301dcb05672c95d05fd3f1b613fba0d2f80e69555356b1f13d65db4c856663cf | Triage

Sharing

General

Target

shootself.mp4
Size

125KB
Sample

240201-fvj8wadhhj
MD5

c8a4b50a8d2c6cc967147fed7b272cbe
SHA1

3ec457cc8bf91515f832b9e19e46c64508ca87a7
SHA256

301dcb05672c95d05fd3f1b613fba0d2f80e69555356b1f13d65db4c856663cf
SHA512

67b34ea5ccabc0c9cd80c1645405c446a96ee920b64bddbe53c0fe42daca21a922cc47c19449af6627057eaf8d60aea702857f9e94fe8a88fffd8db1b88f19b5
SSDEEP

3072:WuzU2KaLHkgF7izyzAtIUb60gt4aglyEwI0FKrRR/LwY03xPQIQ:tI1aR7izaAmUbf0Klrwd++xPQv

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  shootself.mp4
- Size
  
  125KB
- MD5
  
  c8a4b50a8d2c6cc967147fed7b272cbe
- SHA1
  
  3ec457cc8bf91515f832b9e19e46c64508ca87a7
- SHA256
  
  301dcb05672c95d05fd3f1b613fba0d2f80e69555356b1f13d65db4c856663cf
- SHA512
  
  67b34ea5ccabc0c9cd80c1645405c446a96ee920b64bddbe53c0fe42daca21a922cc47c19449af6627057eaf8d60aea702857f9e94fe8a88fffd8db1b88f19b5
- SSDEEP
  
  3072:WuzU2KaLHkgF7izyzAtIUb60gt4aglyEwI0FKrRR/LwY03xPQIQ:tI1aR7izaAmUbf0Klrwd++xPQv
Score

8^/10

persistence
- Downloads MZ/PE file
- Modifies Installed Components in the registry
  persistence
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2