dce7469cea6d8c8f9605348042d49d160bd926c48a9216c6a65bc25cf305c183 | Triage

Sharing

General

Target

dce7469cea6d8c8f9605348042d49d160bd926c48a9216c6a65bc25cf305c183
Size

730KB
Sample

221002-1k3mpabhe7
MD5

f98d5855102e463345ac6c7ab621215a
SHA1

ff5f7c19ea5870a97a642780a0f1d37e6a2b5b0d
SHA256

dce7469cea6d8c8f9605348042d49d160bd926c48a9216c6a65bc25cf305c183
SHA512

c2dfd014157d472dd276c1729b92c65f54ee092fae10bd3a62eb249207e41f167e36ca23501f05c8dc7a67b3dcee6221cd0fc8625e789b5bab68c58703782995
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dce7469cea6d8c8f9605348042d49d160bd926c48a9216c6a65bc25cf305c183
- Size
  
  730KB
- MD5
  
  f98d5855102e463345ac6c7ab621215a
- SHA1
  
  ff5f7c19ea5870a97a642780a0f1d37e6a2b5b0d
- SHA256
  
  dce7469cea6d8c8f9605348042d49d160bd926c48a9216c6a65bc25cf305c183
- SHA512
  
  c2dfd014157d472dd276c1729b92c65f54ee092fae10bd3a62eb249207e41f167e36ca23501f05c8dc7a67b3dcee6221cd0fc8625e789b5bab68c58703782995
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1