e5a4eec751296e5d2cd97e1d6135ac92cb83fa25cc3f3a6b286090552c76edea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e5a4eec751296e5d2cd97e1d6135ac92cb83fa25cc3f3a6b286090552c76edea
Size

370KB
Sample

221124-h1tqlsba6w
MD5

6cc0ec2c93dc866f69f5a667c5901f6f
SHA1

cf863e34eb082375a60d003c2e7e47d3982c67d3
SHA256

e5a4eec751296e5d2cd97e1d6135ac92cb83fa25cc3f3a6b286090552c76edea
SHA512

f8950be44809257ab8e03776e717bb7d17c766c2ab873aba9d31c273f6acd4731ed85a9960bf6981d423dbb6eeec3820381a4977ff4be992526927df9da4a3d3
SSDEEP

6144:cC14M5bsb2BH1awDl7K9zN8GCDwFJ2Hov8ZNeF+i+uoudUs00y44Wz0SaCelli:cPM5VVaEANb2NLQT+JQg0H0SCs

Score

1^/10

Malware Config

Targets

- Target
  
  QYGWLT20140125团结镇友谊小区(太和村安置小区)FTTH-余碧金/(分光器信息)团结镇友谊小区FTTH-余碧金.xls
- Size
  
  26KB
- MD5
  
  5287b9ee43143eb7f02b000176a310eb
- SHA1
  
  e7cace4b643b6a87ed583d07e6a5b8c474cc1720
- SHA256
  
  78e55b16c008ea6e6ce34f898c20b7da6ced9f3e67b0e973bc88ec97d9fcb23e
- SHA512
  
  ab1a354af0977dde42ce9e66c2ccbc5d7adfc3b2281d19f3fc0c1d5fd7e86249d4dc6c3674b030f40b44b25b028d2f6e8084080098fb6610f44a745a75ee7499
- SSDEEP
  
  768:I+++zPQbV18Q8JkvstecS4kQqekQ5R21MEmYqVF9LAXSbXYJhGM:I+++zPQbV18Q8JkvstecS4kQqekQ8ME5
Score

1^/10
behavioral1 behavioral2
- Target
  
  QYGWLT20140125团结镇友谊小区(太和村安置小区)FTTH-余碧金/FTTH工程设备完工资料(团结镇友谊小区FTTH-余碧金).xlsx
- Size
  
  99KB
- MD5
  
  e98a40ddec186647e509a653818b444d
- SHA1
  
  b3c657762063041773d4245d9e1398695e3b544b
- SHA256
  
  b0d11262dd0c49d35400036785b440f79a262774cc7a8b7e1ecebb8bad1f0464
- SHA512
  
  e5d2d7d23ca60cacb0fd8edc21213fc65af99cb47666d3d95ab654d334c0db7396289626a4444618b1610b0524eb14461845fe0ba1ba25b6cb90d0bb049144a2
- SSDEEP
  
  3072:eaHXFnY5Wh5geWEKc3aaaDKJSOGPCoE58Yaqt:ecZPCeWw3a3PqoC8Yaqt
Score

1^/10
behavioral3 behavioral4
- Target
  
  QYGWLT20140125团结镇友谊小区(太和村安置小区)FTTH-余碧金/（新FTTH光路）团结镇友谊小区FTTH-余碧金.xls
- Size
  
  24KB
- MD5
  
  7b80d5201c22d0ba22f2a539c8765e28
- SHA1
  
  848abeae4f9327d4392025acff8fb03f93ccf410
- SHA256
  
  366860a59207fa658db22e1bc1d148fc48d367eef44f882f2f0c289ac89337eb
- SHA512
  
  21745ba6cf8b714e8ec127a7483d45bc0d80a61e1f75bca62fd0a12f54c33b27f6d1b9f3e940f9a8de58698e200021195fd6b4fc672957786b41b1578c1d220a
- SSDEEP
  
  768:Cwm5mHaLw/hwHFw9oxuuu/Qc8ze1tVbsQvPkpS8jDHbWeqaDPqaadNR274mYqaOO:uuuu/Qc8ze1tVbsQvPkpS8jDHbWeqaDk
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6