a7e56661435eb31fe033f5c74b950b5e0ebb16374a52c44545d9158b2f67acc6 | Triage

Sharing

General

Target

a7e56661435eb31fe033f5c74b950b5e0ebb16374a52c44545d9158b2f67acc6
Size

730KB
Sample

221003-1yn2fshdd8
MD5

163feb28b12c95c950159f16011f92cc
SHA1

bc441a9ac7d4c8a1694f0152fc7fc2739080725a
SHA256

a7e56661435eb31fe033f5c74b950b5e0ebb16374a52c44545d9158b2f67acc6
SHA512

194fda188db59e1731bbdc1adb8a0b3eca8150f64a0ec0a3ed046b35f35ff96023a9f61650e53147e5d3554935745f3228eed4027e215a71bbe7a95c2106f9aa
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a7e56661435eb31fe033f5c74b950b5e0ebb16374a52c44545d9158b2f67acc6
- Size
  
  730KB
- MD5
  
  163feb28b12c95c950159f16011f92cc
- SHA1
  
  bc441a9ac7d4c8a1694f0152fc7fc2739080725a
- SHA256
  
  a7e56661435eb31fe033f5c74b950b5e0ebb16374a52c44545d9158b2f67acc6
- SHA512
  
  194fda188db59e1731bbdc1adb8a0b3eca8150f64a0ec0a3ed046b35f35ff96023a9f61650e53147e5d3554935745f3228eed4027e215a71bbe7a95c2106f9aa
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1