3cb16ca6374fc2f9da621e613bdc5b22a55c6b481d4cdd2351f82fb906cd5fed | Triage

Sharing

General

Target

3cb16ca6374fc2f9da621e613bdc5b22a55c6b481d4cdd2351f82fb906cd5fed
Size

700.1MB
Sample

220913-177vxsggb2
MD5

8a473d5812921e6ed01cc9b473485d95
SHA1

d900cc3370ca0f38946e9180eed6034e09686538
SHA256

3cb16ca6374fc2f9da621e613bdc5b22a55c6b481d4cdd2351f82fb906cd5fed
SHA512

cf88c9801505c99c20055b876497440d62dac1553e510045520e3bf87e3848be28227cd279fec62397750e183e1e48fbeb4863465947c3d923bf5844d0b655d4
SSDEEP

6144:RvowTjLao/Z79b6E1DzbkaWwgJKbSVR1K:/DR7AEeaWwgJKbSVR1K

Score

8^/10

Malware Config

Targets

- Target
  
  3cb16ca6374fc2f9da621e613bdc5b22a55c6b481d4cdd2351f82fb906cd5fed
- Size
  
  700.1MB
- MD5
  
  8a473d5812921e6ed01cc9b473485d95
- SHA1
  
  d900cc3370ca0f38946e9180eed6034e09686538
- SHA256
  
  3cb16ca6374fc2f9da621e613bdc5b22a55c6b481d4cdd2351f82fb906cd5fed
- SHA512
  
  cf88c9801505c99c20055b876497440d62dac1553e510045520e3bf87e3848be28227cd279fec62397750e183e1e48fbeb4863465947c3d923bf5844d0b655d4
- SSDEEP
  
  6144:RvowTjLao/Z79b6E1DzbkaWwgJKbSVR1K:/DR7AEeaWwgJKbSVR1K
Score

8^/10
- Downloads MZ/PE file
- Drops file in Drivers directory
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2