2061b988ec7ce71209d99502da5b47337e005c81ca4b58aece0c7102a8e61351 | Triage

Sharing

General

Target

2061b988ec7ce71209d99502da5b47337e005c81ca4b58aece0c7102a8e61351
Size

723KB
Sample

220922-lnanrabaf7
MD5

58a4aeaa148dafee2028aeca0d10f442
SHA1

9078f87630d05b410e585456b2ab5887a91fee72
SHA256

2061b988ec7ce71209d99502da5b47337e005c81ca4b58aece0c7102a8e61351
SHA512

e48b00ab03e0aa9921541cb4a7d05a31156f4fb30f508f974e49b6437fa75a31ec4ab1f7a0c891d3a2f23d0a155db811c75637fc2d35edc4672667329e8b7c79
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2061b988ec7ce71209d99502da5b47337e005c81ca4b58aece0c7102a8e61351
- Size
  
  723KB
- MD5
  
  58a4aeaa148dafee2028aeca0d10f442
- SHA1
  
  9078f87630d05b410e585456b2ab5887a91fee72
- SHA256
  
  2061b988ec7ce71209d99502da5b47337e005c81ca4b58aece0c7102a8e61351
- SHA512
  
  e48b00ab03e0aa9921541cb4a7d05a31156f4fb30f508f974e49b6437fa75a31ec4ab1f7a0c891d3a2f23d0a155db811c75637fc2d35edc4672667329e8b7c79
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1