2fc18ac1f71c88d3d83819c9fa6910690e93b6351d01c0a5727731ccba8c06dc | Triage

Sharing

General

Target

2fc18ac1f71c88d3d83819c9fa6910690e93b6351d01c0a5727731ccba8c06dc
Size

727KB
Sample

220927-pplzyseefn
MD5

e1653bab4c5f23c59db82331042fa221
SHA1

f4393e5f07da72c99cf601f1faa92f6b8dcf5192
SHA256

2fc18ac1f71c88d3d83819c9fa6910690e93b6351d01c0a5727731ccba8c06dc
SHA512

af382868707144625aa3ff9c629e151bdaab3fe341e89f73689bd4065522ccc9a61959898b63265c39139dda13091e2c25c2b4ebde65425a2a62ce1ff1a2e726
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2fc18ac1f71c88d3d83819c9fa6910690e93b6351d01c0a5727731ccba8c06dc
- Size
  
  727KB
- MD5
  
  e1653bab4c5f23c59db82331042fa221
- SHA1
  
  f4393e5f07da72c99cf601f1faa92f6b8dcf5192
- SHA256
  
  2fc18ac1f71c88d3d83819c9fa6910690e93b6351d01c0a5727731ccba8c06dc
- SHA512
  
  af382868707144625aa3ff9c629e151bdaab3fe341e89f73689bd4065522ccc9a61959898b63265c39139dda13091e2c25c2b4ebde65425a2a62ce1ff1a2e726
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1