92c7b075c042f9c6c9ddaef4e1c71961e9d0334cd970c86e7c349d63d9ff5c1e | Triage

Sharing

General

Target

214c737dc46b508770b506a1c2c0b86a
Size

506KB
Sample

231231-ajksdaeah4
MD5

214c737dc46b508770b506a1c2c0b86a
SHA1

297e178023e5d8cdee63e7f33a268848174cc3f5
SHA256

92c7b075c042f9c6c9ddaef4e1c71961e9d0334cd970c86e7c349d63d9ff5c1e
SHA512

aab0bd880e2dc6ba1ba84a3bb031caa40923271922ef9016145f2d283bcf93d27473b58f8af5106b4c32e66f10ccc54c4d0c43223ce0dc13b41132c03febc404
SSDEEP

12288:Pt2DRocIiqLfgZN1aNgbZi+aN5DAnPZSoOY6Sl:PEFIiqLONMnrgnRSY6+

Score

7^/10

Malware Config

Targets

- Target
  
  214c737dc46b508770b506a1c2c0b86a
- Size
  
  506KB
- MD5
  
  214c737dc46b508770b506a1c2c0b86a
- SHA1
  
  297e178023e5d8cdee63e7f33a268848174cc3f5
- SHA256
  
  92c7b075c042f9c6c9ddaef4e1c71961e9d0334cd970c86e7c349d63d9ff5c1e
- SHA512
  
  aab0bd880e2dc6ba1ba84a3bb031caa40923271922ef9016145f2d283bcf93d27473b58f8af5106b4c32e66f10ccc54c4d0c43223ce0dc13b41132c03febc404
- SSDEEP
  
  12288:Pt2DRocIiqLfgZN1aNgbZi+aN5DAnPZSoOY6Sl:PEFIiqLONMnrgnRSY6+
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2