ce71d44f4d1e2ab00955a02230456290c29d5845f92535bbe80463564261e146 | Triage

Sharing

General

Target

24bd27a174064248ff6c22f02d703f56
Size

506KB
Sample

231231-c4at1sbab9
MD5

24bd27a174064248ff6c22f02d703f56
SHA1

e9431ebf11c1dd181208341f59769aba11f371a0
SHA256

ce71d44f4d1e2ab00955a02230456290c29d5845f92535bbe80463564261e146
SHA512

323b4e1d8a46418fd5570786c52e52787419bd2fc10b0b6377b97be941f1d1177a0d83ec07a4c471da87a1e35a7e3d200573c5f7cd5c1f637cf5b41ddc2ffc43
SSDEEP

12288:pSFtcuX1QsyZJxQ2PvQULhAE9WbpROtuiRbRUk07be2K65QRC/lxh0bbK+9LB3Ob:pStcul7yHxQ2HQULCE9WbpROtuiRbRUf

Score

7^/10

Malware Config

Targets

- Target
  
  24bd27a174064248ff6c22f02d703f56
- Size
  
  506KB
- MD5
  
  24bd27a174064248ff6c22f02d703f56
- SHA1
  
  e9431ebf11c1dd181208341f59769aba11f371a0
- SHA256
  
  ce71d44f4d1e2ab00955a02230456290c29d5845f92535bbe80463564261e146
- SHA512
  
  323b4e1d8a46418fd5570786c52e52787419bd2fc10b0b6377b97be941f1d1177a0d83ec07a4c471da87a1e35a7e3d200573c5f7cd5c1f637cf5b41ddc2ffc43
- SSDEEP
  
  12288:pSFtcuX1QsyZJxQ2PvQULhAE9WbpROtuiRbRUk07be2K65QRC/lxh0bbK+9LB3Ob:pStcul7yHxQ2HQULCE9WbpROtuiRbRUf
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2