22f372a62b10bd40e04174512b0251bb0a2f49d243cb45dad8c91c21557ed301 | Triage

Sharing

General

Target

22f372a62b10bd40e04174512b0251bb0a2f49d243cb45dad8c91c21557ed301
Size

193KB
Sample

200709-6n256d1z8s
MD5

5cfacc34c063d14b2a10e99b1512c532
SHA1

b505a5c20a3aa8ed1ceba82442787fa44f4caf1a
SHA256

22f372a62b10bd40e04174512b0251bb0a2f49d243cb45dad8c91c21557ed301
SHA512

718656a8263b5c02520a6dec2f36684d2c968f550f54448f995b8cab89e71573248f74051598c10d6b0fa92c5a14b88c11e890883ff89af7a212a4cdbab3f98f

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  22f372a62b10bd40e04174512b0251bb0a2f49d243cb45dad8c91c21557ed301
- Size
  
  193KB
- MD5
  
  5cfacc34c063d14b2a10e99b1512c532
- SHA1
  
  b505a5c20a3aa8ed1ceba82442787fa44f4caf1a
- SHA256
  
  22f372a62b10bd40e04174512b0251bb0a2f49d243cb45dad8c91c21557ed301
- SHA512
  
  718656a8263b5c02520a6dec2f36684d2c968f550f54448f995b8cab89e71573248f74051598c10d6b0fa92c5a14b88c11e890883ff89af7a212a4cdbab3f98f
Score

6^/10

persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2