3fed12732faa97a6eb567f450a72d816dd91e22af019915576c44815e2b33f39 | Triage

Sharing

General

Target

1b25806e73932bfb214bad72a89e78b5
Size

1000KB
Sample

231230-rk34saaad7
MD5

1b25806e73932bfb214bad72a89e78b5
SHA1

948db5eb6f44746e74b664e01df075a1bae20635
SHA256

3fed12732faa97a6eb567f450a72d816dd91e22af019915576c44815e2b33f39
SHA512

5801e9a59a5e6b51d47972750db697130e91770070f70ded37c765c31ea30dc592622ebd87248f856c514d0f08f97163f41380cd96b5d4106340006306067ee2
SSDEEP

24576:enXDx89O22BG7EsZWXJgOgzG1B+5vMiqt0gj2ed:eYYSEstkqOL

Score

7^/10

Malware Config

Targets

- Target
  
  1b25806e73932bfb214bad72a89e78b5
- Size
  
  1000KB
- MD5
  
  1b25806e73932bfb214bad72a89e78b5
- SHA1
  
  948db5eb6f44746e74b664e01df075a1bae20635
- SHA256
  
  3fed12732faa97a6eb567f450a72d816dd91e22af019915576c44815e2b33f39
- SHA512
  
  5801e9a59a5e6b51d47972750db697130e91770070f70ded37c765c31ea30dc592622ebd87248f856c514d0f08f97163f41380cd96b5d4106340006306067ee2
- SSDEEP
  
  24576:enXDx89O22BG7EsZWXJgOgzG1B+5vMiqt0gj2ed:eYYSEstkqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2