5a479b5f9f4daac9895cb63230ddd035105c0afcfbda304693abbf5aa919dc8a | Triage

Sharing

General

Target

5a479b5f9f4daac9895cb63230ddd035105c0afcfbda304693abbf5aa919dc8a
Size

717KB
Sample

220913-axczpaabep
MD5

7457b231d8e6e2b327a7d933eb1a0894
SHA1

56fb9851817a839abab4a7a32b180d84cedf7661
SHA256

5a479b5f9f4daac9895cb63230ddd035105c0afcfbda304693abbf5aa919dc8a
SHA512

f51367b9e4419c16fd69338491d6e5c92c26b82a442e84b55c45f46a60ecd63091740b7b60a65aa27d0fcaee78b72361cc343d81db55909772dfe3db07e18efb
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5a479b5f9f4daac9895cb63230ddd035105c0afcfbda304693abbf5aa919dc8a
- Size
  
  717KB
- MD5
  
  7457b231d8e6e2b327a7d933eb1a0894
- SHA1
  
  56fb9851817a839abab4a7a32b180d84cedf7661
- SHA256
  
  5a479b5f9f4daac9895cb63230ddd035105c0afcfbda304693abbf5aa919dc8a
- SHA512
  
  f51367b9e4419c16fd69338491d6e5c92c26b82a442e84b55c45f46a60ecd63091740b7b60a65aa27d0fcaee78b72361cc343d81db55909772dfe3db07e18efb
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1