c968b7324fadc7b4e3fadee5417d9e94010f7dd37778e119ce7a83632e6fb394 | Triage

Sharing

General

Target

c968b7324fadc7b4e3fadee5417d9e94010f7dd37778e119ce7a83632e6fb394
Size

730KB
Sample

221003-v435nshaaq
MD5

d99bcf55dca97375fe752e8adcc787fe
SHA1

5a660a63ff86a5a090ccc71abed7abdc8d92d346
SHA256

c968b7324fadc7b4e3fadee5417d9e94010f7dd37778e119ce7a83632e6fb394
SHA512

a2d85d7364f505b66dc7557f54b16ce8fd9a002e83aff0eb3a3f93e831102a70d3910ff928aa70eeba113446f75e2731e95ec8dacb30dde5313d2141160f5992
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c968b7324fadc7b4e3fadee5417d9e94010f7dd37778e119ce7a83632e6fb394
- Size
  
  730KB
- MD5
  
  d99bcf55dca97375fe752e8adcc787fe
- SHA1
  
  5a660a63ff86a5a090ccc71abed7abdc8d92d346
- SHA256
  
  c968b7324fadc7b4e3fadee5417d9e94010f7dd37778e119ce7a83632e6fb394
- SHA512
  
  a2d85d7364f505b66dc7557f54b16ce8fd9a002e83aff0eb3a3f93e831102a70d3910ff928aa70eeba113446f75e2731e95ec8dacb30dde5313d2141160f5992
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1