5b1812dad053d1d5950688422391c7aa89984a7a418e370a3b5244a0cec67d4e | Triage

Resubmissions

01/07/2024, 06:56

240701-hqmvbasbkj 6

01/07/2024, 06:48

240701-hk8vlasajn 3

01/07/2024, 06:45

240701-hh5edsycnb 3

Sharing

General

Target

xuaa.exe
Size

2.1MB
Sample

240701-hqmvbasbkj
MD5

6fa875e23acae33f3a5bfc2a9f96b4b7
SHA1

bf3499df1a6baaecb6c4bb080aeea413e4ab69cc
SHA256

5b1812dad053d1d5950688422391c7aa89984a7a418e370a3b5244a0cec67d4e
SHA512

ee08ff9e3367375ec1246f414fc3e36ad448a79776fa8c70b2be0369bb20a619508faac8f134a22f94d858e7c00f5ea1341053672ee11cb35234ddcb4e841730
SSDEEP

49152:K4P1GIWT7K97b7b7bEXSYhVqDZgSg4nlLdZHRKttY+z+cPVL1dxh+QcmYDe:270YvqXZxKttYNcPVL1Z+F

Score

6^/10

Malware Config

Targets

- Target
  
  xuaa.exe
- Size
  
  2.1MB
- MD5
  
  6fa875e23acae33f3a5bfc2a9f96b4b7
- SHA1
  
  bf3499df1a6baaecb6c4bb080aeea413e4ab69cc
- SHA256
  
  5b1812dad053d1d5950688422391c7aa89984a7a418e370a3b5244a0cec67d4e
- SHA512
  
  ee08ff9e3367375ec1246f414fc3e36ad448a79776fa8c70b2be0369bb20a619508faac8f134a22f94d858e7c00f5ea1341053672ee11cb35234ddcb4e841730
- SSDEEP
  
  49152:K4P1GIWT7K97b7b7bEXSYhVqDZgSg4nlLdZHRKttY+z+cPVL1dxh+QcmYDe:270YvqXZxKttYNcPVL1Z+F
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2