83ee8b74d4b363aa570c9f26de2b269779767c8791537713a9cf84b57ea42a16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83ee8b74d4b363aa570c9f26de2b269779767c8791537713a9cf84b57ea42a16
Size

733KB
Sample

221008-1zqlnsfhhk
MD5

ffee0e615944ce27594af0c8a261cff7
SHA1

384288cddda436806ded7660c39cb4927260d65b
SHA256

83ee8b74d4b363aa570c9f26de2b269779767c8791537713a9cf84b57ea42a16
SHA512

ae0b8328f0ac018e2d7f89815721a01620ca1f707f69b0321a53935f845983c51e228c707b479ad6c73c0075f9ca790409864ff7e68a90e2dc229fd801f4c477
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  83ee8b74d4b363aa570c9f26de2b269779767c8791537713a9cf84b57ea42a16
- Size
  
  733KB
- MD5
  
  ffee0e615944ce27594af0c8a261cff7
- SHA1
  
  384288cddda436806ded7660c39cb4927260d65b
- SHA256
  
  83ee8b74d4b363aa570c9f26de2b269779767c8791537713a9cf84b57ea42a16
- SHA512
  
  ae0b8328f0ac018e2d7f89815721a01620ca1f707f69b0321a53935f845983c51e228c707b479ad6c73c0075f9ca790409864ff7e68a90e2dc229fd801f4c477
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1