c29c9f30390bfab9f34e2bb660724cd944dd31a15d8cc31e1a39d0d51981aa12 | Triage

Sharing

General

Target

1cd576eb571a1f74fd43d077e20caac2
Size

1000KB
Sample

231230-z7yftaded3
MD5

1cd576eb571a1f74fd43d077e20caac2
SHA1

91a1812d1c45d1e6f3e9e01e74af203a401ddfbb
SHA256

c29c9f30390bfab9f34e2bb660724cd944dd31a15d8cc31e1a39d0d51981aa12
SHA512

a466417ac06b342cbc02830211c42ce02baeecb38d71045b7d12ed9ca91728008b9c39b58a65d48c52192ecdcd18952f815e7891437bc4f8b98d9162c8436f51
SSDEEP

24576:14YjR0KkuxzOg3p1zP7gFjxhNsSU4KK71B+5vMiqt0gj2ed:14YjR0KkuxzOg3p1jghNPqOL

Score

7^/10

Malware Config

Targets

- Target
  
  1cd576eb571a1f74fd43d077e20caac2
- Size
  
  1000KB
- MD5
  
  1cd576eb571a1f74fd43d077e20caac2
- SHA1
  
  91a1812d1c45d1e6f3e9e01e74af203a401ddfbb
- SHA256
  
  c29c9f30390bfab9f34e2bb660724cd944dd31a15d8cc31e1a39d0d51981aa12
- SHA512
  
  a466417ac06b342cbc02830211c42ce02baeecb38d71045b7d12ed9ca91728008b9c39b58a65d48c52192ecdcd18952f815e7891437bc4f8b98d9162c8436f51
- SSDEEP
  
  24576:14YjR0KkuxzOg3p1zP7gFjxhNsSU4KK71B+5vMiqt0gj2ed:14YjR0KkuxzOg3p1jghNPqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2