d88692d091030e7806a28279dade0318f7320b729e1b8f218e589e9fea86630d | Triage

Sharing

General

Target

175354093d091b749e92fea3d7e0c413
Size

506KB
Sample

231230-nrwfqscba2
MD5

175354093d091b749e92fea3d7e0c413
SHA1

4044aa2ab5546341e60fe9dcebc5dc251935572e
SHA256

d88692d091030e7806a28279dade0318f7320b729e1b8f218e589e9fea86630d
SHA512

b9b69293100f2d8edbc8bb2b1d828d65587ffb5c6a27a200dfa030b40b11dc7459d0ca585271c4e2b18ad3b750b01e4a6f1a593e7b5cf1a39e9ebb14e2ca5e40
SSDEEP

12288:Ofw+Rfhb8Cy97SkFkJgotJwcvIln4waOXA+9t:NKfl8V9FpqWlnmelP

Score

7^/10

Malware Config

Targets

- Target
  
  175354093d091b749e92fea3d7e0c413
- Size
  
  506KB
- MD5
  
  175354093d091b749e92fea3d7e0c413
- SHA1
  
  4044aa2ab5546341e60fe9dcebc5dc251935572e
- SHA256
  
  d88692d091030e7806a28279dade0318f7320b729e1b8f218e589e9fea86630d
- SHA512
  
  b9b69293100f2d8edbc8bb2b1d828d65587ffb5c6a27a200dfa030b40b11dc7459d0ca585271c4e2b18ad3b750b01e4a6f1a593e7b5cf1a39e9ebb14e2ca5e40
- SSDEEP
  
  12288:Ofw+Rfhb8Cy97SkFkJgotJwcvIln4waOXA+9t:NKfl8V9FpqWlnmelP
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2