63ed7ac0b8e00808ec929abb087f9f4b658d51f8e1912ecae3f52a7aa0f9802a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fadf8aecb2a87ef721708ef591b74317
Size

506KB
Sample

231228-1spe2aeff8
MD5

fadf8aecb2a87ef721708ef591b74317
SHA1

d23c8f7b57158f8894f9762c2fa847c08a0966d2
SHA256

63ed7ac0b8e00808ec929abb087f9f4b658d51f8e1912ecae3f52a7aa0f9802a
SHA512

96c34ac31aa2e7092cb72b73597cd28d3da00a8c2ac35177cc55adb58a36eab94b913b2bd4805b94dd1860911ec11d1e121dfa89fc3698deeedce7163e9a817d
SSDEEP

12288:MV9B8EjYzMrk0tO9zM3k5EV2RtYTiTLshIqcYkcbU:MVAXMrA98juvqHvbU

Score

7^/10

Malware Config

Targets

- Target
  
  fadf8aecb2a87ef721708ef591b74317
- Size
  
  506KB
- MD5
  
  fadf8aecb2a87ef721708ef591b74317
- SHA1
  
  d23c8f7b57158f8894f9762c2fa847c08a0966d2
- SHA256
  
  63ed7ac0b8e00808ec929abb087f9f4b658d51f8e1912ecae3f52a7aa0f9802a
- SHA512
  
  96c34ac31aa2e7092cb72b73597cd28d3da00a8c2ac35177cc55adb58a36eab94b913b2bd4805b94dd1860911ec11d1e121dfa89fc3698deeedce7163e9a817d
- SSDEEP
  
  12288:MV9B8EjYzMrk0tO9zM3k5EV2RtYTiTLshIqcYkcbU:MVAXMrA98juvqHvbU
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2