5c02382b53999a9ea66b632e708a717077cf0c2cb2023698d3c29e83d6324a00 | Triage

Sharing

General

Target

0457c6bf851f140d591f32f097b16fb0
Size

1000KB
Sample

231229-z71k6sgba7
MD5

0457c6bf851f140d591f32f097b16fb0
SHA1

cf6923e31dcc7c0f0f8f9d3cf3cf81cc7dbeadbc
SHA256

5c02382b53999a9ea66b632e708a717077cf0c2cb2023698d3c29e83d6324a00
SHA512

c6356e103b06877c38134892c4e11312b3e278c91fbe4fc3702ccaa7cd7b9e0493f9be41dc0ed64d89d0a140e1f630892a35ee695b55f7e5e17e2540b44c0759
SSDEEP

24576:ExNmN2yYuQQXEJp6Z0U1uyjeZC1B+5vMiqt0gj2ed:E5y1NXGIZfqOL

Score

7^/10

Malware Config

Targets

- Target
  
  0457c6bf851f140d591f32f097b16fb0
- Size
  
  1000KB
- MD5
  
  0457c6bf851f140d591f32f097b16fb0
- SHA1
  
  cf6923e31dcc7c0f0f8f9d3cf3cf81cc7dbeadbc
- SHA256
  
  5c02382b53999a9ea66b632e708a717077cf0c2cb2023698d3c29e83d6324a00
- SHA512
  
  c6356e103b06877c38134892c4e11312b3e278c91fbe4fc3702ccaa7cd7b9e0493f9be41dc0ed64d89d0a140e1f630892a35ee695b55f7e5e17e2540b44c0759
- SSDEEP
  
  24576:ExNmN2yYuQQXEJp6Z0U1uyjeZC1B+5vMiqt0gj2ed:E5y1NXGIZfqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2