fc08c29317bf6ecac394b66fd315fde6d1e22f2adefc24ab02b13acc621edcde | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc08c29317bf6ecac394b66fd315fde6d1e22f2adefc24ab02b13acc621edcde
Size

713KB
Sample

220908-vj5g1accdn
MD5

4b24a412d60e87bbe7ef67258bb2b373
SHA1

6ce1fb9f624f458d9e9d5298d723604add810147
SHA256

fc08c29317bf6ecac394b66fd315fde6d1e22f2adefc24ab02b13acc621edcde
SHA512

d34f0d016a86e3b54c1c57ded4316e9c540826c70797dab82d253b7236286a8aad2f5dae5f9038bb76b8167b0f90193137639716c2702d8c71f7b250a1766a0f
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fc08c29317bf6ecac394b66fd315fde6d1e22f2adefc24ab02b13acc621edcde
- Size
  
  713KB
- MD5
  
  4b24a412d60e87bbe7ef67258bb2b373
- SHA1
  
  6ce1fb9f624f458d9e9d5298d723604add810147
- SHA256
  
  fc08c29317bf6ecac394b66fd315fde6d1e22f2adefc24ab02b13acc621edcde
- SHA512
  
  d34f0d016a86e3b54c1c57ded4316e9c540826c70797dab82d253b7236286a8aad2f5dae5f9038bb76b8167b0f90193137639716c2702d8c71f7b250a1766a0f
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1