17f5e5faec0b08c1db60cfe402d3f74e7155f7e14304c3d78b1536d40ac4b723 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17f5e5faec0b08c1db60cfe402d3f74e7155f7e14304c3d78b1536d40ac4b723
Size

1.7MB
Sample

240911-ee9m6asbpf
MD5

2c6381ccdb06c90a2bb76ee92b1fb1c7
SHA1

02695069282c95b21abf6efaf188ca541fa64893
SHA256

17f5e5faec0b08c1db60cfe402d3f74e7155f7e14304c3d78b1536d40ac4b723
SHA512

65f5b0c286692aced95c6d8f1883de21154c5217ddf81e05f3221aeb0e1942acc3197bf373fc38f91220c8f5181de06bcea53d0bbf071d7fc76ff150dfdbdf4c
SSDEEP

49152:meKzRteZ9/3eFdPxP+pAbTmVPDhpltCmoo8:XQzeZiPogTmVu

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  17f5e5faec0b08c1db60cfe402d3f74e7155f7e14304c3d78b1536d40ac4b723
- Size
  
  1.7MB
- MD5
  
  2c6381ccdb06c90a2bb76ee92b1fb1c7
- SHA1
  
  02695069282c95b21abf6efaf188ca541fa64893
- SHA256
  
  17f5e5faec0b08c1db60cfe402d3f74e7155f7e14304c3d78b1536d40ac4b723
- SHA512
  
  65f5b0c286692aced95c6d8f1883de21154c5217ddf81e05f3221aeb0e1942acc3197bf373fc38f91220c8f5181de06bcea53d0bbf071d7fc76ff150dfdbdf4c
- SSDEEP
  
  49152:meKzRteZ9/3eFdPxP+pAbTmVPDhpltCmoo8:XQzeZiPogTmVu
Score

7^/10

defense_evasion discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery