3b18b07b2ed62bac1c98c8d4635a53a2991eb108c910d4dc508f05ae27d6263e | Triage

Sharing

General

Target

3b18b07b2ed62bac1c98c8d4635a53a2991eb108c910d4dc508f05ae27d6263e
Size

208KB
Sample

221124-f4g5waeg2y
MD5

c1bfb1b698c36a271005ba4fe25fd2f0
SHA1

e81fb4041175b426fde6b700e4e66a2eb4da331e
SHA256

3b18b07b2ed62bac1c98c8d4635a53a2991eb108c910d4dc508f05ae27d6263e
SHA512

0b279934fb6e54eaa822ef970caa870029f2581f751d7c23b81b5f7d9258af861e9a469825a1174295868044a3601f829a6c6d9a427e909c85604e1456723bda
SSDEEP

6144:Hfm+fU7jlbAHNl9ySx7IPKpq9wIgsMHA6:/m+fUlAlYup3DZ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11informationen_finanzgruppe_000070002.000038622.771714407-0044.exe
- Size
  
  277KB
- MD5
  
  6f4d475eb0cb95a0bf8ab9825403253d
- SHA1
  
  b2f4bf05e102823c97b2a6a4b00c4183073d93a4
- SHA256
  
  cae0331cddf01777e3b1c275240b988c675527a4e9f72f91ffe4c0e8d68f73e4
- SHA512
  
  384ccff8f308e901bde57c65f76aa0f501019cb709b47c041fa1c234d81f77da08980b7c757b22a83ebafe720a3aa7d676528a988d2a3b35cb80f5a91f51382e
- SSDEEP
  
  6144:diaYUpwXV9RIKWn/TUVs8oL48N8lqFzc+tRJShtS:jzXrN8UbtPShI
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2