828b55f2c10a7b26c40cfbebdc2672ff19c6a0614659de5e3f6d1985da032613 | Triage

Sharing

General

Target

828b55f2c10a7b26c40cfbebdc2672ff19c6a0614659de5e3f6d1985da032613
Size

732KB
Sample

221007-xzt3baddhj
MD5

7c4dd87c4e70949a6055acf9775c69a4
SHA1

587a9295c2f6865c5af5d02246a8e1a338cbe923
SHA256

828b55f2c10a7b26c40cfbebdc2672ff19c6a0614659de5e3f6d1985da032613
SHA512

a6c27377fd9449ed3a3906eae101dc4c6fd4b05c440756c118f7e11e4ac03e0fe2b07d945ca4516a49af53f5510cc393d5966bcc8c0409c122b857d08077f251
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  828b55f2c10a7b26c40cfbebdc2672ff19c6a0614659de5e3f6d1985da032613
- Size
  
  732KB
- MD5
  
  7c4dd87c4e70949a6055acf9775c69a4
- SHA1
  
  587a9295c2f6865c5af5d02246a8e1a338cbe923
- SHA256
  
  828b55f2c10a7b26c40cfbebdc2672ff19c6a0614659de5e3f6d1985da032613
- SHA512
  
  a6c27377fd9449ed3a3906eae101dc4c6fd4b05c440756c118f7e11e4ac03e0fe2b07d945ca4516a49af53f5510cc393d5966bcc8c0409c122b857d08077f251
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1