b26bcf930a90d5f2ebb307705799c20a2c46f1a4fd3b9af5af232598fdd88893 | Triage

Sharing

General

Target

b26bcf930a90d5f2ebb307705799c20a2c46f1a4fd3b9af5af232598fdd88893
Size

146KB
Sample

221124-j5nktsdg5v
MD5

c73d7a290abf86369b0eb4488455c53f
SHA1

a9ab68157c435c49ae84e4eb48b02742d1dcd3f0
SHA256

b26bcf930a90d5f2ebb307705799c20a2c46f1a4fd3b9af5af232598fdd88893
SHA512

3466712a880387512b29401438837df9720fbcab8ead9731995e31d6c7fe2dd3cdd0632484d4d5043d426e9783ebb9d4fafc0a6fae5e8908d2943a206ee52c12
SSDEEP

3072:HuL4suyftDcmLDLYYJQEIigwkZM7QWtcJWjRzvNNcIdlwC09BJQa:HuL48ftDcmHz7PgDZJkjRzVOqnUMa

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  rechnung_11_2014_vodafone_team_00200034994_00003999300067_11_0000002738.exe
- Size
  
  176KB
- MD5
  
  4a1d13a05a93cfaa8dd2627c696d2f0b
- SHA1
  
  173c81da2aab91f225f8eb5e8fcc87119be4eff0
- SHA256
  
  03f825726fdf3341bcfa36fcfd6dcd08e9d7ec3df982f7af9a290aa6f3c5647c
- SHA512
  
  29269b35d3b041ccf08d2351e4f3fa906ed396e5a880b357398f2f72ba7a20ff870531b2d7febaa1e4173412074d6bc7bee5723ad683011ee4a247fb683e7301
- SSDEEP
  
  3072:q6AMa+ceqZl+r4okWL23kjsZUQoRyV01WZIrLwwWyKdMd9zfp0T0:VfzsbWa3hZUHRHwwWy8UO4
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2