2180b2ae1157c079b1d9f1fadd13db51e15dbd4dd150cc4bf504e05bba718ce1 | Triage

Sharing

General

Target

2180b2ae1157c079b1d9f1fadd13db51e15dbd4dd150cc4bf504e05bba718ce1
Size

146KB
Sample

221124-k4x9badc42
MD5

9a35391b9f77cd09b78ed5490a011ed0
SHA1

bfa3053775a07e18246a085b00dbd7b9c110b09f
SHA256

2180b2ae1157c079b1d9f1fadd13db51e15dbd4dd150cc4bf504e05bba718ce1
SHA512

52186f080785e9bed221df176780db67af50284c08f1e3e861c7a8befb0b0348f43d21dad5a299c6d30430955fc3e8002d0bffd36288b163ca9fd5a779bd0450
SSDEEP

3072:buL4suyftDcmLDLYYJQEIigwkZM7QWtcJWjRzvNNcIdlwC09BJQi:buL48ftDcmHz7PgDZJkjRzVOqnUMi

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  rechnung_11_2014_3280000236_telekom_de_002839300002_11_0000352899_000005.exe
- Size
  
  176KB
- MD5
  
  4a1d13a05a93cfaa8dd2627c696d2f0b
- SHA1
  
  173c81da2aab91f225f8eb5e8fcc87119be4eff0
- SHA256
  
  03f825726fdf3341bcfa36fcfd6dcd08e9d7ec3df982f7af9a290aa6f3c5647c
- SHA512
  
  29269b35d3b041ccf08d2351e4f3fa906ed396e5a880b357398f2f72ba7a20ff870531b2d7febaa1e4173412074d6bc7bee5723ad683011ee4a247fb683e7301
- SSDEEP
  
  3072:q6AMa+ceqZl+r4okWL23kjsZUQoRyV01WZIrLwwWyKdMd9zfp0T0:VfzsbWa3hZUHRHwwWy8UO4
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2