65ba145144d2774f27831092bb0cbb8f5edc96cf2c7942d9d27e4ff68ef1f207 | Triage

Sharing

General

Target

323d13dce25354763f61c519e2d7ac51
Size

506KB
Sample

231225-we1tpagcgl
MD5

323d13dce25354763f61c519e2d7ac51
SHA1

9b557761faae06a61627b967cbfd82185fdb98f5
SHA256

65ba145144d2774f27831092bb0cbb8f5edc96cf2c7942d9d27e4ff68ef1f207
SHA512

bc53e315fd1306c22e6acb5187c88d03b1247a798dea5bb157b2609924b21c046b6babff1de7d5e3306ff6f117ca8d3ed67f3a5998fa4220c7a306637f80f74a
SSDEEP

12288:6xkPI57x9j62K087u+KMsA7XOThsJSgiSs5pF:6xkPIdx9jIv7u+RsAOGupF

Score

7^/10

Malware Config

Targets

- Target
  
  323d13dce25354763f61c519e2d7ac51
- Size
  
  506KB
- MD5
  
  323d13dce25354763f61c519e2d7ac51
- SHA1
  
  9b557761faae06a61627b967cbfd82185fdb98f5
- SHA256
  
  65ba145144d2774f27831092bb0cbb8f5edc96cf2c7942d9d27e4ff68ef1f207
- SHA512
  
  bc53e315fd1306c22e6acb5187c88d03b1247a798dea5bb157b2609924b21c046b6babff1de7d5e3306ff6f117ca8d3ed67f3a5998fa4220c7a306637f80f74a
- SSDEEP
  
  12288:6xkPI57x9j62K087u+KMsA7XOThsJSgiSs5pF:6xkPIdx9jIv7u+RsAOGupF
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2