6cefb5f6702bbffbc4a9bbd138868aecd94f879f85dc68bdc2805b1e494f3bb6 | Triage

Resubmissions

05/08/2024, 19:46

240805-yhbebazfmh 4

05/08/2024, 19:43

240805-yfmpkazerf 6

Sharing

General

Target

Celisor.exe
Size

1.9MB
Sample

240805-yfmpkazerf
MD5

3752de1ba87ce393a3023648e30a2de5
SHA1

034c5eda4491b5d4fd0335919c45a7758366ed96
SHA256

6cefb5f6702bbffbc4a9bbd138868aecd94f879f85dc68bdc2805b1e494f3bb6
SHA512

40bfc682243a11fa165aa1568dabe81daf72b1b352050648806a894eee22c9f7b9a42a123baf67f0caa6d91a3e2198d1581d0592d836df931db516b79181381f
SSDEEP

24576:EsroGHhFw2fcdWOiZwN2lujg8z48dYrKbrc8Dxl08KMyElk1C45n33GsWcrViE3D:rGJ+84V9RDiW4GYI

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Celisor.exe
- Size
  
  1.9MB
- MD5
  
  3752de1ba87ce393a3023648e30a2de5
- SHA1
  
  034c5eda4491b5d4fd0335919c45a7758366ed96
- SHA256
  
  6cefb5f6702bbffbc4a9bbd138868aecd94f879f85dc68bdc2805b1e494f3bb6
- SHA512
  
  40bfc682243a11fa165aa1568dabe81daf72b1b352050648806a894eee22c9f7b9a42a123baf67f0caa6d91a3e2198d1581d0592d836df931db516b79181381f
- SSDEEP
  
  24576:EsroGHhFw2fcdWOiZwN2lujg8z48dYrKbrc8Dxl08KMyElk1C45n33GsWcrViE3D:rGJ+84V9RDiW4GYI
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2