3738d77978fe4cb67330b550080a51483a29ac76a307dcd6f1020c76dd5c9b78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f07ab7978733df9b27803eed75f1702
Size

506KB
Sample

231230-ffrdmsaff5
MD5

0f07ab7978733df9b27803eed75f1702
SHA1

12cb38ad624d7e104beea9df17b442b95628e9f8
SHA256

3738d77978fe4cb67330b550080a51483a29ac76a307dcd6f1020c76dd5c9b78
SHA512

6161af3b22b110069dffba1ada04ccc128978e2797c9dbe6ea10f48384bab05aeb77f1743abc38bccbfc24bda0c3d81e82fc4f773d1d06e6fe7785bbf057e720
SSDEEP

6144:tEKsUKBG5PtKh98P6hmLs7scvbThGeWSjm2a/4W+ghVUmBsJfcTh:t98kqoko4vb1vWRR+gEmm2

Score

7^/10

Malware Config

Targets

- Target
  
  0f07ab7978733df9b27803eed75f1702
- Size
  
  506KB
- MD5
  
  0f07ab7978733df9b27803eed75f1702
- SHA1
  
  12cb38ad624d7e104beea9df17b442b95628e9f8
- SHA256
  
  3738d77978fe4cb67330b550080a51483a29ac76a307dcd6f1020c76dd5c9b78
- SHA512
  
  6161af3b22b110069dffba1ada04ccc128978e2797c9dbe6ea10f48384bab05aeb77f1743abc38bccbfc24bda0c3d81e82fc4f773d1d06e6fe7785bbf057e720
- SSDEEP
  
  6144:tEKsUKBG5PtKh98P6hmLs7scvbThGeWSjm2a/4W+ghVUmBsJfcTh:t98kqoko4vb1vWRR+gEmm2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2