395ccab44bba8f6aec316dc0162e7ba427cfa1a55f0904257bc3dc5ebcde9d28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d611b4643f0237404815381c532b56a
Size

1000KB
Sample

231225-z95mxadebj
MD5

3d611b4643f0237404815381c532b56a
SHA1

3b22036334e3ee8400d10ed0800221e230d126c8
SHA256

395ccab44bba8f6aec316dc0162e7ba427cfa1a55f0904257bc3dc5ebcde9d28
SHA512

b4739862b35fc40fc37e1db39a6cc1f1d0fb43ef5477f77546d4855654ff7d1537fe7315c27cf8806b26817e426071069fdaab8a98e0586536152e7de135b84f
SSDEEP

24576:Te4qONuSta4dZWfFHgd1B+5vMiqt0gj2ed:6OhaKZQFHgRqOL

Score

7^/10

Malware Config

Targets

- Target
  
  3d611b4643f0237404815381c532b56a
- Size
  
  1000KB
- MD5
  
  3d611b4643f0237404815381c532b56a
- SHA1
  
  3b22036334e3ee8400d10ed0800221e230d126c8
- SHA256
  
  395ccab44bba8f6aec316dc0162e7ba427cfa1a55f0904257bc3dc5ebcde9d28
- SHA512
  
  b4739862b35fc40fc37e1db39a6cc1f1d0fb43ef5477f77546d4855654ff7d1537fe7315c27cf8806b26817e426071069fdaab8a98e0586536152e7de135b84f
- SSDEEP
  
  24576:Te4qONuSta4dZWfFHgd1B+5vMiqt0gj2ed:6OhaKZQFHgRqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2