c63f2b73f39dffa9e3699a34b3a105cc942cbd63a70765260212ad3559305166 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c63f2b73f39dffa9e3699a34b3a105cc942cbd63a70765260212ad3559305166
Size

731KB
Sample

221005-hmdggadeg3
MD5

c9e1efd548558bd1f366a988805f62a5
SHA1

07b973b1b7805a8fc768fdbfa2adc1f2ee1e76ae
SHA256

c63f2b73f39dffa9e3699a34b3a105cc942cbd63a70765260212ad3559305166
SHA512

e834c880c6053f0f7729b0d12c480e86278d52dd9b0f009aaf9effed5018d9a0a0f9c340eac3d1f9371c4688013d729ae963dc29e9732e4a3f3ad581d7552d16
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c63f2b73f39dffa9e3699a34b3a105cc942cbd63a70765260212ad3559305166
- Size
  
  731KB
- MD5
  
  c9e1efd548558bd1f366a988805f62a5
- SHA1
  
  07b973b1b7805a8fc768fdbfa2adc1f2ee1e76ae
- SHA256
  
  c63f2b73f39dffa9e3699a34b3a105cc942cbd63a70765260212ad3559305166
- SHA512
  
  e834c880c6053f0f7729b0d12c480e86278d52dd9b0f009aaf9effed5018d9a0a0f9c340eac3d1f9371c4688013d729ae963dc29e9732e4a3f3ad581d7552d16
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1