761510b374d517f51ad9cf29acca741cb4ba63e733bf3607ab89b2cd0bbafbca | Triage

Sharing

General

Target

761510b374d517f51ad9cf29acca741cb4ba63e733bf3607ab89b2cd0bbafbca
Size

729KB
Sample

220930-tz19vaeba5
MD5

f24d7a5193b4227f8175f6188ab90f6b
SHA1

0c36609dc91da8dc79d09e2b8304912dd2c5ba42
SHA256

761510b374d517f51ad9cf29acca741cb4ba63e733bf3607ab89b2cd0bbafbca
SHA512

f39d8be79325d688537a0db8155543f6f65ecf046c39ebd0480b51499ff3b00b9d7daa5db0189fff29b17c054d545d742b9670d6d25c216c54c2ca712b6de55c
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  761510b374d517f51ad9cf29acca741cb4ba63e733bf3607ab89b2cd0bbafbca
- Size
  
  729KB
- MD5
  
  f24d7a5193b4227f8175f6188ab90f6b
- SHA1
  
  0c36609dc91da8dc79d09e2b8304912dd2c5ba42
- SHA256
  
  761510b374d517f51ad9cf29acca741cb4ba63e733bf3607ab89b2cd0bbafbca
- SHA512
  
  f39d8be79325d688537a0db8155543f6f65ecf046c39ebd0480b51499ff3b00b9d7daa5db0189fff29b17c054d545d742b9670d6d25c216c54c2ca712b6de55c
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1