dcce316379045febcaad9053d328963255c95c2d5acf75fb1bd99be167311f71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcce316379045febcaad9053d328963255c95c2d5acf75fb1bd99be167311f71
Size

733KB
Sample

221010-ajhysaaddl
MD5

6e58c18a3fc016ef9f3a2fcff2657d54
SHA1

eba5df66d5a7ea74da8f95f50cf10016ce5bccf3
SHA256

dcce316379045febcaad9053d328963255c95c2d5acf75fb1bd99be167311f71
SHA512

1937a0718cfbc2dc19f70fd325bb89577f60ac782d85b4c334bec9bdecbb199cf40f2135aefc3cb1a3ce85b5fe4bdab1d5298c700aa10d343abb00297032c957
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dcce316379045febcaad9053d328963255c95c2d5acf75fb1bd99be167311f71
- Size
  
  733KB
- MD5
  
  6e58c18a3fc016ef9f3a2fcff2657d54
- SHA1
  
  eba5df66d5a7ea74da8f95f50cf10016ce5bccf3
- SHA256
  
  dcce316379045febcaad9053d328963255c95c2d5acf75fb1bd99be167311f71
- SHA512
  
  1937a0718cfbc2dc19f70fd325bb89577f60ac782d85b4c334bec9bdecbb199cf40f2135aefc3cb1a3ce85b5fe4bdab1d5298c700aa10d343abb00297032c957
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1