669baf31232ac7c1d8d708159de849657ec9a6daa81e42f4a62d8329f00c6ccb | Triage

Sharing

General

Target

ConnectWiseControl.Client.exe.7z
Size

41KB
Sample

230320-w3yn8sgh2t
MD5

180e3dc793dce145f9730626fb3e21fb
SHA1

9081771f377a14658acca32e2def656aa94674a4
SHA256

669baf31232ac7c1d8d708159de849657ec9a6daa81e42f4a62d8329f00c6ccb
SHA512

d48ddac58c7a20c682ee77ed2d3fdb42301f456711d7f790c0fdb0b89b2882e5b6b1d939eb2a8aa4dff31d2ac3842ed5c7659804907ef5ac9879c35f10b8956e
SSDEEP

768:NfUTM9dXM/eh2wmoF1Wy2ES93Vj1GSiDvQoEjl1j6gni7pQyqk5pnN:NfUgnMeLmoF1WLT9lj1Gfbyni7pQ9k5

Score

8^/10

Malware Config

Targets

- Target
  
  ConnectWiseControl.Client.exe
- Size
  
  87KB
- MD5
  
  78bda257144f3e4c0126d9e84b518e0d
- SHA1
  
  7cd24d1e486363ffa0a6509f833c3e2cbce89712
- SHA256
  
  6043bb0b62ce918f8dc4d4a27b35e9cbf4bbdc1d7e47535755895a75e4865955
- SHA512
  
  da5ed5ddd9e5a69fb93032953d741a4d9fff53e9d53d30739c0405eb7cae777a048f0bdcdca6c0c7bb3af5234ecb92a6a2e7f9eb1e4c63c3184bc179f50003b1
- SSDEEP
  
  1536:2Xn1JYSnExFkcgKKjxfmqshiKW5Xs/iYQqQJtsWFcdfRMvb+xW5YK9:ME3x5KBDYiKWm/iSw0fRMvygWK9
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2