6b263f98ac9778a011f88b1fcf367e38df9cd9019cda667d1a166d190d059558 | Triage

Sharing

General

Target

6b263f98ac9778a011f88b1fcf367e38df9cd9019cda667d1a166d190d059558
Size

212KB
Sample

221124-fzh7dabe46
MD5

1d78244df8b5dcedf18c60c0c5d8f233
SHA1

cf06710957728c2bc4e8d1bec05f19915f4ed416
SHA256

6b263f98ac9778a011f88b1fcf367e38df9cd9019cda667d1a166d190d059558
SHA512

01ac65f2c3be8ece3bd7829b3f759be79f0a7c91e7e53b9bb4ae2a4ec64ec656a32935aa87027c4a0c32cc496b8211ded78b071823a00aec03032dfc1efe7870
SSDEEP

6144:m/uAkJBHJEczcI3jsZfIK+AdZNJrgsJpnHT7nzUYPnAC:mhkfJCI3jsZfX+AdZDrgsTHXwCnAC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11rechnung_K4768955881_pdf_sign_telekom_de_deutschland_gmbh.pdf.exe
- Size
  
  288KB
- MD5
  
  1785cc3bee48dcc3dea29636307cd632
- SHA1
  
  63d4dccbf1859747e207ff6a119a41a50fb42d8b
- SHA256
  
  f815a4192d09d50a60e9102216fe5ae1c398a0c345d75664a86ebc06d618e674
- SHA512
  
  5b0f87adfbf540f9c08be7507cb682995be484493fbee08958da22436c3e323498387d7da800b13400dfd21523a75ce8294058d15655f9deccd39461aa0efc4d
- SSDEEP
  
  6144:ApwPQxhejYZTMzoixretHGSH3AoacYGcIhHKEeW+WzWcaBGP:AL3smHQoYIhMPEW9GP
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2