46fa192a1d9ca55469fdb86ac31e9da1afcc3172a3ee3176e2e64e13f9fccc24 | Triage

Sharing

General

Target

1927c1eb9a37e164c5f6f28a60522c2b
Size

1000KB
Sample

231230-p5jjrseec5
MD5

1927c1eb9a37e164c5f6f28a60522c2b
SHA1

502bc069bda24be2f30829b7d999d92911487dff
SHA256

46fa192a1d9ca55469fdb86ac31e9da1afcc3172a3ee3176e2e64e13f9fccc24
SHA512

61f3d819ced38d78e7e47204b68e3022835a629152e6ce912320c258c8dca3b959df6faeee8271fdead1dd0c5d184c82280d88c384d65c8a487cf7e209b23c74
SSDEEP

24576:EZVRW8PL1gE3eu0TgiJgxy1B+5vMiqt0gj2ed:gHRgSci2qOL

Score

7^/10

Malware Config

Targets

- Target
  
  1927c1eb9a37e164c5f6f28a60522c2b
- Size
  
  1000KB
- MD5
  
  1927c1eb9a37e164c5f6f28a60522c2b
- SHA1
  
  502bc069bda24be2f30829b7d999d92911487dff
- SHA256
  
  46fa192a1d9ca55469fdb86ac31e9da1afcc3172a3ee3176e2e64e13f9fccc24
- SHA512
  
  61f3d819ced38d78e7e47204b68e3022835a629152e6ce912320c258c8dca3b959df6faeee8271fdead1dd0c5d184c82280d88c384d65c8a487cf7e209b23c74
- SSDEEP
  
  24576:EZVRW8PL1gE3eu0TgiJgxy1B+5vMiqt0gj2ed:gHRgSci2qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2