e149eb4f165b259fabd4c18e8720f40904aa98b5dd2dae622319144f954b88b0 | Triage

Sharing

General

Target

021e9810fcef193d1f553301d513226c
Size

506KB
Sample

231229-yfrcradgfm
MD5

021e9810fcef193d1f553301d513226c
SHA1

5fbbb6bc7a92d025fbe3d2dabac8a28e66d2807d
SHA256

e149eb4f165b259fabd4c18e8720f40904aa98b5dd2dae622319144f954b88b0
SHA512

516b68a722ad4d4e67f5b1487847c342acf6c4337c1d207b10eab41bc1c7d3b73b1be237dd40b7da98c9e8ce5fa2b47c07ffe58e29140cda76258b3e09508088
SSDEEP

12288:XR48HxmCJJjD9K0DF/MaV5pQL71z3GstTcIkdN4HUPdE:XyExmUt7DxTnpWTGBIkL4HUPW

Score

7^/10

Malware Config

Targets

- Target
  
  021e9810fcef193d1f553301d513226c
- Size
  
  506KB
- MD5
  
  021e9810fcef193d1f553301d513226c
- SHA1
  
  5fbbb6bc7a92d025fbe3d2dabac8a28e66d2807d
- SHA256
  
  e149eb4f165b259fabd4c18e8720f40904aa98b5dd2dae622319144f954b88b0
- SHA512
  
  516b68a722ad4d4e67f5b1487847c342acf6c4337c1d207b10eab41bc1c7d3b73b1be237dd40b7da98c9e8ce5fa2b47c07ffe58e29140cda76258b3e09508088
- SSDEEP
  
  12288:XR48HxmCJJjD9K0DF/MaV5pQL71z3GstTcIkdN4HUPdE:XyExmUt7DxTnpWTGBIkL4HUPW
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2