1e06893be06dab914c7dfbf2bd87d21e6fcd3e9510607c2f3c9c51e4d79d50ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37eb02adad5ff8e5ca288558cf915f75
Size

385KB
Sample

231231-qny4kabbbk
MD5

37eb02adad5ff8e5ca288558cf915f75
SHA1

49161785254856a429ba4490441837bf472f9e89
SHA256

1e06893be06dab914c7dfbf2bd87d21e6fcd3e9510607c2f3c9c51e4d79d50ed
SHA512

a11f47fc5bedb38dd0a5f567ebb3049029769bb287c852fc0d7c35cf8427e4ace100c971f9b389bd9463ea6cbbdc8002c6e4f7cdb50bbb70c8eecb869b41aaef
SSDEEP

6144:oE/Lhmm89sgxaziQyfTbtam16Svz+xbe67QCN1kwVVbRgbKQfTSsZ1AB:V8m82gxtLb/Fvzye60CvNKKQfTBZ1AB

Score

7^/10

Malware Config

Targets

- Target
  
  37eb02adad5ff8e5ca288558cf915f75
- Size
  
  385KB
- MD5
  
  37eb02adad5ff8e5ca288558cf915f75
- SHA1
  
  49161785254856a429ba4490441837bf472f9e89
- SHA256
  
  1e06893be06dab914c7dfbf2bd87d21e6fcd3e9510607c2f3c9c51e4d79d50ed
- SHA512
  
  a11f47fc5bedb38dd0a5f567ebb3049029769bb287c852fc0d7c35cf8427e4ace100c971f9b389bd9463ea6cbbdc8002c6e4f7cdb50bbb70c8eecb869b41aaef
- SSDEEP
  
  6144:oE/Lhmm89sgxaziQyfTbtam16Svz+xbe67QCN1kwVVbRgbKQfTSsZ1AB:V8m82gxtLb/Fvzye60CvNKKQfTBZ1AB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2