58d8eb6aa9ccd7d9e86c87f46d0f255eadd2007ff354e50b1a022a4416f69db8 | Triage

Sharing

General

Target

58d8eb6aa9ccd7d9e86c87f46d0f255eadd2007ff354e50b1a022a4416f69db8
Size

732KB
Sample

221006-nj5pfahdek
MD5

22c2eeeab2cd9f6e7dcf3da7ecb8dcdc
SHA1

a8ee14df995afb320a0f04cc14cd930d28acc6c4
SHA256

58d8eb6aa9ccd7d9e86c87f46d0f255eadd2007ff354e50b1a022a4416f69db8
SHA512

699d2cf0d92ec193212021da2ec51fff8001005ab9cc17d491624e2b4e73cf7941a79df3d034c8374a7f66b2f89cd82119b621f34d4c9ff9f3eec81045a64adf
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  58d8eb6aa9ccd7d9e86c87f46d0f255eadd2007ff354e50b1a022a4416f69db8
- Size
  
  732KB
- MD5
  
  22c2eeeab2cd9f6e7dcf3da7ecb8dcdc
- SHA1
  
  a8ee14df995afb320a0f04cc14cd930d28acc6c4
- SHA256
  
  58d8eb6aa9ccd7d9e86c87f46d0f255eadd2007ff354e50b1a022a4416f69db8
- SHA512
  
  699d2cf0d92ec193212021da2ec51fff8001005ab9cc17d491624e2b4e73cf7941a79df3d034c8374a7f66b2f89cd82119b621f34d4c9ff9f3eec81045a64adf
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1