457f73845d07b823bc244303a8ee88d840a387f1fd526132f6bf640295247edb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ceo.exe
Size

494KB
Sample

240311-1d7ytsha82
MD5

507021b63f3108a4a09e8ac6c27ce75d
SHA1

237118aaa403523a7b1dcd3ae9ff11b288b05632
SHA256

457f73845d07b823bc244303a8ee88d840a387f1fd526132f6bf640295247edb
SHA512

3a6c6fedce68a9f68465956ddf5a158af60c000e3b49758015056f1ad64aff4a82a64054daa41e038c6121df574824b5ec08fd58a36a95db48296f54d1c2296b
SSDEEP

6144:M7v40itrWGLaqbvnnU6s+lxyixQasAjWZPquzmYXownbjsl:cvBqbvnrs+lxkAAquywnu

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  Ceo.exe
- Size
  
  494KB
- MD5
  
  507021b63f3108a4a09e8ac6c27ce75d
- SHA1
  
  237118aaa403523a7b1dcd3ae9ff11b288b05632
- SHA256
  
  457f73845d07b823bc244303a8ee88d840a387f1fd526132f6bf640295247edb
- SHA512
  
  3a6c6fedce68a9f68465956ddf5a158af60c000e3b49758015056f1ad64aff4a82a64054daa41e038c6121df574824b5ec08fd58a36a95db48296f54d1c2296b
- SSDEEP
  
  6144:M7v40itrWGLaqbvnnU6s+lxyixQasAjWZPquzmYXownbjsl:cvBqbvnrs+lxkAAquywnu
Score

8^/10

evasion
- Stops running service(s)
  evasion
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2