adcad5e836f3c29648fd780bd30cf68dfb662f5a341fa8950b7da7c2c8605f83 | Triage

Sharing

General

Target

adcad5e836f3c29648fd780bd30cf68dfb662f5a341fa8950b7da7c2c8605f83
Size

729KB
Sample

221001-ctq39agchk
MD5

2f4156287b632370cea894339f91c4d4
SHA1

db44f16fe92de7d84c3fbfd216a72b50f6d109a1
SHA256

adcad5e836f3c29648fd780bd30cf68dfb662f5a341fa8950b7da7c2c8605f83
SHA512

6c40c54b6aaa0cf545ff05fbabadfbac0ffa46e42ab41caa525e60530128142197ee60581f7a0705c49e26863df928f23a121bea7e805a04fddec0d902566dfc
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  adcad5e836f3c29648fd780bd30cf68dfb662f5a341fa8950b7da7c2c8605f83
- Size
  
  729KB
- MD5
  
  2f4156287b632370cea894339f91c4d4
- SHA1
  
  db44f16fe92de7d84c3fbfd216a72b50f6d109a1
- SHA256
  
  adcad5e836f3c29648fd780bd30cf68dfb662f5a341fa8950b7da7c2c8605f83
- SHA512
  
  6c40c54b6aaa0cf545ff05fbabadfbac0ffa46e42ab41caa525e60530128142197ee60581f7a0705c49e26863df928f23a121bea7e805a04fddec0d902566dfc
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1