e9cc9d3f0989a96df5bf4ecb93016c0876cdee7b8c6ba396bb2531cbddd8a32d | Triage

Sharing

General

Target

23774ea80e8357e3031e36a8d6c25550
Size

506KB
Sample

231231-cazahshfhn
MD5

23774ea80e8357e3031e36a8d6c25550
SHA1

f5d15f448da5f99df6aae586ece80bfed964066b
SHA256

e9cc9d3f0989a96df5bf4ecb93016c0876cdee7b8c6ba396bb2531cbddd8a32d
SHA512

1f75e335956de5515bc30607cf94460073f27a7e7fa52094174b3c2b3986528dfa1312970c122e55b71801cb8288b221ee32bfdca0d8cd4368d9d9a12b9990fe
SSDEEP

12288:ZlczL2FcqmaBODR77iM3CMEipD9dhV3RrNZ:ZlcN7W+UOdvRrf

Score

7^/10

Malware Config

Targets

- Target
  
  23774ea80e8357e3031e36a8d6c25550
- Size
  
  506KB
- MD5
  
  23774ea80e8357e3031e36a8d6c25550
- SHA1
  
  f5d15f448da5f99df6aae586ece80bfed964066b
- SHA256
  
  e9cc9d3f0989a96df5bf4ecb93016c0876cdee7b8c6ba396bb2531cbddd8a32d
- SHA512
  
  1f75e335956de5515bc30607cf94460073f27a7e7fa52094174b3c2b3986528dfa1312970c122e55b71801cb8288b221ee32bfdca0d8cd4368d9d9a12b9990fe
- SSDEEP
  
  12288:ZlczL2FcqmaBODR77iM3CMEipD9dhV3RrNZ:ZlcN7W+UOdvRrf
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2