27a261719ac289521989326262442984fa28dbdc9afa25241c7e6b487264a45e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27a261719ac289521989326262442984fa28dbdc9afa25241c7e6b487264a45e
Size

721KB
Sample

220920-gb3fsaffdj
MD5

8a75a692a566436170ffed12525d47b7
SHA1

9ebf806abcbc9a8994879f55e1fb934f1e596ec7
SHA256

27a261719ac289521989326262442984fa28dbdc9afa25241c7e6b487264a45e
SHA512

e71a2fe20e44be7373059524310eb760631d25cafbef4a85a9c551ef78a8572ee7ad170786111233cd2b3241bcdef66eb16d0dc6ecadbb04ce04eb4779135e0d
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  27a261719ac289521989326262442984fa28dbdc9afa25241c7e6b487264a45e
- Size
  
  721KB
- MD5
  
  8a75a692a566436170ffed12525d47b7
- SHA1
  
  9ebf806abcbc9a8994879f55e1fb934f1e596ec7
- SHA256
  
  27a261719ac289521989326262442984fa28dbdc9afa25241c7e6b487264a45e
- SHA512
  
  e71a2fe20e44be7373059524310eb760631d25cafbef4a85a9c551ef78a8572ee7ad170786111233cd2b3241bcdef66eb16d0dc6ecadbb04ce04eb4779135e0d
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1