bc81e40b4494ca0d530f68820eca22d08548e53e71d870e5ba4a01d63da377c7 | Triage

Sharing

General

Target

bc81e40b4494ca0d530f68820eca22d08548e53e71d870e5ba4a01d63da377c7
Size

685KB
Sample

220806-jj1chaccaj
MD5

137046fd04948b262bea42890ae9b52d
SHA1

1674e0dac56a9c15d97826ff6928044b94732cf9
SHA256

bc81e40b4494ca0d530f68820eca22d08548e53e71d870e5ba4a01d63da377c7
SHA512

bd73d61a23cef1cb438c9c6623a9e990435b4d3edc40247482d2de7b2e51a81980f676c43b3646bee789aa565503dc5647c0f696dc52132597e6cf8f0a99f75e

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc81e40b4494ca0d530f68820eca22d08548e53e71d870e5ba4a01d63da377c7
- Size
  
  685KB
- MD5
  
  137046fd04948b262bea42890ae9b52d
- SHA1
  
  1674e0dac56a9c15d97826ff6928044b94732cf9
- SHA256
  
  bc81e40b4494ca0d530f68820eca22d08548e53e71d870e5ba4a01d63da377c7
- SHA512
  
  bd73d61a23cef1cb438c9c6623a9e990435b4d3edc40247482d2de7b2e51a81980f676c43b3646bee789aa565503dc5647c0f696dc52132597e6cf8f0a99f75e
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1