c731060ee5aebb9269660aafee30054719c16ea8284e0774ae5c3b989bd5808b | Triage

Sharing

General

Target

c731060ee5aebb9269660aafee30054719c16ea8284e0774ae5c3b989bd5808b
Size

3.2MB
Sample

221124-p3zg7sec63
MD5

28bf0b7d10921782894378fc9e9d91ad
SHA1

1599d0d7785dfcde9cdedde338ab1026265dd535
SHA256

c731060ee5aebb9269660aafee30054719c16ea8284e0774ae5c3b989bd5808b
SHA512

773c370270f1c702e5b1d0327a8d35de1c3e99b78b3d8b2268085d8741ea08af5fe308fcab6ecb3e0d619c20192452a37b42200efa26d887abf121d1a603e87c
SSDEEP

49152:UVg5tQ7afWuA54W59NeEEsuteuw/XqU3WrGkNmGww3WB0Sp17rdzwosaitVWS9X:eg56Ow5nLzceuuAOGLLg17BzH0W8

Score

6^/10

collection persistence

Malware Config

Targets

- Target
  
  c731060ee5aebb9269660aafee30054719c16ea8284e0774ae5c3b989bd5808b
- Size
  
  3.2MB
- MD5
  
  28bf0b7d10921782894378fc9e9d91ad
- SHA1
  
  1599d0d7785dfcde9cdedde338ab1026265dd535
- SHA256
  
  c731060ee5aebb9269660aafee30054719c16ea8284e0774ae5c3b989bd5808b
- SHA512
  
  773c370270f1c702e5b1d0327a8d35de1c3e99b78b3d8b2268085d8741ea08af5fe308fcab6ecb3e0d619c20192452a37b42200efa26d887abf121d1a603e87c
- SSDEEP
  
  49152:UVg5tQ7afWuA54W59NeEEsuteuw/XqU3WrGkNmGww3WB0Sp17rdzwosaitVWS9X:eg56Ow5nLzceuuAOGLLg17BzH0W8
Score

6^/10

collection persistence
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectionpersistence

behavioral2