335206b0e69c51f9704a93f4fbc9110c88748466b72666a509b1a8146a4d2245 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

335206b0e69c51f9704a93f4fbc9110c88748466b72666a509b1a8146a4d2245
Size

730KB
Sample

221003-ghb76sbfej
MD5

095191e2eb8a88696937e389dbf9587e
SHA1

7012fb2899f5de1f838b732afb982bb35483ce9c
SHA256

335206b0e69c51f9704a93f4fbc9110c88748466b72666a509b1a8146a4d2245
SHA512

4160977dfddb8b6992ba89b426246c473f67f115365645950e55dffd3266b41f7c6476d92a7f86990fd50d16b7ef470f2bb4dc458fa67a464ab305b00293eb30
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  335206b0e69c51f9704a93f4fbc9110c88748466b72666a509b1a8146a4d2245
- Size
  
  730KB
- MD5
  
  095191e2eb8a88696937e389dbf9587e
- SHA1
  
  7012fb2899f5de1f838b732afb982bb35483ce9c
- SHA256
  
  335206b0e69c51f9704a93f4fbc9110c88748466b72666a509b1a8146a4d2245
- SHA512
  
  4160977dfddb8b6992ba89b426246c473f67f115365645950e55dffd3266b41f7c6476d92a7f86990fd50d16b7ef470f2bb4dc458fa67a464ab305b00293eb30
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1