10863fd45a3ab3927187fbbea2bdd7ba8c3edf6e6440ca3b615bfcaa9e5ca9dc | Triage

Sharing

General

Target

10863fd45a3ab3927187fbbea2bdd7ba8c3edf6e6440ca3b615bfcaa9e5ca9dc
Size

146KB
Sample

221124-qcdcqaeh45
MD5

7c724534837761995e859b13d2ae9d0c
SHA1

2160dc771cd418436810359da86a5e220d2e41a6
SHA256

10863fd45a3ab3927187fbbea2bdd7ba8c3edf6e6440ca3b615bfcaa9e5ca9dc
SHA512

6738a61b9ab6badb8a4062f729cc3ffdc9bd478411f7191e22e1fca919bd000ae9eaef831e10f0f986f33b7bd8fa5fdade5b4cc386c798b76dd98a09265ba394
SSDEEP

3072:lcFkb1ZEVeXmM1T2O/9iU1m6djGxQpGxINS9rmHg32lYmlVGGyH:6KEoXmM1T2O/fn9vc80rmA3KYmlVGGyH

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  rechnung_11_2014_3280000236_telekom_de_002839300002_11_0000352899_000005.exe
- Size
  
  176KB
- MD5
  
  26599a5d851894bac450a5529f779960
- SHA1
  
  86ad307147dcc84a84433c6728444f8f36e7a1e8
- SHA256
  
  5375bce7f7d28f834652064ba8c6f41864f3e1fef385aa093a14cf00165976de
- SHA512
  
  87a354060184dc12c9ee156e863cf62ebb95bb3557c75851c987cf3889f7445ccf2e1c9b93ceb6a1bc74ae5fcf03d60b3a8b93cf112f1586a5a033b1a4b6199b
- SSDEEP
  
  3072:K1tv0jMkCL5x8KxMFS/71d0u6O6DZxwWpPcrKxCtxQ/LgM8rPp0j0:KTCEXz/7D0u6RlxRPk8P8r+I
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2