6ce5cb59c7c3b9162851d71cdde237e6501510481c56f5b5c6013d30ee538be2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ce5cb59c7c3b9162851d71cdde237e6501510481c56f5b5c6013d30ee538be2
Size

729KB
Sample

221001-q8m7ssgah9
MD5

b8e16a69008043782fd9e1f1823647be
SHA1

459a103bd6bcfd9c23ba89ace0e02f59caaec37f
SHA256

6ce5cb59c7c3b9162851d71cdde237e6501510481c56f5b5c6013d30ee538be2
SHA512

3669995fd700e9020d46b5d3fff493df991ee6ea9c55f88c0d34345606ea500d1b9fdb79c2508fd3db0a208bcb311cf1ddb79f8c9e1af3e25aa3730f455e0ef4
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6ce5cb59c7c3b9162851d71cdde237e6501510481c56f5b5c6013d30ee538be2
- Size
  
  729KB
- MD5
  
  b8e16a69008043782fd9e1f1823647be
- SHA1
  
  459a103bd6bcfd9c23ba89ace0e02f59caaec37f
- SHA256
  
  6ce5cb59c7c3b9162851d71cdde237e6501510481c56f5b5c6013d30ee538be2
- SHA512
  
  3669995fd700e9020d46b5d3fff493df991ee6ea9c55f88c0d34345606ea500d1b9fdb79c2508fd3db0a208bcb311cf1ddb79f8c9e1af3e25aa3730f455e0ef4
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1