c8e8b8530e40267cf2ca4634b3b2aecc5a4d437a52161439542061a38fa04fb9 | Triage

Sharing

General

Target

c8e8b8530e40267cf2ca4634b3b2aecc5a4d437a52161439542061a38fa04fb9
Size

685KB
Sample

220806-hzpp9sedb9
MD5

707437ee8246fe4f032770adef8da36d
SHA1

e55b6f232189be6aede028421ff1f8861d0d1913
SHA256

c8e8b8530e40267cf2ca4634b3b2aecc5a4d437a52161439542061a38fa04fb9
SHA512

80663ca3a751f4bb7125b465cc8919125214408562903cd56c82f39df3377c1f5e27cb89c4b6c536661e42d752126733b6f15a579ee562ac7a278c2871477ea2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c8e8b8530e40267cf2ca4634b3b2aecc5a4d437a52161439542061a38fa04fb9
- Size
  
  685KB
- MD5
  
  707437ee8246fe4f032770adef8da36d
- SHA1
  
  e55b6f232189be6aede028421ff1f8861d0d1913
- SHA256
  
  c8e8b8530e40267cf2ca4634b3b2aecc5a4d437a52161439542061a38fa04fb9
- SHA512
  
  80663ca3a751f4bb7125b465cc8919125214408562903cd56c82f39df3377c1f5e27cb89c4b6c536661e42d752126733b6f15a579ee562ac7a278c2871477ea2
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1