80e9e7449c8c03d33415b2a4a3233fa1ed740126ff510a3e4112b5d36b3fc600 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c0590d5e5bfc6459e91fa05dac21d6b
Size

241KB
Sample

231230-c64vwaedak
MD5

0c0590d5e5bfc6459e91fa05dac21d6b
SHA1

b58d4b82d2625e7dae6de6d4d40aea629d584147
SHA256

80e9e7449c8c03d33415b2a4a3233fa1ed740126ff510a3e4112b5d36b3fc600
SHA512

5e9a26a749e9547a6279d976bbaeabc1cbe561e3b9fa292d2bfbec3822e1860629c6705ffda8bec4d217352968ee61fd081ecefbe2c468656a23919a148986c5
SSDEEP

6144:SV6Et2v1tA8HUm0iZUKCIB/iUc9OFF7DD3cokrr:86EML9HBXZUKtKU0e7vEr

Score

7^/10

Malware Config

Targets

- Target
  
  0c0590d5e5bfc6459e91fa05dac21d6b
- Size
  
  241KB
- MD5
  
  0c0590d5e5bfc6459e91fa05dac21d6b
- SHA1
  
  b58d4b82d2625e7dae6de6d4d40aea629d584147
- SHA256
  
  80e9e7449c8c03d33415b2a4a3233fa1ed740126ff510a3e4112b5d36b3fc600
- SHA512
  
  5e9a26a749e9547a6279d976bbaeabc1cbe561e3b9fa292d2bfbec3822e1860629c6705ffda8bec4d217352968ee61fd081ecefbe2c468656a23919a148986c5
- SSDEEP
  
  6144:SV6Et2v1tA8HUm0iZUKCIB/iUc9OFF7DD3cokrr:86EML9HBXZUKtKU0e7vEr
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2