3eda56e94c5431d706bd8b4f4805ef4a27ac2b96c866b8cc8691af717e8bd48a | Triage

Sharing

General

Target

3eda56e94c5431d706bd8b4f4805ef4a27ac2b96c866b8cc8691af717e8bd48a
Size

725KB
Sample

220925-178r8agcg2
MD5

dd5d9e77c7405e97da9602645cbdb5b9
SHA1

ae0d30cd3bdcfcfcf16e866ab4d919146ebd4e80
SHA256

3eda56e94c5431d706bd8b4f4805ef4a27ac2b96c866b8cc8691af717e8bd48a
SHA512

b45f4c2cac547d45fc15284ae9c2f32d842eaf53fa26141ab509166539ebc6f8781f646c7be86f0eceaaed898805d2443f0c023df9bf238f9a7cb401eba20315
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3eda56e94c5431d706bd8b4f4805ef4a27ac2b96c866b8cc8691af717e8bd48a
- Size
  
  725KB
- MD5
  
  dd5d9e77c7405e97da9602645cbdb5b9
- SHA1
  
  ae0d30cd3bdcfcfcf16e866ab4d919146ebd4e80
- SHA256
  
  3eda56e94c5431d706bd8b4f4805ef4a27ac2b96c866b8cc8691af717e8bd48a
- SHA512
  
  b45f4c2cac547d45fc15284ae9c2f32d842eaf53fa26141ab509166539ebc6f8781f646c7be86f0eceaaed898805d2443f0c023df9bf238f9a7cb401eba20315
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1