a3b3fb652d4e22fcbb1b29c46ce48761c915441e1b83ebf61e591610623b4670 | Triage

Resubmissions

22-01-2025 06:59

250122-hr77mstphv 8

13-01-2025 11:48

250113-nyfc4a1khx 7

23-12-2024 21:41

241223-1jv68asmbl 1

Sharing

General

Target

a3b3fb652d4e22fcbb1b29c46ce48761c915441e1b83ebf61e591610623b4670
Size

107KB
Sample

250122-hr77mstphv
MD5

568f5ff8a5884e1a59387105f85470b0
SHA1

bb532059d4fce8fc91851cea843b4186409d706c
SHA256

a3b3fb652d4e22fcbb1b29c46ce48761c915441e1b83ebf61e591610623b4670
SHA512

8f0ecd65dc3d9131d2d24600736a07acf70ced25e83f8c20b2bf0edc38afd1c889c18097793baeb248f93a73ded15e807104bf24a4f7a5067409dabd96e29385
SSDEEP

3072:Q1egkeFkCg78J+YCSii28tODZUB/mNAT4IGhrpJ:HgBkCg7vpmOK/1T4IGF

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  a3b3fb652d4e22fcbb1b29c46ce48761c915441e1b83ebf61e591610623b4670
- Size
  
  107KB
- MD5
  
  568f5ff8a5884e1a59387105f85470b0
- SHA1
  
  bb532059d4fce8fc91851cea843b4186409d706c
- SHA256
  
  a3b3fb652d4e22fcbb1b29c46ce48761c915441e1b83ebf61e591610623b4670
- SHA512
  
  8f0ecd65dc3d9131d2d24600736a07acf70ced25e83f8c20b2bf0edc38afd1c889c18097793baeb248f93a73ded15e807104bf24a4f7a5067409dabd96e29385
- SSDEEP
  
  3072:Q1egkeFkCg78J+YCSii28tODZUB/mNAT4IGhrpJ:HgBkCg7vpmOK/1T4IGF
Score

8^/10

execution persistence
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence

behavioral2