cf96aba5bce94a633ffbf027b5462c5fc38d3d93cde131efde2f68360fad8f13 | Triage

Sharing

General

Target

cf96aba5bce94a633ffbf027b5462c5fc38d3d93cde131efde2f68360fad8f13
Size

717KB
Sample

220914-jd9zradcen
MD5

a1aa61cbd986aa962e59be97a77546fc
SHA1

d172c4089498e23dba2df302f4a94438579e9e17
SHA256

cf96aba5bce94a633ffbf027b5462c5fc38d3d93cde131efde2f68360fad8f13
SHA512

a4d9b94f6b3eea9a3b270fa51f87a23c8b8a1e4989627fa7d3ffa35c97df8df64b9ef74e6077e0f08884e8afa017e0a557eec35c45f4535209935d7ff4fdda54
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cf96aba5bce94a633ffbf027b5462c5fc38d3d93cde131efde2f68360fad8f13
- Size
  
  717KB
- MD5
  
  a1aa61cbd986aa962e59be97a77546fc
- SHA1
  
  d172c4089498e23dba2df302f4a94438579e9e17
- SHA256
  
  cf96aba5bce94a633ffbf027b5462c5fc38d3d93cde131efde2f68360fad8f13
- SHA512
  
  a4d9b94f6b3eea9a3b270fa51f87a23c8b8a1e4989627fa7d3ffa35c97df8df64b9ef74e6077e0f08884e8afa017e0a557eec35c45f4535209935d7ff4fdda54
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1