975d507b255fb871b7974a8fec0cdbcb18dd0d5486d9af5f1ec709965cc70238 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

975d507b255fb871b7974a8fec0cdbcb18dd0d5486d9af5f1ec709965cc70238
Size

2.5MB
Sample

220911-fe4mksbad3
MD5

bf59094af4ea14c5ae6dd6d1694a559d
SHA1

07aa1e3f6c7a75979a605089a43d309a718861b6
SHA256

975d507b255fb871b7974a8fec0cdbcb18dd0d5486d9af5f1ec709965cc70238
SHA512

bf60f3c454e2228fdf1c366ec278e66cc1cfb99221ae6c290143ce336e1c3c95bff185dd130cddc68129c411ce1308975be1570eda7da1bee2b637734dd1b947
SSDEEP

49152:F1wRhh/2TdgeJH1tDZqyWZiMhS+wo3m8bRU/5uyv89V5dBZ4Awp8CCpd0BrHT180:F1wRb/q2WD1qyb04amqWZ6BCdZC0rHsU

Score

8^/10

Malware Config

Targets

- Target
  
  975d507b255fb871b7974a8fec0cdbcb18dd0d5486d9af5f1ec709965cc70238
- Size
  
  2.5MB
- MD5
  
  bf59094af4ea14c5ae6dd6d1694a559d
- SHA1
  
  07aa1e3f6c7a75979a605089a43d309a718861b6
- SHA256
  
  975d507b255fb871b7974a8fec0cdbcb18dd0d5486d9af5f1ec709965cc70238
- SHA512
  
  bf60f3c454e2228fdf1c366ec278e66cc1cfb99221ae6c290143ce336e1c3c95bff185dd130cddc68129c411ce1308975be1570eda7da1bee2b637734dd1b947
- SSDEEP
  
  49152:F1wRhh/2TdgeJH1tDZqyWZiMhS+wo3m8bRU/5uyv89V5dBZ4Awp8CCpd0BrHT180:F1wRb/q2WD1qyb04amqWZ6BCdZC0rHsU
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Hidden Files and Directories

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Hidden Files and Directories

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2