4309291ccf59fcba29a666a618e5ccf848bf59044dd2b477667c1aa48846a37f | Triage

Sharing

General

Target

25482d8c0aaa13bc9f6dd109359b6a2d
Size

1000KB
Sample

231231-ddmlkabggn
MD5

25482d8c0aaa13bc9f6dd109359b6a2d
SHA1

802fa4bccb36b6eca5e6d1c122fe1e79ce2ccac2
SHA256

4309291ccf59fcba29a666a618e5ccf848bf59044dd2b477667c1aa48846a37f
SHA512

76346759f2ca5a3a894d97ad4e5ebab8568f48f1b519db9d119f233cb4dfa4717c46f3f5300bee09962d76a038fcf83b8a41c2c4e15746a85f6b4d4389d082b9
SSDEEP

24576:2Ldmjn/8qrn5y1SGScQOy1B+5vMiqt0gj2ed:2Ld+/8o5CaUYqOL

Score

7^/10

Malware Config

Targets

- Target
  
  25482d8c0aaa13bc9f6dd109359b6a2d
- Size
  
  1000KB
- MD5
  
  25482d8c0aaa13bc9f6dd109359b6a2d
- SHA1
  
  802fa4bccb36b6eca5e6d1c122fe1e79ce2ccac2
- SHA256
  
  4309291ccf59fcba29a666a618e5ccf848bf59044dd2b477667c1aa48846a37f
- SHA512
  
  76346759f2ca5a3a894d97ad4e5ebab8568f48f1b519db9d119f233cb4dfa4717c46f3f5300bee09962d76a038fcf83b8a41c2c4e15746a85f6b4d4389d082b9
- SSDEEP
  
  24576:2Ldmjn/8qrn5y1SGScQOy1B+5vMiqt0gj2ed:2Ld+/8o5CaUYqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2