80f7dc5ab5f2e1625d856e8741b2ebb0a7c1edbc82b42699ff0234aa1333809a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6c87101c66f164dde3b5e9d00869506
Size

385KB
Sample

240319-wsylgsbe3y
MD5

d6c87101c66f164dde3b5e9d00869506
SHA1

f43ad04ad9a6fc7951b91ac1171785736482322f
SHA256

80f7dc5ab5f2e1625d856e8741b2ebb0a7c1edbc82b42699ff0234aa1333809a
SHA512

57a155edfca58078e232bb4945cd91b7e6a1e2c4c5e4e6f35b5ebf784b896f477d64fc98d6ca7c3b2bce3e2456f63202b1d6e85232bd0b014dc427d6d3a112c9
SSDEEP

12288:TNjiIXDHhGw5RQVM0xrV5t40+pLNnn4rtOHdbwyBtzkgB:TNL3RQ/x555+fnn4ESy34gB

Score

7^/10

Malware Config

Targets

- Target
  
  d6c87101c66f164dde3b5e9d00869506
- Size
  
  385KB
- MD5
  
  d6c87101c66f164dde3b5e9d00869506
- SHA1
  
  f43ad04ad9a6fc7951b91ac1171785736482322f
- SHA256
  
  80f7dc5ab5f2e1625d856e8741b2ebb0a7c1edbc82b42699ff0234aa1333809a
- SHA512
  
  57a155edfca58078e232bb4945cd91b7e6a1e2c4c5e4e6f35b5ebf784b896f477d64fc98d6ca7c3b2bce3e2456f63202b1d6e85232bd0b014dc427d6d3a112c9
- SSDEEP
  
  12288:TNjiIXDHhGw5RQVM0xrV5t40+pLNnn4rtOHdbwyBtzkgB:TNL3RQ/x555+fnn4ESy34gB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2