29887ac84e10a3a92e48a9d662ed1afdbdfaabb48ef12564bfff2bc7726fc22c | Triage

Sharing

General

Target

29887ac84e10a3a92e48a9d662ed1afdbdfaabb48ef12564bfff2bc7726fc22c
Size

120KB
Sample

221124-el2acsbb3w
MD5

11a56db1e9feb895df6eaf4017902f45
SHA1

20d5b5c5afc8318eeff3a602b8aa59e95c278f4b
SHA256

29887ac84e10a3a92e48a9d662ed1afdbdfaabb48ef12564bfff2bc7726fc22c
SHA512

ab44661ef438090e62aec2b508c77c3a272cfa5316d53398b804a575ed6b9c6904ba2a2fe23b473f0660acb58daae357dd64f7ab3ed77d417b6d9328dd72b899
SSDEEP

1536:pPBT1OUB3Fi01RWm2l4w6qyljoe40bOasuWwWQVjwZdNKNanN/C+ZZ33fgNwQfPp:tOUB3FicRPB9lsQJ8Zd4Nan8WoNw42dg

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Informationen_Kontobewegung_dezember_2014_de_20_8139_237_90109238_000129_000028_05.exe
- Size
  
  148KB
- MD5
  
  465fcd4e9e58bd34e14ff1d08f25b182
- SHA1
  
  5c53599441649c0d456002165a420fe866ae0d07
- SHA256
  
  c618529d3c965f88021d712e57a49a69792818a3cdcb438cb0066af974f6ebb7
- SHA512
  
  909907b7c4ba4e7da005694fb96a848177e8c17a3eff95fb5a594a7231006bd114f24b2d6f6f37cf34b872adb33dd8ce6c150bfe74a46f04d75451dbfa331448
- SSDEEP
  
  3072:/ITf9bPB8JYwsQ18Zd4Nan8WgBspI9ozuPG7:YVLKYYeA72W9oyPq
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2