f9dc606500cf19f3b18f02dae165d64a26592e99cf06ec7fb1c4f1e4b534e644 | Triage

Sharing

General

Target

f9dc606500cf19f3b18f02dae165d64a26592e99cf06ec7fb1c4f1e4b534e644
Size

731KB
Sample

221005-y6ermsfgcj
MD5

1aacf1609a41a450ec309737ec94a703
SHA1

e1fe5be42e16e5df9bd72e3acab7ed45ae1abff2
SHA256

f9dc606500cf19f3b18f02dae165d64a26592e99cf06ec7fb1c4f1e4b534e644
SHA512

727ac0587b91a731eb410ff041ea02623f3bb8b09e2c9f7dfa46e41740f0ccee8c5eea055489bb39bbef64eeaf44dd28d0a34f75f76f1bc09f8fb2d43fbed614
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f9dc606500cf19f3b18f02dae165d64a26592e99cf06ec7fb1c4f1e4b534e644
- Size
  
  731KB
- MD5
  
  1aacf1609a41a450ec309737ec94a703
- SHA1
  
  e1fe5be42e16e5df9bd72e3acab7ed45ae1abff2
- SHA256
  
  f9dc606500cf19f3b18f02dae165d64a26592e99cf06ec7fb1c4f1e4b534e644
- SHA512
  
  727ac0587b91a731eb410ff041ea02623f3bb8b09e2c9f7dfa46e41740f0ccee8c5eea055489bb39bbef64eeaf44dd28d0a34f75f76f1bc09f8fb2d43fbed614
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1