d72394aa84ed1e5f2ec7ffcbad6c55f30d458b3a7541b3deb738181b33b5384b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12184bc8bd896cedb359dcaa061b982e
Size

506KB
Sample

231230-h9hdyadad9
MD5

12184bc8bd896cedb359dcaa061b982e
SHA1

5ea90b5e60a7fdb82fc6ed8029d914697514d83e
SHA256

d72394aa84ed1e5f2ec7ffcbad6c55f30d458b3a7541b3deb738181b33b5384b
SHA512

4aa1f0d92151af749c6c88c9df478a031dcb454efadf0612d40b3c9112c3e6aa53c35b952d0cd6c3f7e4cec1f217d269fc1a971152c1bd3374b433f074983938
SSDEEP

12288:tKckhOw8MbDIhzQkcx7LUB0SMRvdZieHpKWE:tKcNRMbD4zQkcx7yMrZbc

Score

7^/10

Malware Config

Targets

- Target
  
  12184bc8bd896cedb359dcaa061b982e
- Size
  
  506KB
- MD5
  
  12184bc8bd896cedb359dcaa061b982e
- SHA1
  
  5ea90b5e60a7fdb82fc6ed8029d914697514d83e
- SHA256
  
  d72394aa84ed1e5f2ec7ffcbad6c55f30d458b3a7541b3deb738181b33b5384b
- SHA512
  
  4aa1f0d92151af749c6c88c9df478a031dcb454efadf0612d40b3c9112c3e6aa53c35b952d0cd6c3f7e4cec1f217d269fc1a971152c1bd3374b433f074983938
- SSDEEP
  
  12288:tKckhOw8MbDIhzQkcx7LUB0SMRvdZieHpKWE:tKcNRMbD4zQkcx7yMrZbc
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2