c482fad33bb1b2910bd1bbc4c88bb60dcf4e16fca9641bce0d25747d449ee57e | Triage

Sharing

General

Target

c482fad33bb1b2910bd1bbc4c88bb60dcf4e16fca9641bce0d25747d449ee57e
Size

723KB
Sample

220921-y7a5vacfar
MD5

a28e6118b19497158bd0f153d61dd4c9
SHA1

fe1f41ed2038be28b1152b9c34295b6b9e16c24e
SHA256

c482fad33bb1b2910bd1bbc4c88bb60dcf4e16fca9641bce0d25747d449ee57e
SHA512

ba502a357756f11cd0fce57b775f686d3a65d6620f0f1c44c3aa7780000481931a148003d0cd25279b8269b4dc3567ce29549047c4523f3eb8e1d8cb45cfa8f1
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c482fad33bb1b2910bd1bbc4c88bb60dcf4e16fca9641bce0d25747d449ee57e
- Size
  
  723KB
- MD5
  
  a28e6118b19497158bd0f153d61dd4c9
- SHA1
  
  fe1f41ed2038be28b1152b9c34295b6b9e16c24e
- SHA256
  
  c482fad33bb1b2910bd1bbc4c88bb60dcf4e16fca9641bce0d25747d449ee57e
- SHA512
  
  ba502a357756f11cd0fce57b775f686d3a65d6620f0f1c44c3aa7780000481931a148003d0cd25279b8269b4dc3567ce29549047c4523f3eb8e1d8cb45cfa8f1
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1