81cd6bad5f4c291ae15a96271785284afd1ea30aa312e2caa30bd9325e073e89 | Triage

Sharing

General

Target

6778e628f8882ea1823292fc6c35c2f9
Size

241KB
Sample

231226-mkkvzsfhf4
MD5

6778e628f8882ea1823292fc6c35c2f9
SHA1

c2ae4ad9dbc4933ca87ca4affd40a6d8758cfafb
SHA256

81cd6bad5f4c291ae15a96271785284afd1ea30aa312e2caa30bd9325e073e89
SHA512

0abd68f0e229603d60a0780565d59f5694bb6420f2923a7f56d3b9b4b1e90b89e2763396f186caa846cea0ab932b814fddd4c044cad21a21497371f243b34070
SSDEEP

6144:MIQS/DEvjOxZ5Bo+g0TcjiQPBtc5w/VceYDFgo:M/S7EvyxTBoWTGiEBtcydrYDF

Score

7^/10

Malware Config

Targets

- Target
  
  6778e628f8882ea1823292fc6c35c2f9
- Size
  
  241KB
- MD5
  
  6778e628f8882ea1823292fc6c35c2f9
- SHA1
  
  c2ae4ad9dbc4933ca87ca4affd40a6d8758cfafb
- SHA256
  
  81cd6bad5f4c291ae15a96271785284afd1ea30aa312e2caa30bd9325e073e89
- SHA512
  
  0abd68f0e229603d60a0780565d59f5694bb6420f2923a7f56d3b9b4b1e90b89e2763396f186caa846cea0ab932b814fddd4c044cad21a21497371f243b34070
- SSDEEP
  
  6144:MIQS/DEvjOxZ5Bo+g0TcjiQPBtc5w/VceYDFgo:M/S7EvyxTBoWTGiEBtcydrYDF
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2