Overview

overview

7

Static

static

2014_11rec...74.exe

windows7-x64

7

2014_11rec...74.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d38a11474325b203413dd253b3be30070e95c31ff1e50795e602372caf4636bf

  • Size

    208KB

  • Sample

    221124-p56pashf8t

  • MD5

    344951fa95d612fcc3241c1dc4ec6574

  • SHA1

    4750acd83df32874e7e17f3733e47254e3128996

  • SHA256

    d38a11474325b203413dd253b3be30070e95c31ff1e50795e602372caf4636bf

  • SHA512

    b62831c165dfb2863def06db3c28271767db811d04dbfcc1e4f0e1bbff3adb43cfb60aa583fbc593055af12fd62c05eb082b138319da39bbeb57361c6ce08295

  • SSDEEP

    6144:9OTWvWSZhW3BG/KkGllitIcFbb0kwA9hbVCjE:96Ch+BIGlYCcFAtA9hUY

Score
7/10
persistence

Malware Config

Targets

    • Target

      2014_11rechnungonline_pdf_vodafone_0095890374_537999190_82135674.exe

    • Size

      278KB

    • MD5

      2804797e817cd57397c22538ab71a9b5

    • SHA1

      88b499209f9a610aaa566644193e16bef4ee24c3

    • SHA256

      84d5a9bdbe6311cbd8924e1597d4647025f10c720b03c3f5e37040bcbd983fe5

    • SHA512

      7fa1500fc443c06ed8845ba51ab14fabbbbad710fd61e6be6957b7e0e7b35c701ac50d28797b457ae4cb8c83781e3c8346473dcd4c2b15a006fb2b22fa19b6e1

    • SSDEEP

      6144:TRmQh7YWbNaxXv06kPvLoa32jc3qmpdtPpX:FmQs2Ll6mz

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks