b44bdbcba81c9c50ee1abef9a313bb2d8392eab1f7abf0f2b57bd343f75bf4b6 | Triage

Sharing

General

Target

b5e3e2cbf28ea36ca7bc786b592f14ff
Size

385KB
Sample

240305-24krnadb47
MD5

b5e3e2cbf28ea36ca7bc786b592f14ff
SHA1

b3408b4d76b7bd8b7bb13959da96087e35f32894
SHA256

b44bdbcba81c9c50ee1abef9a313bb2d8392eab1f7abf0f2b57bd343f75bf4b6
SHA512

1f2fa932fdbfc4ffe6590984e891de34d11c0f4e3ee4f5e653ddffbf40d5f543e0f07221bafad834824826c4a113b275472a045c6e073578c588f6269ae7f4d3
SSDEEP

12288:PmQNtkGp+Up1PimA3+MYXA4jFEUmwi6w9E+wmEMB:PDkGraVOMYXbFr/iD98OB

Score

7^/10

Malware Config

Targets

- Target
  
  b5e3e2cbf28ea36ca7bc786b592f14ff
- Size
  
  385KB
- MD5
  
  b5e3e2cbf28ea36ca7bc786b592f14ff
- SHA1
  
  b3408b4d76b7bd8b7bb13959da96087e35f32894
- SHA256
  
  b44bdbcba81c9c50ee1abef9a313bb2d8392eab1f7abf0f2b57bd343f75bf4b6
- SHA512
  
  1f2fa932fdbfc4ffe6590984e891de34d11c0f4e3ee4f5e653ddffbf40d5f543e0f07221bafad834824826c4a113b275472a045c6e073578c588f6269ae7f4d3
- SSDEEP
  
  12288:PmQNtkGp+Up1PimA3+MYXA4jFEUmwi6w9E+wmEMB:PDkGraVOMYXbFr/iD98OB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2