205294ba00726f1caacdca1217f575cb675a55502ac54301710ac02849a1cd47 | Triage

Sharing

General

Target

205294ba00726f1caacdca1217f575cb675a55502ac54301710ac02849a1cd47
Size

727KB
Sample

220927-m6zw2aedgm
MD5

f62ad0d90ec817d8ba881aab7787ae61
SHA1

c249ac53536fe5cec0d9e1dd3c1c6161c883e32a
SHA256

205294ba00726f1caacdca1217f575cb675a55502ac54301710ac02849a1cd47
SHA512

e4ec4f0eada7837b39e14cfa17f9347c67db0e6f3a6d8630a9262a1b2c649f5dd9f138604e559dce32235a05a8dbaf3407c7294572a01560207e0cf59c063f81
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  205294ba00726f1caacdca1217f575cb675a55502ac54301710ac02849a1cd47
- Size
  
  727KB
- MD5
  
  f62ad0d90ec817d8ba881aab7787ae61
- SHA1
  
  c249ac53536fe5cec0d9e1dd3c1c6161c883e32a
- SHA256
  
  205294ba00726f1caacdca1217f575cb675a55502ac54301710ac02849a1cd47
- SHA512
  
  e4ec4f0eada7837b39e14cfa17f9347c67db0e6f3a6d8630a9262a1b2c649f5dd9f138604e559dce32235a05a8dbaf3407c7294572a01560207e0cf59c063f81
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1