c592479b29c5dc1c8952397b10a3bab0bfb71d839f10ad3ce8af8a66694c870a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c592479b29c5dc1c8952397b10a3bab0bfb71d839f10ad3ce8af8a66694c870a
Size

732KB
Sample

221006-xp2peaaegp
MD5

963d4e8478ae23b498f78a1536cd69f3
SHA1

758725d0b8cef5f52ea3217732dfdd62273e716c
SHA256

c592479b29c5dc1c8952397b10a3bab0bfb71d839f10ad3ce8af8a66694c870a
SHA512

b038c94007e9817466b6c79eb6e86d327e6707dad8913582fc3e0c870945cb254c9f90406b73aca5dbc60f569607231525f4343f2fd1adef32143363c553b255
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c592479b29c5dc1c8952397b10a3bab0bfb71d839f10ad3ce8af8a66694c870a
- Size
  
  732KB
- MD5
  
  963d4e8478ae23b498f78a1536cd69f3
- SHA1
  
  758725d0b8cef5f52ea3217732dfdd62273e716c
- SHA256
  
  c592479b29c5dc1c8952397b10a3bab0bfb71d839f10ad3ce8af8a66694c870a
- SHA512
  
  b038c94007e9817466b6c79eb6e86d327e6707dad8913582fc3e0c870945cb254c9f90406b73aca5dbc60f569607231525f4343f2fd1adef32143363c553b255
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1