b51f8e8388e98ad56635d77df0233e4e9a73b3a005b9e6fb3761fe14ac2efe3a | Triage

Sharing

General

Target

395050724a0d108eafc8a2f86f718d50
Size

241KB
Sample

231231-rhcttadge9
MD5

395050724a0d108eafc8a2f86f718d50
SHA1

103f17b9b729fd54cf9c57f7d46b3edc0ccf64da
SHA256

b51f8e8388e98ad56635d77df0233e4e9a73b3a005b9e6fb3761fe14ac2efe3a
SHA512

b8f505ea0cc3e6238f23f9ffa7cc71593714bb3274ef7d41ddfc5d57c76710ae17fa996ebb08a68ed8b77a66d8a06cf19d5e4f256a7c0c419c21ff4159d894ef
SSDEEP

6144:v5Fwe3pIx7us3sW7ud4XMrafC/lYJ5jDKTR:v5KMIgZHGsMjuV

Score

7^/10

Malware Config

Targets

- Target
  
  395050724a0d108eafc8a2f86f718d50
- Size
  
  241KB
- MD5
  
  395050724a0d108eafc8a2f86f718d50
- SHA1
  
  103f17b9b729fd54cf9c57f7d46b3edc0ccf64da
- SHA256
  
  b51f8e8388e98ad56635d77df0233e4e9a73b3a005b9e6fb3761fe14ac2efe3a
- SHA512
  
  b8f505ea0cc3e6238f23f9ffa7cc71593714bb3274ef7d41ddfc5d57c76710ae17fa996ebb08a68ed8b77a66d8a06cf19d5e4f256a7c0c419c21ff4159d894ef
- SSDEEP
  
  6144:v5Fwe3pIx7us3sW7ud4XMrafC/lYJ5jDKTR:v5KMIgZHGsMjuV
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2