794a461bc31edd239cbcf6674f684cbcb4480c3408959b536ae79817a5746f22 | Triage

Sharing

General

Target

c3c5e6436dd5a4c69e2c814a17916a60e7d41dca2673334ffcbe7c14245a240d.zip
Size

1.3MB
Sample

220919-lsw3jsbbc7
MD5

712cce2a249ea1b8b76fa6c00378f382
SHA1

678b68eb47fc7f2bf5d65227375bc1df3b97e1b7
SHA256

794a461bc31edd239cbcf6674f684cbcb4480c3408959b536ae79817a5746f22
SHA512

14d8351bcc8371a0f73c0da148c8d9189a5ae1ed019339551d15c2322f7dac5fac1bba8ed854b18531a21f6c23fc6088b412a880bc5eaf8bfac727f2af5b219d
SSDEEP

24576:3AvM58R8xTlF4nqLXsa5RtJLzOJY5IV5NT9Ns9bGDgisPdto/XG7SkU74/DuG8g2:3Av048xTH44XsAV8B7fs9anoo/ISkU7F

Score

8^/10

Malware Config

Targets

- Target
  
  c3c5e6436dd5a4c69e2c814a17916a60e7d41dca2673334ffcbe7c14245a240d
- Size
  
  1.3MB
- MD5
  
  cde25f0fe36009df516dd5429e1e257d
- SHA1
  
  a1efe73056cbac3852d3c4162f1763e0fef915a3
- SHA256
  
  c3c5e6436dd5a4c69e2c814a17916a60e7d41dca2673334ffcbe7c14245a240d
- SHA512
  
  674e35ed14037d8ecc08f3cccacf97c0f385a36dc4ffd25187d802a7fc0a267a2c56a2c39826c6c520589946adca72d10b611afec56285a4f011e50f7f865c6e
- SSDEEP
  
  24576:OZeECzadHbcd8uuA6Hf+fo5QORYobtpdBaPHZoCHdknG3rrGzsm:OZeECquv4f+EDW63bauCHGG3r+p
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2