a3c074948f5e3d2b89f0035bbf7bd74b1a3ec0525dc1496b4463f55ef15f3521 | Triage

Sharing

General

Target

a3c074948f5e3d2b89f0035bbf7bd74b1a3ec0525dc1496b4463f55ef15f3521
Size

725KB
Sample

201110-ecv1276kja
MD5

001841a84c6055b44bbafb3be385c8f6
SHA1

1336143f18b91007601b488a281470e3e031af04
SHA256

a3c074948f5e3d2b89f0035bbf7bd74b1a3ec0525dc1496b4463f55ef15f3521
SHA512

c511aa90553d6297da0d273534137f3700e099062087cde29eb1cbed4922604bb6f97b0d4507688fa35145302bd6514e4676c6cb4d2ed3d3a162e8b0fd3d62c7

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a3c074948f5e3d2b89f0035bbf7bd74b1a3ec0525dc1496b4463f55ef15f3521
- Size
  
  725KB
- MD5
  
  001841a84c6055b44bbafb3be385c8f6
- SHA1
  
  1336143f18b91007601b488a281470e3e031af04
- SHA256
  
  a3c074948f5e3d2b89f0035bbf7bd74b1a3ec0525dc1496b4463f55ef15f3521
- SHA512
  
  c511aa90553d6297da0d273534137f3700e099062087cde29eb1cbed4922604bb6f97b0d4507688fa35145302bd6514e4676c6cb4d2ed3d3a162e8b0fd3d62c7
Score

7^/10

discovery persistence
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence