498ce319adab5789d76c78761125b441e77791a94911fb6709bf874907620f79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cd4b09ec2b8d2e8115ce5070baf94e3
Size

506KB
Sample

231231-hzcqpsfcb7
MD5

2cd4b09ec2b8d2e8115ce5070baf94e3
SHA1

4bd9b886870621a01dc6ac3469c680c94fbc8564
SHA256

498ce319adab5789d76c78761125b441e77791a94911fb6709bf874907620f79
SHA512

7ca53c8de454ee2ee725e7d2cc7ca8a0eba6cc89ac4711f96530f79b171429ca546ac08e6226ca76d3f81f158384ca81d415d670503f386e97c69e7fc44e5a7a
SSDEEP

12288:kl/4PzSqIkjA12r01EDJUqkyhm23Q6fjMQehHqITxzBdX2ZT0++d:i4WqFjA12r+EpRAptdHdGZI++d

Score

7^/10

Malware Config

Targets

- Target
  
  2cd4b09ec2b8d2e8115ce5070baf94e3
- Size
  
  506KB
- MD5
  
  2cd4b09ec2b8d2e8115ce5070baf94e3
- SHA1
  
  4bd9b886870621a01dc6ac3469c680c94fbc8564
- SHA256
  
  498ce319adab5789d76c78761125b441e77791a94911fb6709bf874907620f79
- SHA512
  
  7ca53c8de454ee2ee725e7d2cc7ca8a0eba6cc89ac4711f96530f79b171429ca546ac08e6226ca76d3f81f158384ca81d415d670503f386e97c69e7fc44e5a7a
- SSDEEP
  
  12288:kl/4PzSqIkjA12r01EDJUqkyhm23Q6fjMQehHqITxzBdX2ZT0++d:i4WqFjA12r+EpRAptdHdGZI++d
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2