2ac6bb0688f3073a1b4ae4906c7b6fc3a6928f3dd09b4cb2837f368407239ec3 | Triage

Sharing

General

Target

2ac6bb0688f3073a1b4ae4906c7b6fc3a6928f3dd09b4cb2837f368407239ec3
Size

135KB
Sample

221124-e1l4zscb6z
MD5

5fc4536327f932e1e8731571c5179039
SHA1

e6523f472fbb5176061d8954ec028810f2c041fa
SHA256

2ac6bb0688f3073a1b4ae4906c7b6fc3a6928f3dd09b4cb2837f368407239ec3
SHA512

2a0110577642249eb7275373a9622556cb8340a4cd4dac31f3a745cee5def304822a06678487144a1df7182da0e169107acf35649cf075dba2aac5c7f8173d06
SSDEEP

3072:jLGJ4uuh6mqr3AQf/Kf2DWJEi/i8D2D7oyCT8nVn1QETaT2rewhp85QN8+M:ja4zhaP/E2DH8yDTV1MT2re6p85QN3M

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  online_transaktions_11_2014_0939380001_12987384_93_39_003_365_9388347_00111_02000028.exe
- Size
  
  196KB
- MD5
  
  03c97952e19ce93941404ef9a3a935f5
- SHA1
  
  ec7edb6a0b5f14c7017ba645e269c8598633e384
- SHA256
  
  e01e77a43a43d919359d7716fc19c6286eaadf08cbec4442741789bd680594a0
- SHA512
  
  713b638f2f4f0870798ae66e14a81de302612b8aec3dc4cb1ce169b6df9be3aa89746dae4b31b0cd98ada46bd0fda3e42c8b4992c04ef6635bd112a137339f7f
- SSDEEP
  
  3072:9udusODvGZVHhX1drkr3k1qusMrf/Kf2DWJEi/i0D2D7oyCT8nVn1QJsYvVnGd+z:59+phXzpsML/E2DH0yDTV13Y5z
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2