bb945e290e188a14caa7767c1a07bfaa13300c0b75fb29b8f2b66dab904df971 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

722626adacf7f226afec53fea992d6e3
Size

1012KB
Sample

231226-qm875saeh3
MD5

722626adacf7f226afec53fea992d6e3
SHA1

9126d42c538390a5afbc810a85e56f9fa8cfb84f
SHA256

bb945e290e188a14caa7767c1a07bfaa13300c0b75fb29b8f2b66dab904df971
SHA512

335d180491d5414db92d1ad6ca775d2b9b09d1658d76e269648b364b4043f6d6ebe89ba876fe3e822eb98e3d101f58c2a2143be850b531d18b1d7d3381da1488
SSDEEP

12288:+6WA01RCBwShBQWg/80t+4752WzZBTCBi6TECaBwQ2tb5JLrnylUPqt0gHDS7eyC:+6Yw6/9tNXzZBmBdI1B+5vMiqt0gj2eR

Score

7^/10

Malware Config

Targets

- Target
  
  722626adacf7f226afec53fea992d6e3
- Size
  
  1012KB
- MD5
  
  722626adacf7f226afec53fea992d6e3
- SHA1
  
  9126d42c538390a5afbc810a85e56f9fa8cfb84f
- SHA256
  
  bb945e290e188a14caa7767c1a07bfaa13300c0b75fb29b8f2b66dab904df971
- SHA512
  
  335d180491d5414db92d1ad6ca775d2b9b09d1658d76e269648b364b4043f6d6ebe89ba876fe3e822eb98e3d101f58c2a2143be850b531d18b1d7d3381da1488
- SSDEEP
  
  12288:+6WA01RCBwShBQWg/80t+4752WzZBTCBi6TECaBwQ2tb5JLrnylUPqt0gHDS7eyC:+6Yw6/9tNXzZBmBdI1B+5vMiqt0gj2eR
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2