583a810261aead51ef4425fd3e5187d9bf929c4002c33c7e52c091f6f0d00a27 | Triage

Sharing

General

Target

583a810261aead51ef4425fd3e5187d9bf929c4002c33c7e52c091f6f0d00a27
Size

208KB
Sample

221124-f3nk9sef7t
MD5

b2f4c21faba5804bcc7439a6b57c999b
SHA1

1bdf5481d5b49ff60df8c82f1761319115d9821c
SHA256

583a810261aead51ef4425fd3e5187d9bf929c4002c33c7e52c091f6f0d00a27
SHA512

3e6eaf6224c6285a8ffc17c99e426856ce14196f56c8c8bca148d40eed8f6cb8681359c63d78f4b4b8ec3bfd23a32b0430f9fdbca906bd4bbf582305fdceb569
SSDEEP

6144:xOTWvWSZhW3BG/KkGllitIcFbb0kwA9hbVCjU:x6Ch+BIGlYCcFAtA9hUI

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11rechnung_K4768955881_pdf_sign_telekom_de_deutschland_gmbh.exe
- Size
  
  278KB
- MD5
  
  2804797e817cd57397c22538ab71a9b5
- SHA1
  
  88b499209f9a610aaa566644193e16bef4ee24c3
- SHA256
  
  84d5a9bdbe6311cbd8924e1597d4647025f10c720b03c3f5e37040bcbd983fe5
- SHA512
  
  7fa1500fc443c06ed8845ba51ab14fabbbbad710fd61e6be6957b7e0e7b35c701ac50d28797b457ae4cb8c83781e3c8346473dcd4c2b15a006fb2b22fa19b6e1
- SSDEEP
  
  6144:TRmQh7YWbNaxXv06kPvLoa32jc3qmpdtPpX:FmQs2Ll6mz
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2