c33e70ddba39aaadb7d3639c9586656a652b5b927151f78b1fa1e0bfe0b29d35 | Triage

Resubmissions

14/02/2023, 08:35

230214-khgz7sca74 1

14/02/2023, 08:31

230214-kes83abd2x 6

Sharing

Copy URL Twitter E-mail

General

Target

httpd_exe.zip
Size

12KB
Sample

230214-kes83abd2x
MD5

3ab0722d2cc80f4f538bc84bf361b9bb
SHA1

1352b2ab28f5825b41f5c3adcef3818eaaedd44d
SHA256

c33e70ddba39aaadb7d3639c9586656a652b5b927151f78b1fa1e0bfe0b29d35
SHA512

bf53f3c5ae739824a26b845698762ce456caf73576cf63842de5af08d940edc77d121513d56fdcd608a04a9bb341f7b23b1380eca42d5567f7b350ce02562818
SSDEEP

192:NiSCWzzdPhK6riZQd0DznEH+nC7Q4DBCBlEOZl3jYMMwTr1WF/dDuinBeyQ7:NiSHzzdZsO0Dzo+nNCCXVYxWr1WFlBC7

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  Device/HarddiskVolume5/Apache24/bin/httpd.exe
- Size
  
  29KB
- MD5
  
  bb7928fa4b9346fb34a551f3d6efaba4
- SHA1
  
  546176d4d72b0dd1a94e17a4e032f7469569e06c
- SHA256
  
  a630fdc09bc55785e9c5bdaa7251ee9045d24a1c773f4d45df9786fefd14d9a3
- SHA512
  
  f1d916f1fb00e32cc22f7d30dce9eef72e236370047735a43b61ab1a41bcfaec0b7c35418d718ebe15f5245c73327fe5e3a1bea1a5e0bfe99f39cc584057876b
- SSDEEP
  
  384:iqLYKLahM5ijPdd3zCew7UiEMi3r/q5MrkYhFN2OF2CsOMh/Tqtlc:zahMOxGD7UiEMi3r/q5MoOPs1qnc
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2