ad6b4dbd4701b644af4f331415d69411cd4b3776dd8c170e0d894aa78a78c7ad | Triage

Sharing

General

Target

12adb177c48eada83865000dfe88fd03
Size

1000KB
Sample

231230-jqy31seceq
MD5

12adb177c48eada83865000dfe88fd03
SHA1

fc9273c0bfa2b78280ddbf1daf8e6ca0bb4a03d2
SHA256

ad6b4dbd4701b644af4f331415d69411cd4b3776dd8c170e0d894aa78a78c7ad
SHA512

81749d835156accf6b69875bc6b169a4dfa194f7fc9a3b55f321b25b06fcf48cc44e488d72b245db6fc7680329d10931ad677b8574cce5b28edd21fa9a9eb733
SSDEEP

12288:z3hi8EkdBuF2x8NDurOvYKJx/U+ZjKsb7hTgS5ECaBwQ2tb5JLrnylUPqt0gHDSS:sTkLuYx4oOjjKElgL1B+5vMiqt0gj2ed

Score

7^/10

Malware Config

Targets

- Target
  
  12adb177c48eada83865000dfe88fd03
- Size
  
  1000KB
- MD5
  
  12adb177c48eada83865000dfe88fd03
- SHA1
  
  fc9273c0bfa2b78280ddbf1daf8e6ca0bb4a03d2
- SHA256
  
  ad6b4dbd4701b644af4f331415d69411cd4b3776dd8c170e0d894aa78a78c7ad
- SHA512
  
  81749d835156accf6b69875bc6b169a4dfa194f7fc9a3b55f321b25b06fcf48cc44e488d72b245db6fc7680329d10931ad677b8574cce5b28edd21fa9a9eb733
- SSDEEP
  
  12288:z3hi8EkdBuF2x8NDurOvYKJx/U+ZjKsb7hTgS5ECaBwQ2tb5JLrnylUPqt0gHDSS:sTkLuYx4oOjjKElgL1B+5vMiqt0gj2ed
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2