79bed1a463536bcc254f7f5ba7dc84035676b475c070d9470baa102737294d9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79bed1a463536bcc254f7f5ba7dc84035676b475c070d9470baa102737294d9c
Size

724KB
Sample

220923-x8mdtshga7
MD5

5ed466e8d42ccf04a9429189d461b996
SHA1

3ed938c933840c77c19af0ff7ab24ec1300f80f4
SHA256

79bed1a463536bcc254f7f5ba7dc84035676b475c070d9470baa102737294d9c
SHA512

5f3d8a7b8fcd15c8f5c4ae9573cd4a2b56d7c83734a7183b58df87328777d81644c58ea497d362983293d6998e62d32963f017a30eab72bb1a716853e9ac38b8
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  79bed1a463536bcc254f7f5ba7dc84035676b475c070d9470baa102737294d9c
- Size
  
  724KB
- MD5
  
  5ed466e8d42ccf04a9429189d461b996
- SHA1
  
  3ed938c933840c77c19af0ff7ab24ec1300f80f4
- SHA256
  
  79bed1a463536bcc254f7f5ba7dc84035676b475c070d9470baa102737294d9c
- SHA512
  
  5f3d8a7b8fcd15c8f5c4ae9573cd4a2b56d7c83734a7183b58df87328777d81644c58ea497d362983293d6998e62d32963f017a30eab72bb1a716853e9ac38b8
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1