5050a8512c5e1751256b1630f12ddcca312d39c12f946ddb8d2ef1aedfd93366 | Triage

Sharing

General

Target

0b6676091b74c9af31d4449ed02c9c63
Size

385KB
Sample

231230-crlqradbf9
MD5

0b6676091b74c9af31d4449ed02c9c63
SHA1

a1ad07902fcad2fd40a5138ce0c34ba9dc1621b3
SHA256

5050a8512c5e1751256b1630f12ddcca312d39c12f946ddb8d2ef1aedfd93366
SHA512

6e519681b2f037cf24b0c4ef13b5fa393c97217558df317ee34b15dca1f7dd3e3fefef1e09d75d8a841e9a1443c05a1a140dd3692d03acc701e6d992ff82764d
SSDEEP

6144:Rv7rQB28fQjOOwXDcGJTe78sLwkawiycycHuQ3QN8Ky6dbBekUW8Bx2d8TcuKxB:Rv7rQBiMTsrLwtycTK/yoUs+TcuGB

Score

7^/10

Malware Config

Targets

- Target
  
  0b6676091b74c9af31d4449ed02c9c63
- Size
  
  385KB
- MD5
  
  0b6676091b74c9af31d4449ed02c9c63
- SHA1
  
  a1ad07902fcad2fd40a5138ce0c34ba9dc1621b3
- SHA256
  
  5050a8512c5e1751256b1630f12ddcca312d39c12f946ddb8d2ef1aedfd93366
- SHA512
  
  6e519681b2f037cf24b0c4ef13b5fa393c97217558df317ee34b15dca1f7dd3e3fefef1e09d75d8a841e9a1443c05a1a140dd3692d03acc701e6d992ff82764d
- SSDEEP
  
  6144:Rv7rQB28fQjOOwXDcGJTe78sLwkawiycycHuQ3QN8Ky6dbBekUW8Bx2d8TcuKxB:Rv7rQBiMTsrLwtycTK/yoUs+TcuGB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2