039471cea9d44ee6224e743395859750ad12b0988641053a670662ce90f940a4 | Triage

Sharing

General

Target

039471cea9d44ee6224e743395859750ad12b0988641053a670662ce90f940a4
Size

716KB
Sample

220911-l5m1eafbhk
MD5

402b01f1f16403992ce4195461966c08
SHA1

414805c84f5567cbeb98455fc7b9827120aea5d6
SHA256

039471cea9d44ee6224e743395859750ad12b0988641053a670662ce90f940a4
SHA512

6a8c7cf6521f5a10f89b23cf58ac1206b7d19f5436d15c948c0b910b306aa83b074272c5bfb83df98d16a0eda67d39e9b9abe21070dc9975af12bb47df427e9a
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  039471cea9d44ee6224e743395859750ad12b0988641053a670662ce90f940a4
- Size
  
  716KB
- MD5
  
  402b01f1f16403992ce4195461966c08
- SHA1
  
  414805c84f5567cbeb98455fc7b9827120aea5d6
- SHA256
  
  039471cea9d44ee6224e743395859750ad12b0988641053a670662ce90f940a4
- SHA512
  
  6a8c7cf6521f5a10f89b23cf58ac1206b7d19f5436d15c948c0b910b306aa83b074272c5bfb83df98d16a0eda67d39e9b9abe21070dc9975af12bb47df427e9a
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1