635e121a5cba93b2e12089678807cc83d380e8c57476b2eeb7c632312458cc00 | Triage

Sharing

General

Target

635e121a5cba93b2e12089678807cc83d380e8c57476b2eeb7c632312458cc00
Size

729KB
Sample

221001-l44lrsfgg3
MD5

b3d2b9de31bd80353357f6f5b7978fe8
SHA1

afea677ec64f5d7366a65ab277f6110cd03c258d
SHA256

635e121a5cba93b2e12089678807cc83d380e8c57476b2eeb7c632312458cc00
SHA512

a3a6f9454a60c411ed707c7fbd56ea7e070b455bb30a9cb6be63c2a39e088ee57487c0985724f03e037d04e3989281fe6cd2b47d53c915922219af3a88791fdd
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  635e121a5cba93b2e12089678807cc83d380e8c57476b2eeb7c632312458cc00
- Size
  
  729KB
- MD5
  
  b3d2b9de31bd80353357f6f5b7978fe8
- SHA1
  
  afea677ec64f5d7366a65ab277f6110cd03c258d
- SHA256
  
  635e121a5cba93b2e12089678807cc83d380e8c57476b2eeb7c632312458cc00
- SHA512
  
  a3a6f9454a60c411ed707c7fbd56ea7e070b455bb30a9cb6be63c2a39e088ee57487c0985724f03e037d04e3989281fe6cd2b47d53c915922219af3a88791fdd
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1