cccf27993459362488c165354e0eb9324c77407fd436564e73beb629e6db67dd | Triage

Sharing

General

Target

cccf27993459362488c165354e0eb9324c77407fd436564e73beb629e6db67dd
Size

730KB
Sample

221004-ezmzwscaem
MD5

2f5fc3bfc5041a0d51ef82bfa0ac4553
SHA1

eacf00ed835054a76181d823260203c7dc6fd9ec
SHA256

cccf27993459362488c165354e0eb9324c77407fd436564e73beb629e6db67dd
SHA512

86b27ec7473e788ebe2cd1b111fe7ee98c4184ce79a19aff3205bb34595bb8721f7bcedfe501cdeda5dd4ceee26e0c09356f724ebd0bd43ef58827de109a281c
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cccf27993459362488c165354e0eb9324c77407fd436564e73beb629e6db67dd
- Size
  
  730KB
- MD5
  
  2f5fc3bfc5041a0d51ef82bfa0ac4553
- SHA1
  
  eacf00ed835054a76181d823260203c7dc6fd9ec
- SHA256
  
  cccf27993459362488c165354e0eb9324c77407fd436564e73beb629e6db67dd
- SHA512
  
  86b27ec7473e788ebe2cd1b111fe7ee98c4184ce79a19aff3205bb34595bb8721f7bcedfe501cdeda5dd4ceee26e0c09356f724ebd0bd43ef58827de109a281c
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1