e07ec7ef65ad1d44b230c733ac6b00a15020549f6a38465b22acc4bbfa8861de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e07ec7ef65ad1d44b230c733ac6b00a15020549f6a38465b22acc4bbfa8861de
Size

724KB
Sample

220923-mhr7aahhgn
MD5

e9b2985ebc7c5c60ba4f91daa6a2cfe9
SHA1

625c552050f95a75cac0437f49417b82a5c2ddf4
SHA256

e07ec7ef65ad1d44b230c733ac6b00a15020549f6a38465b22acc4bbfa8861de
SHA512

7575d55b21f02b1a3faa9e6db122d0f3bf51c75761b1df1e4d874debcc39f30cdc8f5cbfea46d38f8b84c8ea46a097ed2cfac1471c63aa2b53974925953d60ca
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e07ec7ef65ad1d44b230c733ac6b00a15020549f6a38465b22acc4bbfa8861de
- Size
  
  724KB
- MD5
  
  e9b2985ebc7c5c60ba4f91daa6a2cfe9
- SHA1
  
  625c552050f95a75cac0437f49417b82a5c2ddf4
- SHA256
  
  e07ec7ef65ad1d44b230c733ac6b00a15020549f6a38465b22acc4bbfa8861de
- SHA512
  
  7575d55b21f02b1a3faa9e6db122d0f3bf51c75761b1df1e4d874debcc39f30cdc8f5cbfea46d38f8b84c8ea46a097ed2cfac1471c63aa2b53974925953d60ca
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1