fa2c4faf888c7021e7cf25731caf960240292599153a1455ed74388290a64b14 | Triage

Sharing

General

Target

fa2c4faf888c7021e7cf25731caf960240292599153a1455ed74388290a64b14
Size

729KB
Sample

221001-sg6aeagbg6
MD5

be16213676b58035a3b22d13cb38b515
SHA1

9bc7036a93daf09f4a65199b3a7fea34187b2768
SHA256

fa2c4faf888c7021e7cf25731caf960240292599153a1455ed74388290a64b14
SHA512

50380fc7874dae7ab96207024bea262ad059781546cafbc12088a9954a6c603fbf42749f87a2135c37fcd3f2aa7313a596ad729438de6441f8abc884852aa0ca
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fa2c4faf888c7021e7cf25731caf960240292599153a1455ed74388290a64b14
- Size
  
  729KB
- MD5
  
  be16213676b58035a3b22d13cb38b515
- SHA1
  
  9bc7036a93daf09f4a65199b3a7fea34187b2768
- SHA256
  
  fa2c4faf888c7021e7cf25731caf960240292599153a1455ed74388290a64b14
- SHA512
  
  50380fc7874dae7ab96207024bea262ad059781546cafbc12088a9954a6c603fbf42749f87a2135c37fcd3f2aa7313a596ad729438de6441f8abc884852aa0ca
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1