32d3a64be102f8e0ce20c870cd922063886408d25eaf40e6ebc2a4640bf30155 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32d3a64be102f8e0ce20c870cd922063886408d25eaf40e6ebc2a4640bf30155
Size

733KB
Sample

221010-kldrysbden
MD5

40f364f88f235c4e9073f934174845f1
SHA1

7dbdb1e15c3c51490ee190987235a412ab6fd70e
SHA256

32d3a64be102f8e0ce20c870cd922063886408d25eaf40e6ebc2a4640bf30155
SHA512

06e5c69b0999398400be9d1d654ae820eaadeb63018efd22ec25c081c96e56a4aa37ff702c743587d4d3eb62815cdaca0f28e6dc620f324b0e0a39f482810e26
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  32d3a64be102f8e0ce20c870cd922063886408d25eaf40e6ebc2a4640bf30155
- Size
  
  733KB
- MD5
  
  40f364f88f235c4e9073f934174845f1
- SHA1
  
  7dbdb1e15c3c51490ee190987235a412ab6fd70e
- SHA256
  
  32d3a64be102f8e0ce20c870cd922063886408d25eaf40e6ebc2a4640bf30155
- SHA512
  
  06e5c69b0999398400be9d1d654ae820eaadeb63018efd22ec25c081c96e56a4aa37ff702c743587d4d3eb62815cdaca0f28e6dc620f324b0e0a39f482810e26
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1