8bc3cf451e48897ff36f1b5d3d39b3ccb94087080899b7e6214976bac8bf9011 | Triage

Sharing

General

Target

69f949c7258cf160e3bbeb76a9b56ddf
Size

1012KB
Sample

231226-nbmtnacdg5
MD5

69f949c7258cf160e3bbeb76a9b56ddf
SHA1

5081e419aae8f7e55f9c7cf2b946bb85e69fb6d9
SHA256

8bc3cf451e48897ff36f1b5d3d39b3ccb94087080899b7e6214976bac8bf9011
SHA512

ec94f2c7b7d345353e0c49023c71d31bf80569af9c9c638b90367c6f624a83bcd11fc97ffdf0c99e368f36e0530b4dbff0c6fa6f3f49ccede2f9d88274a20f16
SSDEEP

24576:aa3Lf5FvtWD71WlMRlZ1B+5vMiqt0gj2eR:a+dFvsW+RjqO7

Score

7^/10

Malware Config

Targets

- Target
  
  69f949c7258cf160e3bbeb76a9b56ddf
- Size
  
  1012KB
- MD5
  
  69f949c7258cf160e3bbeb76a9b56ddf
- SHA1
  
  5081e419aae8f7e55f9c7cf2b946bb85e69fb6d9
- SHA256
  
  8bc3cf451e48897ff36f1b5d3d39b3ccb94087080899b7e6214976bac8bf9011
- SHA512
  
  ec94f2c7b7d345353e0c49023c71d31bf80569af9c9c638b90367c6f624a83bcd11fc97ffdf0c99e368f36e0530b4dbff0c6fa6f3f49ccede2f9d88274a20f16
- SSDEEP
  
  24576:aa3Lf5FvtWD71WlMRlZ1B+5vMiqt0gj2eR:a+dFvsW+RjqO7
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2