96dbd973d51c8f6e760bd36fe867a3605073d9c4f2c6a28e08b29768bf997224 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96dbd973d51c8f6e760bd36fe867a3605073d9c4f2c6a28e08b29768bf997224
Size

724KB
Sample

220923-vggm6ahed2
MD5

c22244f3144cc0a381456e786e9db601
SHA1

4ba382d516b554c5e067b87613b6d90a3c847490
SHA256

96dbd973d51c8f6e760bd36fe867a3605073d9c4f2c6a28e08b29768bf997224
SHA512

28e6560380d7562ae06b1da5d48b59726c7cf57c1f04a7a1a001f481d857110ca2f295b940a32a433a187bb3df70b5667c89ab20c361411a27dca8f5cc98916b
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  96dbd973d51c8f6e760bd36fe867a3605073d9c4f2c6a28e08b29768bf997224
- Size
  
  724KB
- MD5
  
  c22244f3144cc0a381456e786e9db601
- SHA1
  
  4ba382d516b554c5e067b87613b6d90a3c847490
- SHA256
  
  96dbd973d51c8f6e760bd36fe867a3605073d9c4f2c6a28e08b29768bf997224
- SHA512
  
  28e6560380d7562ae06b1da5d48b59726c7cf57c1f04a7a1a001f481d857110ca2f295b940a32a433a187bb3df70b5667c89ab20c361411a27dca8f5cc98916b
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1