41d03ffe08056e401416800e77e2b6345812937778d696f96fc3ea8e3e34dc0c | Triage

Sharing

General

Target

0343e10403bfb842d91e71c0a127502b
Size

506KB
Sample

231229-zcb94ageg8
MD5

0343e10403bfb842d91e71c0a127502b
SHA1

3ac7c13e34904dd321c277285e4cc378f1415fa6
SHA256

41d03ffe08056e401416800e77e2b6345812937778d696f96fc3ea8e3e34dc0c
SHA512

346e3509d97d8a173b934a1791466fc036613c3493c3e308834aee6c908d691798e0c2eecc7fdb4cb835e78143e409197f5e60749a5869014d5c2636a7305d2d
SSDEEP

6144:k4R+mwRSejONTL6S/cRW1H5W89hRXDj7yIRbhiH33mpa6ZGoir7lIOsUvfwVUCQx:k0+7JjOq0XRbxvyISnQRDpapnw+

Score

7^/10

Malware Config

Targets

- Target
  
  0343e10403bfb842d91e71c0a127502b
- Size
  
  506KB
- MD5
  
  0343e10403bfb842d91e71c0a127502b
- SHA1
  
  3ac7c13e34904dd321c277285e4cc378f1415fa6
- SHA256
  
  41d03ffe08056e401416800e77e2b6345812937778d696f96fc3ea8e3e34dc0c
- SHA512
  
  346e3509d97d8a173b934a1791466fc036613c3493c3e308834aee6c908d691798e0c2eecc7fdb4cb835e78143e409197f5e60749a5869014d5c2636a7305d2d
- SSDEEP
  
  6144:k4R+mwRSejONTL6S/cRW1H5W89hRXDj7yIRbhiH33mpa6ZGoir7lIOsUvfwVUCQx:k0+7JjOq0XRbxvyISnQRDpapnw+
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2