dd05d8ec2686eb4de74903891cd260e58ceaf38358dbd73ee035f472be91b4c5 | Triage

Sharing

General

Target

ConnectWiseControl.Client.exe
Size

85KB
Sample

220913-vcrbssgag2
MD5

a8d46cab0683d47ac7b98219a0193c8f
SHA1

07d5968aea955a61710954db8b33a493fdb2c53d
SHA256

dd05d8ec2686eb4de74903891cd260e58ceaf38358dbd73ee035f472be91b4c5
SHA512

678c03f65a172ab729bd5336f101ac96e1d6a34e93af7cec96630400dc02668b9d6fd49b6c816fc59c31512c7a42b67df1b735d8835b94ac282805b3a616dab9
SSDEEP

1536:fXn1JYSnExFkcgKKjxfmqshiKW5Xs/iYQqQJtsWFcdfRMvb+xWoJngv/:fE3x5KBDYiKWm/iSw0fRMvygqG/

Score

8^/10

Malware Config

Targets

- Target
  
  ConnectWiseControl.Client.exe
- Size
  
  85KB
- MD5
  
  a8d46cab0683d47ac7b98219a0193c8f
- SHA1
  
  07d5968aea955a61710954db8b33a493fdb2c53d
- SHA256
  
  dd05d8ec2686eb4de74903891cd260e58ceaf38358dbd73ee035f472be91b4c5
- SHA512
  
  678c03f65a172ab729bd5336f101ac96e1d6a34e93af7cec96630400dc02668b9d6fd49b6c816fc59c31512c7a42b67df1b735d8835b94ac282805b3a616dab9
- SSDEEP
  
  1536:fXn1JYSnExFkcgKKjxfmqshiKW5Xs/iYQqQJtsWFcdfRMvb+xWoJngv/:fE3x5KBDYiKWm/iSw0fRMvygqG/
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2