66d4f3fe2fe07de83e225eec376279900055e990670e71fc671da6f15c5e804d | Triage

Sharing

General

Target

SStlr_V2 (2).EXE
Size

155KB
Sample

231014-cxzvkabh4s
MD5

16d70e81a0949a7674d2c76a88c913c2
SHA1

c3b6aa2f00181e8329ff3b187cb4ed6c2f2258eb
SHA256

66d4f3fe2fe07de83e225eec376279900055e990670e71fc671da6f15c5e804d
SHA512

a4f03734917ccf566a9c60da34237c1d4bd1728449b7023cc2add666aa4abd5d6cb24a1be705c8e484568c21051a99a48e66b66d0c61515ab22a53e3896cacf6
SSDEEP

3072:TahKyd2n31r5GWp1icKAArDZz4N9GhbkrNEkYXMt:TahO/p0yN90QE+

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  SStlr_V2 (2).EXE
- Size
  
  155KB
- MD5
  
  16d70e81a0949a7674d2c76a88c913c2
- SHA1
  
  c3b6aa2f00181e8329ff3b187cb4ed6c2f2258eb
- SHA256
  
  66d4f3fe2fe07de83e225eec376279900055e990670e71fc671da6f15c5e804d
- SHA512
  
  a4f03734917ccf566a9c60da34237c1d4bd1728449b7023cc2add666aa4abd5d6cb24a1be705c8e484568c21051a99a48e66b66d0c61515ab22a53e3896cacf6
- SSDEEP
  
  3072:TahKyd2n31r5GWp1icKAArDZz4N9GhbkrNEkYXMt:TahO/p0yN90QE+
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2