3cdd64a822d96b3bbe0f320d433876357306819151fbf7c61afb4a2c8717c369 | Triage

Sharing

General

Target

3cdd64a822d96b3bbe0f320d433876357306819151fbf7c61afb4a2c8717c369
Size

732KB
Sample

221006-yvwk1sadf6
MD5

8f47cf1e21d3f133d89c467556e84217
SHA1

b7da8da654aec6412f1fa6c06c979c9dabbe40b5
SHA256

3cdd64a822d96b3bbe0f320d433876357306819151fbf7c61afb4a2c8717c369
SHA512

1513e09c8170230153d74187743311bd02c92762e2f1e27aeec1c366ae8c31c9f13d9c681dad18ebb870e8fe93e3a10c73e149b73a77d53e95e499de05c5985d
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3cdd64a822d96b3bbe0f320d433876357306819151fbf7c61afb4a2c8717c369
- Size
  
  732KB
- MD5
  
  8f47cf1e21d3f133d89c467556e84217
- SHA1
  
  b7da8da654aec6412f1fa6c06c979c9dabbe40b5
- SHA256
  
  3cdd64a822d96b3bbe0f320d433876357306819151fbf7c61afb4a2c8717c369
- SHA512
  
  1513e09c8170230153d74187743311bd02c92762e2f1e27aeec1c366ae8c31c9f13d9c681dad18ebb870e8fe93e3a10c73e149b73a77d53e95e499de05c5985d
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1