92e8bced883bf6804c959326f1903fc700ac5e6211dc4bb4a7fae5f14f7d722d | Triage

Sharing

General

Target

92e8bced883bf6804c959326f1903fc700ac5e6211dc4bb4a7fae5f14f7d722d
Size

718KB
Sample

220914-ym7cjsbbg9
MD5

eaf78e43754a15b7b9852a039c6ebc61
SHA1

14d7619085f3dfc8d97a5e29666f27904706bc9e
SHA256

92e8bced883bf6804c959326f1903fc700ac5e6211dc4bb4a7fae5f14f7d722d
SHA512

ec06971e9127f75e8e19c1cc0ebbeb918e1581f81a803bba9bfe4985ba152cd4cd56e3604792dad9c69d2611acd6e21ac20d6e37156c6a2d432c1be890e525ef
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  92e8bced883bf6804c959326f1903fc700ac5e6211dc4bb4a7fae5f14f7d722d
- Size
  
  718KB
- MD5
  
  eaf78e43754a15b7b9852a039c6ebc61
- SHA1
  
  14d7619085f3dfc8d97a5e29666f27904706bc9e
- SHA256
  
  92e8bced883bf6804c959326f1903fc700ac5e6211dc4bb4a7fae5f14f7d722d
- SHA512
  
  ec06971e9127f75e8e19c1cc0ebbeb918e1581f81a803bba9bfe4985ba152cd4cd56e3604792dad9c69d2611acd6e21ac20d6e37156c6a2d432c1be890e525ef
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1