5935a83bfa3d24efd0b9be6eb6fe7121d150ba9ff1657e882afd8e40bf330e94 | Triage

Sharing

General

Target

25ba4f0d2634fd6d465855d7ef91ff93
Size

506KB
Sample

231231-dl5gcaebeq
MD5

25ba4f0d2634fd6d465855d7ef91ff93
SHA1

4b3796a76b9048fd0545f74301ddc6e4be2238c9
SHA256

5935a83bfa3d24efd0b9be6eb6fe7121d150ba9ff1657e882afd8e40bf330e94
SHA512

351439e410177f8d7bfc2fb97ec6f4fa88e8cfe4548c1cbf98ef7e8c2b26d9dd1a597fdfeeb906e7a9914c4376ec82d5a8f86ee9bd45d46e1cb62638bbeaf460
SSDEEP

6144:UJMptJBFcOc92VbT7uGJQf4ciAdU7q/35XmbxGlB1RG6tKXiHC9tD/pLTsqcOa0c:lDKUbPlSgh7qRXIxGljcDSHaR3FOvP

Score

7^/10

Malware Config

Targets

- Target
  
  25ba4f0d2634fd6d465855d7ef91ff93
- Size
  
  506KB
- MD5
  
  25ba4f0d2634fd6d465855d7ef91ff93
- SHA1
  
  4b3796a76b9048fd0545f74301ddc6e4be2238c9
- SHA256
  
  5935a83bfa3d24efd0b9be6eb6fe7121d150ba9ff1657e882afd8e40bf330e94
- SHA512
  
  351439e410177f8d7bfc2fb97ec6f4fa88e8cfe4548c1cbf98ef7e8c2b26d9dd1a597fdfeeb906e7a9914c4376ec82d5a8f86ee9bd45d46e1cb62638bbeaf460
- SSDEEP
  
  6144:UJMptJBFcOc92VbT7uGJQf4ciAdU7q/35XmbxGlB1RG6tKXiHC9tD/pLTsqcOa0c:lDKUbPlSgh7qRXIxGljcDSHaR3FOvP
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2