adc9d0e46199faaa7fc22fc98f2caf156a41ed7917f03b092369087c03a5b78b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adc9d0e46199faaa7fc22fc98f2caf156a41ed7917f03b092369087c03a5b78b
Size

732KB
Sample

221006-3vlg9sbba7
MD5

e20af28166af3f786ad48350650e69d9
SHA1

60dd422cc0c4313d067690e46e4abd5e0a0ac4e9
SHA256

adc9d0e46199faaa7fc22fc98f2caf156a41ed7917f03b092369087c03a5b78b
SHA512

588864ac0421a389e17afc062e6be2b600fd0033f465215e771cbc5a0440b8181da84f94ee655a683dc5e09473c2166a8764d812e16e38ceecba85c4a4b54b18
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  adc9d0e46199faaa7fc22fc98f2caf156a41ed7917f03b092369087c03a5b78b
- Size
  
  732KB
- MD5
  
  e20af28166af3f786ad48350650e69d9
- SHA1
  
  60dd422cc0c4313d067690e46e4abd5e0a0ac4e9
- SHA256
  
  adc9d0e46199faaa7fc22fc98f2caf156a41ed7917f03b092369087c03a5b78b
- SHA512
  
  588864ac0421a389e17afc062e6be2b600fd0033f465215e771cbc5a0440b8181da84f94ee655a683dc5e09473c2166a8764d812e16e38ceecba85c4a4b54b18
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1