ea1c517d71dc1a87765d2832479efcd3280daa1363a9eaa9d30f6f148c6d9f44 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c071780adf1d11dbb8b79542c67ad74
Size

241KB
Sample

231230-zgjjzaefcq
MD5

1c071780adf1d11dbb8b79542c67ad74
SHA1

69cd851971b778114f9041bf57d39a1005ee72b3
SHA256

ea1c517d71dc1a87765d2832479efcd3280daa1363a9eaa9d30f6f148c6d9f44
SHA512

3af2a55a0f6b493ecf5de8f5ca47c6f6372f507ea41e8a1cccafe2f5e72052ae489c17346e4e28929785e03c3ef95d428c5109887670294eadc3ad43a7f82de7
SSDEEP

6144:I/9wY2AVR/h7nSeDb/Ll3sU0itiQQq5YETRrFZRNX:I9d2ER57SeDb/dhQ1Ex

Score

7^/10

Malware Config

Targets

- Target
  
  1c071780adf1d11dbb8b79542c67ad74
- Size
  
  241KB
- MD5
  
  1c071780adf1d11dbb8b79542c67ad74
- SHA1
  
  69cd851971b778114f9041bf57d39a1005ee72b3
- SHA256
  
  ea1c517d71dc1a87765d2832479efcd3280daa1363a9eaa9d30f6f148c6d9f44
- SHA512
  
  3af2a55a0f6b493ecf5de8f5ca47c6f6372f507ea41e8a1cccafe2f5e72052ae489c17346e4e28929785e03c3ef95d428c5109887670294eadc3ad43a7f82de7
- SSDEEP
  
  6144:I/9wY2AVR/h7nSeDb/Ll3sU0itiQQq5YETRrFZRNX:I9d2ER57SeDb/dhQ1Ex
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2