8f9c6d0a5735b21e7d8ca35145481a15398904af47fe87ad0e9af89e0b17adc5 | Triage

Sharing

General

Target

8f9c6d0a5735b21e7d8ca35145481a15398904af47fe87ad0e9af89e0b17adc5
Size

729KB
Sample

221001-agb3fsfbe4
MD5

c5c6efdbae67c1931e053a1f73e81a08
SHA1

be3c440977a39b728ad41515bebb6a41baa3518f
SHA256

8f9c6d0a5735b21e7d8ca35145481a15398904af47fe87ad0e9af89e0b17adc5
SHA512

df028be66332f1823bea11c26327c8aed4295b153526be768c794bbccdac762ba048821d242d60b2e504281538320ea86e290ea79c8e32d9d35bf82f04b5621d
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8f9c6d0a5735b21e7d8ca35145481a15398904af47fe87ad0e9af89e0b17adc5
- Size
  
  729KB
- MD5
  
  c5c6efdbae67c1931e053a1f73e81a08
- SHA1
  
  be3c440977a39b728ad41515bebb6a41baa3518f
- SHA256
  
  8f9c6d0a5735b21e7d8ca35145481a15398904af47fe87ad0e9af89e0b17adc5
- SHA512
  
  df028be66332f1823bea11c26327c8aed4295b153526be768c794bbccdac762ba048821d242d60b2e504281538320ea86e290ea79c8e32d9d35bf82f04b5621d
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1