bcb0eaccdf6398fb362f5bcd2e9bca7ec5b3f5d0e48aaa30905c23ea90e595e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

189616557cd637c997be0d999b65f7e2
Size

797KB
Sample

231230-pp1s4shdaj
MD5

189616557cd637c997be0d999b65f7e2
SHA1

2d7bdbc0594bb199c7f629819a75064fad572fea
SHA256

bcb0eaccdf6398fb362f5bcd2e9bca7ec5b3f5d0e48aaa30905c23ea90e595e9
SHA512

80480f61ddab0f293036d28b04b9095f462ed2166ae484903d5f89a2924415420db3d12da65faaef783c83bec348bfc84d8c999757dcc81a78006419e9d42a26
SSDEEP

12288:wbb9G/OVkDo3dMA1q1CgtQisSqikdnVrECaBwQ2tb5JLrnyl8:wbb9G/OVkDSMA1rgtQisS7Yn61B+5vM8

Score

7^/10

Malware Config

Targets

- Target
  
  189616557cd637c997be0d999b65f7e2
- Size
  
  797KB
- MD5
  
  189616557cd637c997be0d999b65f7e2
- SHA1
  
  2d7bdbc0594bb199c7f629819a75064fad572fea
- SHA256
  
  bcb0eaccdf6398fb362f5bcd2e9bca7ec5b3f5d0e48aaa30905c23ea90e595e9
- SHA512
  
  80480f61ddab0f293036d28b04b9095f462ed2166ae484903d5f89a2924415420db3d12da65faaef783c83bec348bfc84d8c999757dcc81a78006419e9d42a26
- SSDEEP
  
  12288:wbb9G/OVkDo3dMA1q1CgtQisSqikdnVrECaBwQ2tb5JLrnyl8:wbb9G/OVkDSMA1rgtQisS7Yn61B+5vM8
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2