4a7fb7aa82b0ae63b788701cd4f4ccff5c1142fb8842bb7f7f93b1d50b42e740 | Triage

Sharing

General

Target

4a7fb7aa82b0ae63b788701cd4f4ccff5c1142fb8842bb7f7f93b1d50b42e740
Size

146KB
Sample

221124-f97mqacb64
MD5

b8553997b74a6506054d678096cc594b
SHA1

34e110686ba1e859a59b15b43f0e4027ea8bf84c
SHA256

4a7fb7aa82b0ae63b788701cd4f4ccff5c1142fb8842bb7f7f93b1d50b42e740
SHA512

d58cb45d029b592ecef39192169b66a67b7677cafef84605d503ab80b2e2b8a40097a5c5f31b6d5b3beee92b8dc541d5e63294786e9d6baf3baf7b0f4f053d4f
SSDEEP

3072:4cFkb1ZEVeXmM1T2O/9iU1m6djGxQpGxINS9rmHg32lYmlVGGyw:3KEoXmM1T2O/fn9vc80rmA3KYmlVGGyw

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11vodafone_onlinerechnung_002120003909_november_390321980009_11_00000000445.exe
- Size
  
  176KB
- MD5
  
  26599a5d851894bac450a5529f779960
- SHA1
  
  86ad307147dcc84a84433c6728444f8f36e7a1e8
- SHA256
  
  5375bce7f7d28f834652064ba8c6f41864f3e1fef385aa093a14cf00165976de
- SHA512
  
  87a354060184dc12c9ee156e863cf62ebb95bb3557c75851c987cf3889f7445ccf2e1c9b93ceb6a1bc74ae5fcf03d60b3a8b93cf112f1586a5a033b1a4b6199b
- SSDEEP
  
  3072:K1tv0jMkCL5x8KxMFS/71d0u6O6DZxwWpPcrKxCtxQ/LgM8rPp0j0:KTCEXz/7D0u6RlxRPk8P8r+I
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2