198b4232c63808337dc4faf4079ae3aa9416bcd10907ce00d35e0138da742a03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198b4232c63808337dc4faf4079ae3aa9416bcd10907ce00d35e0138da742a03N
Size

1.2MB
Sample

241009-gfr6lsvcmp
MD5

a75294d9174cb4c02f3295faf6bf5800
SHA1

a5d2b6b2ef12d62a5f5d83707f65f9ea9e9a0c62
SHA256

198b4232c63808337dc4faf4079ae3aa9416bcd10907ce00d35e0138da742a03
SHA512

b53e16c1b7b4f151c2a28217aee17bb2382b91f003b5393bb488c5770e137482080cd1a4e91fb8d7a1159a552c51d8d63465747b619de3c2aede97e07ceb1737
SSDEEP

24576:c4PfJIxvZHWxljRNJfycfLee+3BPfr7KzyinI5+VN9g1ymXPa/ZSya/JXk377Lvw:c4eHOlFynnBCVH6rgxg23bnBGKXu/B

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  198b4232c63808337dc4faf4079ae3aa9416bcd10907ce00d35e0138da742a03N
- Size
  
  1.2MB
- MD5
  
  a75294d9174cb4c02f3295faf6bf5800
- SHA1
  
  a5d2b6b2ef12d62a5f5d83707f65f9ea9e9a0c62
- SHA256
  
  198b4232c63808337dc4faf4079ae3aa9416bcd10907ce00d35e0138da742a03
- SHA512
  
  b53e16c1b7b4f151c2a28217aee17bb2382b91f003b5393bb488c5770e137482080cd1a4e91fb8d7a1159a552c51d8d63465747b619de3c2aede97e07ceb1737
- SSDEEP
  
  24576:c4PfJIxvZHWxljRNJfycfLee+3BPfr7KzyinI5+VN9g1ymXPa/ZSya/JXk377Lvw:c4eHOlFynnBCVH6rgxg23bnBGKXu/B
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2