2bc24cbf8f50f387b5af3891a19572250ca3086a94fa2810c014a4dfcd01f1af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32606c632026dd79d343c1e659eec7d7
Size

1000KB
Sample

231225-wf7zdsadg8
MD5

32606c632026dd79d343c1e659eec7d7
SHA1

5a0245be1c4a8843d090dab6124bffc7bd5596ae
SHA256

2bc24cbf8f50f387b5af3891a19572250ca3086a94fa2810c014a4dfcd01f1af
SHA512

a2d94db2e2a0f6a94d55a217e7235a955f9a53814191e9ae7095a6431dcd688d87ad17e69eb0febcae7bf81135065944594bf239671bfe8817b7b47be773ddd7
SSDEEP

24576:cmMzki4UndElqfzxPXkBuLoBqUKbP1B+5vMiqt0gj2ed:cZfdndESzdUBbwPqOL

Score

7^/10

Malware Config

Targets

- Target
  
  32606c632026dd79d343c1e659eec7d7
- Size
  
  1000KB
- MD5
  
  32606c632026dd79d343c1e659eec7d7
- SHA1
  
  5a0245be1c4a8843d090dab6124bffc7bd5596ae
- SHA256
  
  2bc24cbf8f50f387b5af3891a19572250ca3086a94fa2810c014a4dfcd01f1af
- SHA512
  
  a2d94db2e2a0f6a94d55a217e7235a955f9a53814191e9ae7095a6431dcd688d87ad17e69eb0febcae7bf81135065944594bf239671bfe8817b7b47be773ddd7
- SSDEEP
  
  24576:cmMzki4UndElqfzxPXkBuLoBqUKbP1B+5vMiqt0gj2ed:cZfdndESzdUBbwPqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2