381faecab7f720fdb06e35a03307c513e6f09b42c4f9acbb25e6a3e445679ed7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d4d9b10112a945160ed665f36912b17
Size

1000KB
Sample

231226-t5rmladff6
MD5

7d4d9b10112a945160ed665f36912b17
SHA1

b9152536424b5267967eec6697ef160946517dd9
SHA256

381faecab7f720fdb06e35a03307c513e6f09b42c4f9acbb25e6a3e445679ed7
SHA512

ebd5c59dbf3e23221aa577bf03bf196cac8037d586087b5a0ff797a512bd439fe2603e274711eebd9562e1d396c5a3068a33cdafd61e423fec987c1c99791f67
SSDEEP

24576:AcYQ6bw7MpS3//Bi7HE731B+5vMiqt0gj2ed:Ac0w7C4h26qOL

Score

7^/10

Malware Config

Targets

- Target
  
  7d4d9b10112a945160ed665f36912b17
- Size
  
  1000KB
- MD5
  
  7d4d9b10112a945160ed665f36912b17
- SHA1
  
  b9152536424b5267967eec6697ef160946517dd9
- SHA256
  
  381faecab7f720fdb06e35a03307c513e6f09b42c4f9acbb25e6a3e445679ed7
- SHA512
  
  ebd5c59dbf3e23221aa577bf03bf196cac8037d586087b5a0ff797a512bd439fe2603e274711eebd9562e1d396c5a3068a33cdafd61e423fec987c1c99791f67
- SSDEEP
  
  24576:AcYQ6bw7MpS3//Bi7HE731B+5vMiqt0gj2ed:Ac0w7C4h26qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2