f5348c868d3081337ed697e0d2016b39d328fd982af4e1923d1aea45762629e1 | Triage

Sharing

General

Target

Remittance_Advice_20210727001667.img
Size

4.8MB
Sample

210727-x4zq5hhggj
MD5

6fc0c8e2b07e8ffdce0e1a58c7bd773e
SHA1

f27c6248d23bb1435da7294ab419f9b546ea9b6a
SHA256

f5348c868d3081337ed697e0d2016b39d328fd982af4e1923d1aea45762629e1
SHA512

52d594a354a3d4def3ab3335e2c2b301cbd520ab6965d58953e1dec1b6d2060824a241ed77366a60956e9afe5e3d42065e48a564c81f942873f194bd3e7e0334

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  REMITTAN.LNK
- Size
  
  4.3MB
- MD5
  
  cc2a7754840911050d768c6be92005a6
- SHA1
  
  6eb79a31cc322a1a6c4b18bb1c9844108b57313c
- SHA256
  
  ac8ec0eddd80b41d238c54f1262caefd6e80312826157564e933ff35be63c6cd
- SHA512
  
  02f3ee8eaad9adaa3baafd39f94f4115fec3d0f97b67a4f8fbf6b342db95681a07eefd2192201d5b8e1d888818b3615d7ff10d77b1f509056091b007f6e541db
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2