bb66b92418469d5dbe44be36d39d32dd04dec62c00f60e796ae8a0576507d22d | Triage

Sharing

General

Target

bb66b92418469d5dbe44be36d39d32dd04dec62c00f60e796ae8a0576507d22d
Size

149KB
Sample

221124-ekhrmafg85
MD5

4c397f3bf89911a08ab126ba0c45c48c
SHA1

78d6eba9deeb09813bdf1d354978bc6b628427e1
SHA256

bb66b92418469d5dbe44be36d39d32dd04dec62c00f60e796ae8a0576507d22d
SHA512

aecc98d474669b8b621bb93a785a92312d1ff20310fd1ea13e99040481b525958a89fbc4969721400cbfa1d1425b13519399cb2bf7bfa10f88dff098b3e0477e
SSDEEP

3072:H6xkx9VX0Sv6By6z1H7DSkgtMRbDdl+BDB:JzX0y6By6zRDSqUV

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11vodafone_onlinerechnung_002120003909_november_390321980009_11_00000000445.exe
- Size
  
  181KB
- MD5
  
  9dc40f14b1194513a29372c446121023
- SHA1
  
  5336d6221fa87f4d5d24af4ab4bd33268f96db63
- SHA256
  
  bc320dc82649d7a6ace9801da7b46afe4b6a4a27b4273f887d4fd03bd12384b4
- SHA512
  
  67a2308bdb25d87d9e54b6ea6ff3f59fdaa8ac43f93fc53ce3a8d2a671c1bef3a319897813434a4b84224deaf37d010a6cd875e1cd92b9304c1c91fa4b16c337
- SSDEEP
  
  3072:V/p2fH42AxPLYn4i38TmySLUX3T50H+qAZuI4II13ifrNn6hy7pbtJ9LWos/9wzU:2aPa2/H3F0eqyAL1SZ6hy7pUoG9wz4g5
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2