ae9694451bd52e3180f9173063709045e131a49535ecf208833c27234b7355f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f5d4f4661dae519fa097e11fa5645cf
Size

1000KB
Sample

231230-22qj5ahchp
MD5

1f5d4f4661dae519fa097e11fa5645cf
SHA1

2448a5d485bf581f49444c83c5184b370d7b7232
SHA256

ae9694451bd52e3180f9173063709045e131a49535ecf208833c27234b7355f7
SHA512

aef435d37b0a98dd5500654500d4d431c70aa8156cd1e0464843c20be8724525ec2fedebdca48f3083cebab56300d628a30b6f4454f3e455c82374f3c79dae79
SSDEEP

24576:NsUwl2FkCK6h6mFhxOvm1B+5vMiqt0gj2ed:NstCkO4moEqOL

Score

7^/10

Malware Config

Targets

- Target
  
  1f5d4f4661dae519fa097e11fa5645cf
- Size
  
  1000KB
- MD5
  
  1f5d4f4661dae519fa097e11fa5645cf
- SHA1
  
  2448a5d485bf581f49444c83c5184b370d7b7232
- SHA256
  
  ae9694451bd52e3180f9173063709045e131a49535ecf208833c27234b7355f7
- SHA512
  
  aef435d37b0a98dd5500654500d4d431c70aa8156cd1e0464843c20be8724525ec2fedebdca48f3083cebab56300d628a30b6f4454f3e455c82374f3c79dae79
- SSDEEP
  
  24576:NsUwl2FkCK6h6mFhxOvm1B+5vMiqt0gj2ed:NstCkO4moEqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2