26bd13689065240ccc19a063ea714e91089e6270b70e58726958d0bda95f8d2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2828860afb1f7e881e650e8a71feb0af
Size

506KB
Sample

231231-e3xy9sbebr
MD5

2828860afb1f7e881e650e8a71feb0af
SHA1

a5e238411fe808dcec661069db306108af6c1fcc
SHA256

26bd13689065240ccc19a063ea714e91089e6270b70e58726958d0bda95f8d2a
SHA512

e5f9f8e055d625706a6aae0b213fcfe3a7de8ba5c8352a222d012c199ae32fa2e566f487f070f915b6bb4742098cee49634672c526cc902e8a745f24f50660b9
SSDEEP

12288:+AYEnJsBjjzlgkbSOJqmTbMLQwiJHh3hu1JmZ9PK58:UH/JqmbMePMoPS8

Score

7^/10

Malware Config

Targets

- Target
  
  2828860afb1f7e881e650e8a71feb0af
- Size
  
  506KB
- MD5
  
  2828860afb1f7e881e650e8a71feb0af
- SHA1
  
  a5e238411fe808dcec661069db306108af6c1fcc
- SHA256
  
  26bd13689065240ccc19a063ea714e91089e6270b70e58726958d0bda95f8d2a
- SHA512
  
  e5f9f8e055d625706a6aae0b213fcfe3a7de8ba5c8352a222d012c199ae32fa2e566f487f070f915b6bb4742098cee49634672c526cc902e8a745f24f50660b9
- SSDEEP
  
  12288:+AYEnJsBjjzlgkbSOJqmTbMLQwiJHh3hu1JmZ9PK58:UH/JqmbMePMoPS8
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2