f1a74cd92ee19a47023b27f93a6ae4d935837a17d0da876e5f2e6968299ae092 | Triage

Sharing

General

Target

03ec023060ce5d7648f96eb62321a852
Size

1000KB
Sample

231229-zvqv7sabeq
MD5

03ec023060ce5d7648f96eb62321a852
SHA1

109215d44f431ab97b423b2f7153faf83f17daac
SHA256

f1a74cd92ee19a47023b27f93a6ae4d935837a17d0da876e5f2e6968299ae092
SHA512

8a03fe07c8fd20a5800e78949a6c5447bc7989c021f428446be88716d36c59b34ff8cd47463e56f097e0b13dc485ab6247d2e9957f7ef6f5ce165fafb2fe950b
SSDEEP

12288:XJljl//4QBUTEUaH20hc4x9vWXCApGXdECaBwQ2tb5JLrnylUPqt0gHDS7eyod:X/jZ/KEzWUhLpG1B+5vMiqt0gj2ed

Score

7^/10

Malware Config

Targets

- Target
  
  03ec023060ce5d7648f96eb62321a852
- Size
  
  1000KB
- MD5
  
  03ec023060ce5d7648f96eb62321a852
- SHA1
  
  109215d44f431ab97b423b2f7153faf83f17daac
- SHA256
  
  f1a74cd92ee19a47023b27f93a6ae4d935837a17d0da876e5f2e6968299ae092
- SHA512
  
  8a03fe07c8fd20a5800e78949a6c5447bc7989c021f428446be88716d36c59b34ff8cd47463e56f097e0b13dc485ab6247d2e9957f7ef6f5ce165fafb2fe950b
- SSDEEP
  
  12288:XJljl//4QBUTEUaH20hc4x9vWXCApGXdECaBwQ2tb5JLrnylUPqt0gHDS7eyod:X/jZ/KEzWUhLpG1B+5vMiqt0gj2ed
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2