2aef04c62407b88d83c93455f5032fbdb572b54a864036fcf17989bb043e8343 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aef04c62407b88d83c93455f5032fbdb572b54a864036fcf17989bb043e8343
Size

149KB
Sample

221124-ekltaaba41
MD5

5ffa26723ff0f5c16260cdbfa9b85298
SHA1

3188006397770b40016567ff7ba864d2552e9d68
SHA256

2aef04c62407b88d83c93455f5032fbdb572b54a864036fcf17989bb043e8343
SHA512

4cbc8f9afcecc6136513b1f8fbdb3a96c7a47ec2f03fd339630220e4e83d59667456a36919cb9db337b4e2cc9176c7b6c1fbc3afaa4d48a589ec44eab8bc315c
SSDEEP

3072:geiQsvn9ekEkWJuVmtXOO8SmcrW8RYzCV:fiQsvAkKuVmwOpJWNm

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11details_transaktion_379000200929_november_309083200059_11_0000000039.exe
- Size
  
  180KB
- MD5
  
  56a4deff377c12cf6453179f1a200ac1
- SHA1
  
  f49b1c70020da9600d037387c2b42b5e117960c5
- SHA256
  
  881b0c70b1285a24ce9a40fbc88ed1b4e804200924e5eea42be13ef17b36b1e1
- SHA512
  
  2e25bd42eff548461e652d78abed6d6e3cdd8ad81192064f0c150b0c237545f447fb3454d4b287d3fab800f32dbc6eefdddf5c1b6c717befcc07c49c7f075274
- SSDEEP
  
  3072:e8peXz0Gj4egOR7XsH/009S37VTL5ZN8p+uzOTolPISHJ7JMV:eoeAAtRXy00a7VxZ2sDT4JJW
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2