bc9ee14d035d67d99fedbd353217e7015e0cf528a58ccb7266ddf0b6d80e28c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

223353ff958e58b3f9f7514367c7e565
Size

1000KB
Sample

231231-a5mh4ahffr
MD5

223353ff958e58b3f9f7514367c7e565
SHA1

e77734a62164652d7ebe3036ebf6a627827de6fb
SHA256

bc9ee14d035d67d99fedbd353217e7015e0cf528a58ccb7266ddf0b6d80e28c4
SHA512

e8b142daf143d58907e42084fef896ee54e3b910da2fdbe604bcf7dad0de8ee61daafc21476cae39f9080181c98fac28478bb53aa078390aab7c4912aadc203c
SSDEEP

24576:QQql8PNIcCc+5+rwWp1B+5vMiqt0gj2ed:QQqqqv5N4qOL

Score

7^/10

Malware Config

Targets

- Target
  
  223353ff958e58b3f9f7514367c7e565
- Size
  
  1000KB
- MD5
  
  223353ff958e58b3f9f7514367c7e565
- SHA1
  
  e77734a62164652d7ebe3036ebf6a627827de6fb
- SHA256
  
  bc9ee14d035d67d99fedbd353217e7015e0cf528a58ccb7266ddf0b6d80e28c4
- SHA512
  
  e8b142daf143d58907e42084fef896ee54e3b910da2fdbe604bcf7dad0de8ee61daafc21476cae39f9080181c98fac28478bb53aa078390aab7c4912aadc203c
- SSDEEP
  
  24576:QQql8PNIcCc+5+rwWp1B+5vMiqt0gj2ed:QQqqqv5N4qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2