fda929f4a069dace72aed5c30013a7bb13c4fea2aa065750f155db5e43a030e1 | Triage

Sharing

General

Target

fda929f4a069dace72aed5c30013a7bb13c4fea2aa065750f155db5e43a030e1
Size

728KB
Sample

220928-2qh1xahca9
MD5

8f45b0b328a2c962203fbb6470cd90df
SHA1

89e863afd79ed67e28ffc58a2f9777b08cd1473e
SHA256

fda929f4a069dace72aed5c30013a7bb13c4fea2aa065750f155db5e43a030e1
SHA512

7f8c7534903ca800a3faead6b5ea701e2814b9a110c3a45cfc532ea5f56ebda01e9524dc37fe6a1aed50ebc2c79838afbac17cf85dc9b6c1b7cf47fe64978fd3
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fda929f4a069dace72aed5c30013a7bb13c4fea2aa065750f155db5e43a030e1
- Size
  
  728KB
- MD5
  
  8f45b0b328a2c962203fbb6470cd90df
- SHA1
  
  89e863afd79ed67e28ffc58a2f9777b08cd1473e
- SHA256
  
  fda929f4a069dace72aed5c30013a7bb13c4fea2aa065750f155db5e43a030e1
- SHA512
  
  7f8c7534903ca800a3faead6b5ea701e2814b9a110c3a45cfc532ea5f56ebda01e9524dc37fe6a1aed50ebc2c79838afbac17cf85dc9b6c1b7cf47fe64978fd3
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1