ee908628c2589347e6e05c66b5fdc200ba996efabbd1401f1c3c761fe2e2a616 | Triage

Sharing

General

Target

ee908628c2589347e6e05c66b5fdc200ba996efabbd1401f1c3c761fe2e2a616.exe
Size

995KB
Sample

250217-cagepswley
MD5

c9cbedbddefc0242501c86d2481f7396
SHA1

f2037325c8213bba65d2ca2e32fa1020e0bf12ee
SHA256

ee908628c2589347e6e05c66b5fdc200ba996efabbd1401f1c3c761fe2e2a616
SHA512

6b509ab586bf14e0ff34ce1ba0846c8256770089897a48660594dffaf99673ada2b7a92f9784aaa4cae2932c63da6be36091f10dac78dc9fd5990775e5924b33
SSDEEP

12288:4jauDReW+A2xwaLhRe2OA6SwXmBXysCcVGRhcnw+UT+RiJ7OSnShaAd:4DDaAWZTcAldCqwxlOQeld

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ee908628c2589347e6e05c66b5fdc200ba996efabbd1401f1c3c761fe2e2a616.exe
- Size
  
  995KB
- MD5
  
  c9cbedbddefc0242501c86d2481f7396
- SHA1
  
  f2037325c8213bba65d2ca2e32fa1020e0bf12ee
- SHA256
  
  ee908628c2589347e6e05c66b5fdc200ba996efabbd1401f1c3c761fe2e2a616
- SHA512
  
  6b509ab586bf14e0ff34ce1ba0846c8256770089897a48660594dffaf99673ada2b7a92f9784aaa4cae2932c63da6be36091f10dac78dc9fd5990775e5924b33
- SSDEEP
  
  12288:4jauDReW+A2xwaLhRe2OA6SwXmBXysCcVGRhcnw+UT+RiJ7OSnShaAd:4DDaAWZTcAldCqwxlOQeld
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence