3cb1f15cb48c1c929d50487870f3bc5e84b06f306b2ed315fca8a96a5b8c74ab | Triage

Sharing

General

Target

3cb1f15cb48c1c929d50487870f3bc5e84b06f306b2ed315fca8a96a5b8c74abN.exe
Size

116KB
Sample

241225-sfsb6awkhy
MD5

edcd41158c2aa45ceb27f4ae2133efe0
SHA1

3668b96f737d8d4236bd90235b1618db695c5db2
SHA256

3cb1f15cb48c1c929d50487870f3bc5e84b06f306b2ed315fca8a96a5b8c74ab
SHA512

5dfd9a68d52402f9e020b6948fa1985ab20baf9b17cc55b69940fd74dc41c09c82a6b01c8e6bfcfd29062575e67cd01b9ef0bad7ee66dca71db483ccc136539c
SSDEEP

3072:LoMRmT05NCp/yTeOXIahuID203N7X9yV9GboM9:LoMRmT050/qeqJuI605NyV0

Score

10^/10

discovery evasion execution

Malware Config

Targets

- Target
  
  3cb1f15cb48c1c929d50487870f3bc5e84b06f306b2ed315fca8a96a5b8c74abN.exe
- Size
  
  116KB
- MD5
  
  edcd41158c2aa45ceb27f4ae2133efe0
- SHA1
  
  3668b96f737d8d4236bd90235b1618db695c5db2
- SHA256
  
  3cb1f15cb48c1c929d50487870f3bc5e84b06f306b2ed315fca8a96a5b8c74ab
- SHA512
  
  5dfd9a68d52402f9e020b6948fa1985ab20baf9b17cc55b69940fd74dc41c09c82a6b01c8e6bfcfd29062575e67cd01b9ef0bad7ee66dca71db483ccc136539c
- SSDEEP
  
  3072:LoMRmT05NCp/yTeOXIahuID203N7X9yV9GboM9:LoMRmT050/qeqJuI605NyV0
Score

10^/10

discovery evasion execution
- Disables service(s)
  evasion execution
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

discoveryevasionexecution