b02c3d310ec413bf34fc66d470411e781d8bad4fae7e68855519a53da29e6394 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b02c3d310ec413bf34fc66d470411e781d8bad4fae7e68855519a53da29e6394
Size

726KB
Sample

220926-cby15sghf5
MD5

94db60b9c1c8167ef4582e521c6b941d
SHA1

5c340a6601237aa8ac096980d498c336079feaf2
SHA256

b02c3d310ec413bf34fc66d470411e781d8bad4fae7e68855519a53da29e6394
SHA512

e4cb707f532236f64a3f44f8ea1e7a4d4bd8d85721ddb3e6f189ff715061f06a8c35a6e096a744d91ac52361702b06214a613f4fa615e8aca2caae77444db2e6
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b02c3d310ec413bf34fc66d470411e781d8bad4fae7e68855519a53da29e6394
- Size
  
  726KB
- MD5
  
  94db60b9c1c8167ef4582e521c6b941d
- SHA1
  
  5c340a6601237aa8ac096980d498c336079feaf2
- SHA256
  
  b02c3d310ec413bf34fc66d470411e781d8bad4fae7e68855519a53da29e6394
- SHA512
  
  e4cb707f532236f64a3f44f8ea1e7a4d4bd8d85721ddb3e6f189ff715061f06a8c35a6e096a744d91ac52361702b06214a613f4fa615e8aca2caae77444db2e6
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1