21546c0308e6ecff6e91b92f00a24a3d1e5d2b2adb4fc9f3e37ecc94c3394900 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42c0e1184659222cd577e3e32593366b
Size

385KB
Sample

240105-e1257sahf4
MD5

42c0e1184659222cd577e3e32593366b
SHA1

925a3ceca10bd36707c9863d6b4399c9560ce2d2
SHA256

21546c0308e6ecff6e91b92f00a24a3d1e5d2b2adb4fc9f3e37ecc94c3394900
SHA512

df1d3c857ffd6016b7cff28ebeec573276927caf99c3390647f31d47750a4a3a1e6d9af23d84bc66adb22dfc671f795e1cb3a053aa4149b8fcdfccd3a8f8ac7e
SSDEEP

12288:8c3/eFhWejFokImcrA1EIDMAHCe77EXEF05zfgYEy2E3lKayZxJeWznX1ddUB:8c3+hzGFXQ5HCpXEF05zfgYEy20lKays

Score

7^/10

Malware Config

Targets

- Target
  
  42c0e1184659222cd577e3e32593366b
- Size
  
  385KB
- MD5
  
  42c0e1184659222cd577e3e32593366b
- SHA1
  
  925a3ceca10bd36707c9863d6b4399c9560ce2d2
- SHA256
  
  21546c0308e6ecff6e91b92f00a24a3d1e5d2b2adb4fc9f3e37ecc94c3394900
- SHA512
  
  df1d3c857ffd6016b7cff28ebeec573276927caf99c3390647f31d47750a4a3a1e6d9af23d84bc66adb22dfc671f795e1cb3a053aa4149b8fcdfccd3a8f8ac7e
- SSDEEP
  
  12288:8c3/eFhWejFokImcrA1EIDMAHCe77EXEF05zfgYEy2E3lKayZxJeWznX1ddUB:8c3+hzGFXQ5HCpXEF05zfgYEy20lKays
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2