072ad1302109f4908fff5f05ca030264d4032fde79c932a8a5695ea8225c1626 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mainv6Unkown1.exe
Size

37.8MB
Sample

240520-zqhzssgg8x
MD5

6d1b004a1e9fddfce4aa6388e0cbe577
SHA1

624ad396d509445bd1bb236ef64636eaa74299e9
SHA256

072ad1302109f4908fff5f05ca030264d4032fde79c932a8a5695ea8225c1626
SHA512

cfee122317639ec91e068643a0519fb416da0f2c0bdecafc90c23afa2be7bb58c318a0f40aaad97089d8818254020f15a4f9732b5472030cd6f8093ee2e6f1e5
SSDEEP

786432:NaAWAPJ8GxgbX6O1QtIbSN2j6+s7LWB75zuPNvYPJyEM3IL55qW80hjfjKGa0MdD:NaAPSbX6aiI2N2qHWB75iVvYPrMG5cWy

Score

7^/10

persistence pyinstaller

Malware Config

Targets

- Target
  
  mainv6Unkown1.exe
- Size
  
  37.8MB
- MD5
  
  6d1b004a1e9fddfce4aa6388e0cbe577
- SHA1
  
  624ad396d509445bd1bb236ef64636eaa74299e9
- SHA256
  
  072ad1302109f4908fff5f05ca030264d4032fde79c932a8a5695ea8225c1626
- SHA512
  
  cfee122317639ec91e068643a0519fb416da0f2c0bdecafc90c23afa2be7bb58c318a0f40aaad97089d8818254020f15a4f9732b5472030cd6f8093ee2e6f1e5
- SSDEEP
  
  786432:NaAWAPJ8GxgbX6O1QtIbSN2j6+s7LWB75zuPNvYPJyEM3IL55qW80hjfjKGa0MdD:NaAPSbX6aiI2N2qHWB75iVvYPrMG5cWy
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2