c98bb553741873e3a5be7dfbff6d6d82bd83278a75b8670bf4dd5de26697dc80 | Triage

Sharing

General

Target

c98bb553741873e3a5be7dfbff6d6d82bd83278a75b8670bf4dd5de26697dc80
Size

729KB
Sample

221001-t5hppagcf5
MD5

62f2ea6c634fea922d639417a3cb928e
SHA1

f25ff28ae2f59f600bbd257225878cf0d239dae6
SHA256

c98bb553741873e3a5be7dfbff6d6d82bd83278a75b8670bf4dd5de26697dc80
SHA512

3bd7fd3bfd1aafcd35b2a5f343783b9cdaad94ef9cd50ede8a8b0166fa1a4c8ccc3bb46059b2eedf25e6afe09bdaa1d7d1ab63ddb4b6291efcf497d4e593a2e6
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c98bb553741873e3a5be7dfbff6d6d82bd83278a75b8670bf4dd5de26697dc80
- Size
  
  729KB
- MD5
  
  62f2ea6c634fea922d639417a3cb928e
- SHA1
  
  f25ff28ae2f59f600bbd257225878cf0d239dae6
- SHA256
  
  c98bb553741873e3a5be7dfbff6d6d82bd83278a75b8670bf4dd5de26697dc80
- SHA512
  
  3bd7fd3bfd1aafcd35b2a5f343783b9cdaad94ef9cd50ede8a8b0166fa1a4c8ccc3bb46059b2eedf25e6afe09bdaa1d7d1ab63ddb4b6291efcf497d4e593a2e6
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1