74f28779216429af7f0b3908116bd598dbbb2e4758b6ff047a7e92aad354d8b6 | Triage

Sharing

General

Target

74f28779216429af7f0b3908116bd598dbbb2e4758b6ff047a7e92aad354d8b6
Size

713KB
Sample

220908-waytjafbe5
MD5

220dc495c5a633fb727f89d9ba25fe45
SHA1

dfc3da18e8c2ea050318421d46ff877292d4178d
SHA256

74f28779216429af7f0b3908116bd598dbbb2e4758b6ff047a7e92aad354d8b6
SHA512

41942ab82f11cc07daef3de912c031605bb7bdbe7a2dc78f81d692ba6fb60db2e0cb5f07e53849b3d2193abbb61b67cf4403e20948692874ba8788b523f37860
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  74f28779216429af7f0b3908116bd598dbbb2e4758b6ff047a7e92aad354d8b6
- Size
  
  713KB
- MD5
  
  220dc495c5a633fb727f89d9ba25fe45
- SHA1
  
  dfc3da18e8c2ea050318421d46ff877292d4178d
- SHA256
  
  74f28779216429af7f0b3908116bd598dbbb2e4758b6ff047a7e92aad354d8b6
- SHA512
  
  41942ab82f11cc07daef3de912c031605bb7bdbe7a2dc78f81d692ba6fb60db2e0cb5f07e53849b3d2193abbb61b67cf4403e20948692874ba8788b523f37860
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1