6f42c459c481cb04660c8ae6de6283fb4aecae37fda59571339dbb1659d10dd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3734ea734f6b2483bb7cefc4eebcc3f7
Size

506KB
Sample

231231-qbcd2aehbn
MD5

3734ea734f6b2483bb7cefc4eebcc3f7
SHA1

df9c7a878fabd0a10278a33ae77757d198f06f1e
SHA256

6f42c459c481cb04660c8ae6de6283fb4aecae37fda59571339dbb1659d10dd6
SHA512

f81275737d87d4ffd7d9c3a1ba06dc5f1d0e3c65ae0de3dd6cf5861e0df0e996389371ba601fe6a7b5d206551ba68fc5b198020792cf294bf0e8be8eedde6a70
SSDEEP

12288:3pcKp0N6ZprgbHP/Eze82lBTtgczVOAR/DJadDtsAjpQC:3p/p0IWb3w85agHBJyBsAjpQC

Score

7^/10

Malware Config

Targets

- Target
  
  3734ea734f6b2483bb7cefc4eebcc3f7
- Size
  
  506KB
- MD5
  
  3734ea734f6b2483bb7cefc4eebcc3f7
- SHA1
  
  df9c7a878fabd0a10278a33ae77757d198f06f1e
- SHA256
  
  6f42c459c481cb04660c8ae6de6283fb4aecae37fda59571339dbb1659d10dd6
- SHA512
  
  f81275737d87d4ffd7d9c3a1ba06dc5f1d0e3c65ae0de3dd6cf5861e0df0e996389371ba601fe6a7b5d206551ba68fc5b198020792cf294bf0e8be8eedde6a70
- SSDEEP
  
  12288:3pcKp0N6ZprgbHP/Eze82lBTtgczVOAR/DJadDtsAjpQC:3p/p0IWb3w85agHBJyBsAjpQC
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2