11369473761fa73d1d9fe871dd38c3f60d8acad6a61a22af689cac977bb5b52f | Triage

Sharing

General

Target

0827c10be40044380212a63f30f10c0f
Size

241KB
Sample

231230-ah1gfaegdl
MD5

0827c10be40044380212a63f30f10c0f
SHA1

65ce8d027b9db004355133fbb3ff19f5bcdd01d9
SHA256

11369473761fa73d1d9fe871dd38c3f60d8acad6a61a22af689cac977bb5b52f
SHA512

2d7eb2031095d0bf8e9cb9c995ae6841239aada797c3fbe20af6d2f815a38260eda9ed8e0ad1ba47f5fb25042849e5af983f1836efc7705d7953589490ae49e0
SSDEEP

6144:6yKjcU0Xjql8QgAOzgzVOn1IQ5Zz9fO0R882PJpVd1a60xebrI:6njcU0jC8Q+QOCQb5mIExwybU

Score

7^/10

Malware Config

Targets

- Target
  
  0827c10be40044380212a63f30f10c0f
- Size
  
  241KB
- MD5
  
  0827c10be40044380212a63f30f10c0f
- SHA1
  
  65ce8d027b9db004355133fbb3ff19f5bcdd01d9
- SHA256
  
  11369473761fa73d1d9fe871dd38c3f60d8acad6a61a22af689cac977bb5b52f
- SHA512
  
  2d7eb2031095d0bf8e9cb9c995ae6841239aada797c3fbe20af6d2f815a38260eda9ed8e0ad1ba47f5fb25042849e5af983f1836efc7705d7953589490ae49e0
- SSDEEP
  
  6144:6yKjcU0Xjql8QgAOzgzVOn1IQ5Zz9fO0R882PJpVd1a60xebrI:6njcU0jC8Q+QOCQb5mIExwybU
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2