b92cbde7da803faaf6c1f47c8df4f7b55e26683751009ea099270367562eba56 | Triage

Sharing

General

Target

34c70052f3c856d6dcf84398775d1ea1
Size

506KB
Sample

231225-w61m1adahj
MD5

34c70052f3c856d6dcf84398775d1ea1
SHA1

512246cfb490e31d955f10feb7e3c354d5cfdd26
SHA256

b92cbde7da803faaf6c1f47c8df4f7b55e26683751009ea099270367562eba56
SHA512

ec5db2c8067ca5d5937494e6c975ef167e37d224bb8e4ad0a827b1fce91d3897fc5decd8e4952c19475f73cc750b0f94bb9735dbe8c9718116aa89ac844d05a3
SSDEEP

12288:wpPRpX9VgKYCMev+NIfxeCZV1Xym+uvoHXK3iKC8QzO0N:oX3g/CMcuwlZV1izJ0iHa0N

Score

7^/10

Malware Config

Targets

- Target
  
  34c70052f3c856d6dcf84398775d1ea1
- Size
  
  506KB
- MD5
  
  34c70052f3c856d6dcf84398775d1ea1
- SHA1
  
  512246cfb490e31d955f10feb7e3c354d5cfdd26
- SHA256
  
  b92cbde7da803faaf6c1f47c8df4f7b55e26683751009ea099270367562eba56
- SHA512
  
  ec5db2c8067ca5d5937494e6c975ef167e37d224bb8e4ad0a827b1fce91d3897fc5decd8e4952c19475f73cc750b0f94bb9735dbe8c9718116aa89ac844d05a3
- SSDEEP
  
  12288:wpPRpX9VgKYCMev+NIfxeCZV1Xym+uvoHXK3iKC8QzO0N:oX3g/CMcuwlZV1izJ0iHa0N
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2