bf48247527bda63086f064dce65c41807968733c7fd64a119ff2f0ac839e63f1 | Triage

Sharing

General

Target

278d479b3f23f0bc0886ef677d77c4ce
Size

1000KB
Sample

231231-eqqz7agbdj
MD5

278d479b3f23f0bc0886ef677d77c4ce
SHA1

ffab61b5d81d69000ce3c33846e0623322a92431
SHA256

bf48247527bda63086f064dce65c41807968733c7fd64a119ff2f0ac839e63f1
SHA512

af16a9355d67b74ef1b64ccb30bcbe4b0a28e89e1966de02c890f53e5fd91b66075904f4d7dcb479023a47eb1b248e0bb8e0ecf7d9445d12695e0feaf2c66219
SSDEEP

24576:L+8/BDn46USkmPwTuS1B+5vMiqt0gj2ed://BD46U3mITu4qOL

Score

7^/10

Malware Config

Targets

- Target
  
  278d479b3f23f0bc0886ef677d77c4ce
- Size
  
  1000KB
- MD5
  
  278d479b3f23f0bc0886ef677d77c4ce
- SHA1
  
  ffab61b5d81d69000ce3c33846e0623322a92431
- SHA256
  
  bf48247527bda63086f064dce65c41807968733c7fd64a119ff2f0ac839e63f1
- SHA512
  
  af16a9355d67b74ef1b64ccb30bcbe4b0a28e89e1966de02c890f53e5fd91b66075904f4d7dcb479023a47eb1b248e0bb8e0ecf7d9445d12695e0feaf2c66219
- SSDEEP
  
  24576:L+8/BDn46USkmPwTuS1B+5vMiqt0gj2ed://BD46U3mITu4qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2