4fe6ae37f1c30c60de06f51e053a73670351a06d311cf5d7f19416a26c9ca5ff | Triage

Sharing

General

Target

4fe6ae37f1c30c60de06f51e053a73670351a06d311cf5d7f19416a26c9ca5ff
Size

456KB
Sample

221123-xe42saeg88
MD5

6deedc7795aef8af07689a21610de47d
SHA1

59c2fd2d738dd6f0d3da236c4274deb0f6774e5c
SHA256

4fe6ae37f1c30c60de06f51e053a73670351a06d311cf5d7f19416a26c9ca5ff
SHA512

58a6a9f3a7c88806152ac562d6c3f748a39dec3f76e277c9461be5fbcbcecce57c51dfa126717177e565bd46f58f8333803df0cd9ec71026ec55a58742b28aeb
SSDEEP

12288:lEg1YB/01CatImlTj1oKf+mJ2aDhza4biuqO:lTYm8+xh7JtDhza9O

Score

1^/10

Malware Config

Targets

- Target
  
  FTTH小区标准地址采集表（工程提交，工程填写,放于一级光网络箱）.xls
- Size
  
  29KB
- MD5
  
  9d5f6a814160a1b5ba4e44c7f1f3031d
- SHA1
  
  1f42ea5427444b42e07ccfd2b80691fed1cf55dc
- SHA256
  
  ead2d9a12064eaae9a74a84a782ed2508939735fdb3d9c69904b4678e792dec5
- SHA512
  
  bd60498899285f37c828bda53ac35ebaa0f91d82a6135b4d793dea056ed2341a9742f98bfba1843b9901ad6cde25d69ed9a04697818e6269dc09d6b9302c722c
- SSDEEP
  
  768:TcccecXlBZwQvAcb7qwI5WcIqmRR2jn9lGZ95WzPxPck+0pw:TcccecXlBZwQvAcb7qwI5WcIqmSGZ95Z
Score

1^/10
behavioral1 behavioral2
- Target
  
  分光器端口信息占用表（工程提交，装维人员填写，放于二级光网络箱）.xls
- Size
  
  35KB
- MD5
  
  769f658a0521b5c0b8b542793947bd39
- SHA1
  
  5d1a70f28444e45741fed4a650590cc0713a9adf
- SHA256
  
  0299e3c03c5226e92afa54f6e077d8e156d83da40a999e1ee10ddcd8b1026f08
- SHA512
  
  5c648d32efb37b72bbb84926b3dbdca421fe4dbebeb83ad22c8fd24feef8c5af4bc723612c786659ff2440f531834e2746e69982e214c4f49eeba78888d7fc2b
- SSDEEP
  
  768:Heeecce9fD7Kqp1ae5ZQKib0BbR2olX9lGZ956u/9A9CQ:Heeecce9fD7Kqp1ae5ZQKib0BDl2Z95i
Score

1^/10
behavioral3 behavioral4
- Target
  
  现业黄许金桥村1.2.3.8组聚居点FTTH改造工程分光器信息表（工程提交，工程填写，放于一级光网络箱）.xls
- Size
  
  42KB
- MD5
  
  bbec5119a10c784508beb638d2884130
- SHA1
  
  4505e195d61d9695b3b07753e8d96cd9dbc5cbeb
- SHA256
  
  219116be8a17eeb7e8005a8cb70568329bb9fcd5a3f7e622b9902c80ce63655e
- SHA512
  
  6b580fba046cda29a7e825c15feec1c73ab51de1fa20b65bd74c4fef7bd8630a58044bc3340102295775eefe682a136c0aa29cf3753ca6eda468f1aafae0ac00
- SSDEEP
  
  768:ieeeeqOema2jmOsQzJtV8cbsQvPe8k1SzR22O59lGZ95W//9C9z0ILV+X:ieeeeqOema2jmOsQzJtV8cbsQvPe8k1x
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6