575b013aaa2cebfb1ab29b07a36cf5da9fb9ba5299a55743775c9e1858d13c8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aac04427b3d4d7afa43ca7e627bf61d4
Size

385KB
Sample

240228-cr94cagh9y
MD5

aac04427b3d4d7afa43ca7e627bf61d4
SHA1

f556e6c70259454812fc4dc1a362c71087593447
SHA256

575b013aaa2cebfb1ab29b07a36cf5da9fb9ba5299a55743775c9e1858d13c8b
SHA512

3332d8e103a83f398e8e079e44672829f75d56abe7dcb2ff8a4e5d88662f852342c95a8a00e45e88985d451720107e07f208884e8d02a323935acf77387fb08e
SSDEEP

6144:GoNQL+gB+Kp/oj3nED6VYEZvrfj+I9bZaWDDTelUYCgiWyLejiB:/QLVBF/ogWVYEJr79bZaAiaTWggiB

Score

7^/10

Malware Config

Targets

- Target
  
  aac04427b3d4d7afa43ca7e627bf61d4
- Size
  
  385KB
- MD5
  
  aac04427b3d4d7afa43ca7e627bf61d4
- SHA1
  
  f556e6c70259454812fc4dc1a362c71087593447
- SHA256
  
  575b013aaa2cebfb1ab29b07a36cf5da9fb9ba5299a55743775c9e1858d13c8b
- SHA512
  
  3332d8e103a83f398e8e079e44672829f75d56abe7dcb2ff8a4e5d88662f852342c95a8a00e45e88985d451720107e07f208884e8d02a323935acf77387fb08e
- SSDEEP
  
  6144:GoNQL+gB+Kp/oj3nED6VYEZvrfj+I9bZaWDDTelUYCgiWyLejiB:/QLVBF/ogWVYEJr79bZaAiaTWggiB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2