General

  • Target

    84bbdff6c5393cdc5645b957a631e4cf39cb2d3cf01d8b1a16411a7c0fdabc68

  • Size

    724KB

  • Sample

    220923-hnvgdahdbq

  • MD5

    18b3403360d15b8729c533ccf290811d

  • SHA1

    31f234de888a13db42925f2ebe95418dc26a84ca

  • SHA256

    84bbdff6c5393cdc5645b957a631e4cf39cb2d3cf01d8b1a16411a7c0fdabc68

  • SHA512

    fc19bf7dcacdc3f6eae0444448f8bbc49a1c43075c3b2feedccfbafd31450108ce137f245dc8884f1b5c0b30866c2b9403049de5b8fc315a6dfe58269115a6db

  • SSDEEP

    768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score
8/10

Malware Config

Targets

    • Target

      84bbdff6c5393cdc5645b957a631e4cf39cb2d3cf01d8b1a16411a7c0fdabc68

    • Size

      724KB

    • MD5

      18b3403360d15b8729c533ccf290811d

    • SHA1

      31f234de888a13db42925f2ebe95418dc26a84ca

    • SHA256

      84bbdff6c5393cdc5645b957a631e4cf39cb2d3cf01d8b1a16411a7c0fdabc68

    • SHA512

      fc19bf7dcacdc3f6eae0444448f8bbc49a1c43075c3b2feedccfbafd31450108ce137f245dc8884f1b5c0b30866c2b9403049de5b8fc315a6dfe58269115a6db

    • SSDEEP

      768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Command and Control

Web Service

1
T1102

Tasks