e6eeb6b7a72652c25dba983b47bf7cc1b28518e2f21affd57bf1d74d48b43f90 | Triage

Sharing

General

Target

e6eeb6b7a72652c25dba983b47bf7cc1b28518e2f21affd57bf1d74d48b43f90
Size

208KB
Sample

221124-v82gmsdb9t
MD5

740ed031af130be3a647c58b3cc3fea3
SHA1

54e0257e72416820289d838e99f5311e0ffa418e
SHA256

e6eeb6b7a72652c25dba983b47bf7cc1b28518e2f21affd57bf1d74d48b43f90
SHA512

c66d2d31ceb14a3bfdd2ca1693df4862bc2f282e223a06d90521ce8fd94b6faafd05da247d7034bf55143d7e7186e3d90b1235c7a219f01b933c2fd884334fdd
SSDEEP

3072:BUepv6DN0bfMllMo9DBmLG5lvMGA0ocn59XjQlGTvQTw69Ibpa8wuIilxcCk651L:SeesfavYLG5lEV4nyGMd4a8F7le1654i

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2014_11rechnungonline_pdf_vodafone_0095890374_537999190_82135674.exe
- Size
  
  278KB
- MD5
  
  47cab2df770bfb3b5e4e741229d029fd
- SHA1
  
  7484bee01b8e41999c69e56aea0f5f9eda25279e
- SHA256
  
  5c8c2e8e87cd3cdf48883cc6e702b29e9db16e80972c7c4c8d7049d6a3475e2f
- SHA512
  
  51df63231c430c17e84dd40034e212182db17325fd49c391eef2f35c62344130f761138bdb4cb2d8ab4628a99158f03a1d77241d33accc98bd1c94be277501df
- SSDEEP
  
  6144:3bw0Oxjh1imhqrI4geQo6A7CQe+04FwKg2zM8bT7/:3fkhqR6Abr
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2