bcae6a5e4cdaa1a731ca5e5f6cd1105c07223800dda58153a25ef2a9bb4be8a8 | Triage

Sharing

General

Target

3ac1362a4fbc0662f9f772d5f20d73c8
Size

506KB
Sample

231231-w6arksefd5
MD5

3ac1362a4fbc0662f9f772d5f20d73c8
SHA1

dbc064e911bb1ec7df5f8b88a675a2d777edff1e
SHA256

bcae6a5e4cdaa1a731ca5e5f6cd1105c07223800dda58153a25ef2a9bb4be8a8
SHA512

f51b7603e99e7e3ecf7161c486d77d19cdbad4d2135c9ce6f98c180ff38415e56333aef3ff20216e7aec589fdb872629d36f52fa9f094063400915d7151de849
SSDEEP

12288:zvEaoNfAp4MJzgvMjfuj8XWyXeEvFS1SvCo:z8Yp4s9uj8GyXeiSVo

Score

7^/10

Malware Config

Targets

- Target
  
  3ac1362a4fbc0662f9f772d5f20d73c8
- Size
  
  506KB
- MD5
  
  3ac1362a4fbc0662f9f772d5f20d73c8
- SHA1
  
  dbc064e911bb1ec7df5f8b88a675a2d777edff1e
- SHA256
  
  bcae6a5e4cdaa1a731ca5e5f6cd1105c07223800dda58153a25ef2a9bb4be8a8
- SHA512
  
  f51b7603e99e7e3ecf7161c486d77d19cdbad4d2135c9ce6f98c180ff38415e56333aef3ff20216e7aec589fdb872629d36f52fa9f094063400915d7151de849
- SSDEEP
  
  12288:zvEaoNfAp4MJzgvMjfuj8XWyXeEvFS1SvCo:z8Yp4s9uj8GyXeiSVo
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2