9b03447cfffc099170a322875292eac3f693a95de54d50f288e08f5a9c0a9129 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b03447cfffc099170a322875292eac3f693a95de54d50f288e08f5a9c0a9129
Size

717KB
Sample

220913-prw8psfeh8
MD5

846877a06bde9b89ec634c8216922efc
SHA1

6b80b51ac9a7584ac46a11ff51a4725004983676
SHA256

9b03447cfffc099170a322875292eac3f693a95de54d50f288e08f5a9c0a9129
SHA512

3ff198e0fbb857087df6f9f54085626dc19d7ccf0821333472ce0e6c49605e9af6116cb474d759baea4aa5091b92e30d3924822256db6d8b5934d73b662bcf4f
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9b03447cfffc099170a322875292eac3f693a95de54d50f288e08f5a9c0a9129
- Size
  
  717KB
- MD5
  
  846877a06bde9b89ec634c8216922efc
- SHA1
  
  6b80b51ac9a7584ac46a11ff51a4725004983676
- SHA256
  
  9b03447cfffc099170a322875292eac3f693a95de54d50f288e08f5a9c0a9129
- SHA512
  
  3ff198e0fbb857087df6f9f54085626dc19d7ccf0821333472ce0e6c49605e9af6116cb474d759baea4aa5091b92e30d3924822256db6d8b5934d73b662bcf4f
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1