cbc8fae703eb3747070657632114f0b7e1ae64b0f9455b18b37433dcf85241b7 | Triage

Sharing

General

Target

75d06019796327a448641d0605ee0e74
Size

1000KB
Sample

231226-rwfsmafdcj
MD5

75d06019796327a448641d0605ee0e74
SHA1

a5186fb889c327a6b4d5a19098f5758634984955
SHA256

cbc8fae703eb3747070657632114f0b7e1ae64b0f9455b18b37433dcf85241b7
SHA512

3e8146a06714286e5fedfa02b5736261a08f3fe34ef19011a17df5f20cb51624ec0d832581491500b7308d9fb2cf1b55e1fc2c215c02154fc5109a27c1a4ef76
SSDEEP

24576:WW88yy3TWrZX4K/tYjsRciCW4F5NrZHiJ81B+5vMiqt0gj2ed:WjaWo3j7LDNrZHiJeqOL

Score

7^/10

Malware Config

Targets

- Target
  
  75d06019796327a448641d0605ee0e74
- Size
  
  1000KB
- MD5
  
  75d06019796327a448641d0605ee0e74
- SHA1
  
  a5186fb889c327a6b4d5a19098f5758634984955
- SHA256
  
  cbc8fae703eb3747070657632114f0b7e1ae64b0f9455b18b37433dcf85241b7
- SHA512
  
  3e8146a06714286e5fedfa02b5736261a08f3fe34ef19011a17df5f20cb51624ec0d832581491500b7308d9fb2cf1b55e1fc2c215c02154fc5109a27c1a4ef76
- SSDEEP
  
  24576:WW88yy3TWrZX4K/tYjsRciCW4F5NrZHiJ81B+5vMiqt0gj2ed:WjaWo3j7LDNrZHiJeqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2