dde286b140fb6a8f05ac912c11d276bc9df89389682bc0b498c7a3a8cd16ea78 | Triage

Sharing

General

Target

dde286b140fb6a8f05ac912c11d276bc9df89389682bc0b498c7a3a8cd16ea78
Size

733KB
Sample

221009-j8r3esggdl
MD5

ce89b4bf0f68b18c49d8f81a6779131d
SHA1

fba945757987e325081f565511a4157bf0f71635
SHA256

dde286b140fb6a8f05ac912c11d276bc9df89389682bc0b498c7a3a8cd16ea78
SHA512

cf42fe38972def53734f89e21ca3d4d26daa591e403f136e0e2ad35a9e1ce5bebe4a967db9163315ba67311d1a204eb0893b65a97d75f9026590579cdbf13f13
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dde286b140fb6a8f05ac912c11d276bc9df89389682bc0b498c7a3a8cd16ea78
- Size
  
  733KB
- MD5
  
  ce89b4bf0f68b18c49d8f81a6779131d
- SHA1
  
  fba945757987e325081f565511a4157bf0f71635
- SHA256
  
  dde286b140fb6a8f05ac912c11d276bc9df89389682bc0b498c7a3a8cd16ea78
- SHA512
  
  cf42fe38972def53734f89e21ca3d4d26daa591e403f136e0e2ad35a9e1ce5bebe4a967db9163315ba67311d1a204eb0893b65a97d75f9026590579cdbf13f13
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1