14ddc3a6762c064ab15d65e794fd64956df180405f45eb1f9a77657cdc47d307 | Triage

Sharing

General

Target

14ddc3a6762c064ab15d65e794fd64956df180405f45eb1f9a77657cdc47d307
Size

732KB
Sample

221007-hm8bvacadm
MD5

6de187f8139047bee5ffd40e5f8688ee
SHA1

39af0e216eb2d2b212ddff5e61a8c7d2a684c210
SHA256

14ddc3a6762c064ab15d65e794fd64956df180405f45eb1f9a77657cdc47d307
SHA512

af5c29931dbd8b681eae35586008e1019b11dad6fac9f312941b64effa5f8f7489c2f98a3dd8e1f7f0dc9b55b7a62db3d259f2118fe6724c7fdf67b81d2ca53b
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  14ddc3a6762c064ab15d65e794fd64956df180405f45eb1f9a77657cdc47d307
- Size
  
  732KB
- MD5
  
  6de187f8139047bee5ffd40e5f8688ee
- SHA1
  
  39af0e216eb2d2b212ddff5e61a8c7d2a684c210
- SHA256
  
  14ddc3a6762c064ab15d65e794fd64956df180405f45eb1f9a77657cdc47d307
- SHA512
  
  af5c29931dbd8b681eae35586008e1019b11dad6fac9f312941b64effa5f8f7489c2f98a3dd8e1f7f0dc9b55b7a62db3d259f2118fe6724c7fdf67b81d2ca53b
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1