9f02b398a549ec2641a7db9ab6884079b655711573546fdbe88927a6346c32f6 | Triage

Sharing

General

Target

7df61838058ffcde6ef9f7ae8c216ad7
Size

241KB
Sample

231226-vb6p4adcfm
MD5

7df61838058ffcde6ef9f7ae8c216ad7
SHA1

dba4306f4e1645e2b1e653d186939b1437683fa7
SHA256

9f02b398a549ec2641a7db9ab6884079b655711573546fdbe88927a6346c32f6
SHA512

196d16d01007e2af8881543aa0e2e89f7000cf0be8b6f4e81ec9dd59f42a30cd21ce35296e64f577527dd329bdd5bcbe1821e2a452d2a81cbe3c2f62692958b4
SSDEEP

6144:GnWOQl3YM4I5rtPJnHkYlCCphfA7VjXD/L:yWOQloMDJJHkYIAC7VjXD/L

Score

7^/10

Malware Config

Targets

- Target
  
  7df61838058ffcde6ef9f7ae8c216ad7
- Size
  
  241KB
- MD5
  
  7df61838058ffcde6ef9f7ae8c216ad7
- SHA1
  
  dba4306f4e1645e2b1e653d186939b1437683fa7
- SHA256
  
  9f02b398a549ec2641a7db9ab6884079b655711573546fdbe88927a6346c32f6
- SHA512
  
  196d16d01007e2af8881543aa0e2e89f7000cf0be8b6f4e81ec9dd59f42a30cd21ce35296e64f577527dd329bdd5bcbe1821e2a452d2a81cbe3c2f62692958b4
- SSDEEP
  
  6144:GnWOQl3YM4I5rtPJnHkYlCCphfA7VjXD/L:yWOQloMDJJHkYIAC7VjXD/L
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2