1e32e1e5e824594eb7f28ae6619da98bc98a8aacac89e1239b53f08c8ebc47ea | Triage

Sharing

General

Target

064da46e7e57755a33c23ef634d20bed
Size

1000KB
Sample

231229-2xs5fsdde4
MD5

064da46e7e57755a33c23ef634d20bed
SHA1

69111a99f9a83a10f6f96fac1da0bb3774a83f0d
SHA256

1e32e1e5e824594eb7f28ae6619da98bc98a8aacac89e1239b53f08c8ebc47ea
SHA512

25e3b6999a52c0ca2cd9906337bad83115e646285c3048a69eacc06d98bb7b795f3e7466a952719c69d58accc5853a63c059551a8601719fffa1c814638c35a0
SSDEEP

12288:v18jINxeSqF/M6AkfFoI47UH4r5/D+ctvVYb4ECaBwQ2tb5JLrnylUPqt0gHDS7O:5zqFFAiLGt/C22r1B+5vMiqt0gj2ed

Score

7^/10

Malware Config

Targets

- Target
  
  064da46e7e57755a33c23ef634d20bed
- Size
  
  1000KB
- MD5
  
  064da46e7e57755a33c23ef634d20bed
- SHA1
  
  69111a99f9a83a10f6f96fac1da0bb3774a83f0d
- SHA256
  
  1e32e1e5e824594eb7f28ae6619da98bc98a8aacac89e1239b53f08c8ebc47ea
- SHA512
  
  25e3b6999a52c0ca2cd9906337bad83115e646285c3048a69eacc06d98bb7b795f3e7466a952719c69d58accc5853a63c059551a8601719fffa1c814638c35a0
- SSDEEP
  
  12288:v18jINxeSqF/M6AkfFoI47UH4r5/D+ctvVYb4ECaBwQ2tb5JLrnylUPqt0gHDS7O:5zqFFAiLGt/C22r1B+5vMiqt0gj2ed
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2