d8f5d26fb33e015e0523646631b33d90d03c7dcfa155a8c83bc6fe815f0f1642 | Triage

Sharing

General

Target

246a865a19da1fca9ef93f89043c7afa
Size

506KB
Sample

231231-cv81fshbg5
MD5

246a865a19da1fca9ef93f89043c7afa
SHA1

bfef77c2a6be4b217c51bc4468dc0063e6ef2019
SHA256

d8f5d26fb33e015e0523646631b33d90d03c7dcfa155a8c83bc6fe815f0f1642
SHA512

0927136e0cd6f5568be30ec16c24659bd3d083f489275afc230cb3559d4bdca413b7c377dba3ddb9eb9a7d411626fc39523acad4ebd9b15e01e74cbb9eb6c92f
SSDEEP

12288:N3IBDgeVQ+ZSQx0LBF5GvSJ4mc1eLyJ+B:NY6eVHYQOb5qSJe1jJW

Score

7^/10

Malware Config

Targets

- Target
  
  246a865a19da1fca9ef93f89043c7afa
- Size
  
  506KB
- MD5
  
  246a865a19da1fca9ef93f89043c7afa
- SHA1
  
  bfef77c2a6be4b217c51bc4468dc0063e6ef2019
- SHA256
  
  d8f5d26fb33e015e0523646631b33d90d03c7dcfa155a8c83bc6fe815f0f1642
- SHA512
  
  0927136e0cd6f5568be30ec16c24659bd3d083f489275afc230cb3559d4bdca413b7c377dba3ddb9eb9a7d411626fc39523acad4ebd9b15e01e74cbb9eb6c92f
- SSDEEP
  
  12288:N3IBDgeVQ+ZSQx0LBF5GvSJ4mc1eLyJ+B:NY6eVHYQOb5qSJe1jJW
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2