ef0be8f6fdec63bdb6e86f5e2df0e4529621699357fd368f9f101e24ffe40cb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ba8a0d502985f908e8082a56f73b10c
Size

241KB
Sample

231230-cx8gpsegd9
MD5

0ba8a0d502985f908e8082a56f73b10c
SHA1

90e9941234ec27c70a4077e2a69360878b21fca6
SHA256

ef0be8f6fdec63bdb6e86f5e2df0e4529621699357fd368f9f101e24ffe40cb3
SHA512

48b7f0fb02059bcb410a213293a901cd9213972f5425ad4acd425427f02397f09dce889a1b63d5a20e17b2a1cbd76452b6f94a6b92202ed9a851f9190b369e87
SSDEEP

6144:YYF9RIezJ0IE792X2zv5OAtdRptbHMbeJR:h9RIMh+9c2VOAtdLVH/3

Score

7^/10

Malware Config

Targets

- Target
  
  0ba8a0d502985f908e8082a56f73b10c
- Size
  
  241KB
- MD5
  
  0ba8a0d502985f908e8082a56f73b10c
- SHA1
  
  90e9941234ec27c70a4077e2a69360878b21fca6
- SHA256
  
  ef0be8f6fdec63bdb6e86f5e2df0e4529621699357fd368f9f101e24ffe40cb3
- SHA512
  
  48b7f0fb02059bcb410a213293a901cd9213972f5425ad4acd425427f02397f09dce889a1b63d5a20e17b2a1cbd76452b6f94a6b92202ed9a851f9190b369e87
- SSDEEP
  
  6144:YYF9RIezJ0IE792X2zv5OAtdRptbHMbeJR:h9RIMh+9c2VOAtdLVH/3
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2