647344e9c11ccd4789182594425c36611cea8c55317ae90755b63742c9f49518 | Triage

Sharing

General

Target

647344e9c11ccd4789182594425c36611cea8c55317ae90755b63742c9f49518
Size

730KB
Sample

221002-s5kcvaedhj
MD5

b2cfbfab41a71b47fc7b1d2f24c1ec29
SHA1

fd01fc088b49da7c0ca860b9db89242fd577ce8a
SHA256

647344e9c11ccd4789182594425c36611cea8c55317ae90755b63742c9f49518
SHA512

1009f5ad0761a52785c682dabe4d3835894673b8396bd4552d79704b8279a3fb495be2d133901c7c4a00e50e1a38125e33020993cfbbbeb05c88e3e4d500749c
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  647344e9c11ccd4789182594425c36611cea8c55317ae90755b63742c9f49518
- Size
  
  730KB
- MD5
  
  b2cfbfab41a71b47fc7b1d2f24c1ec29
- SHA1
  
  fd01fc088b49da7c0ca860b9db89242fd577ce8a
- SHA256
  
  647344e9c11ccd4789182594425c36611cea8c55317ae90755b63742c9f49518
- SHA512
  
  1009f5ad0761a52785c682dabe4d3835894673b8396bd4552d79704b8279a3fb495be2d133901c7c4a00e50e1a38125e33020993cfbbbeb05c88e3e4d500749c
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1