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2