acdfc3f4c1ba0143ad66c490fec09f797358b40a6b90ff7a8aa1aa4b76fca987 | Triage

Sharing

General

Target

acdfc3f4c1ba0143ad66c490fec09f797358b40a6b90ff7a8aa1aa4b76fca987
Size

3.2MB
Sample

221125-ve19saeg9z
MD5

6bb28c1ea5194274574f29ec16674869
SHA1

9b9c02da15253ac93ecf11eabcacb316ac7e84d5
SHA256

acdfc3f4c1ba0143ad66c490fec09f797358b40a6b90ff7a8aa1aa4b76fca987
SHA512

babe19b849fb15284be47b26582285a0bac4d1e6ae328827b4f918a9958a6f15c64fb0dc4088674d43d5b911d3977c0bf2b592ebef0efb1a6599881655f8c3ec
SSDEEP

49152:RVg5tQ7aIIr56/G2WxsGkcq6guq7T5mVNNofLVXNQ2i3GEHxrf1o:fg56DuVkcJguqAVNefLVXNOR2

Score

6^/10

collection persistence

Malware Config

Targets

- Target
  
  acdfc3f4c1ba0143ad66c490fec09f797358b40a6b90ff7a8aa1aa4b76fca987
- Size
  
  3.2MB
- MD5
  
  6bb28c1ea5194274574f29ec16674869
- SHA1
  
  9b9c02da15253ac93ecf11eabcacb316ac7e84d5
- SHA256
  
  acdfc3f4c1ba0143ad66c490fec09f797358b40a6b90ff7a8aa1aa4b76fca987
- SHA512
  
  babe19b849fb15284be47b26582285a0bac4d1e6ae328827b4f918a9958a6f15c64fb0dc4088674d43d5b911d3977c0bf2b592ebef0efb1a6599881655f8c3ec
- SSDEEP
  
  49152:RVg5tQ7aIIr56/G2WxsGkcq6guq7T5mVNNofLVXNQ2i3GEHxrf1o:fg56DuVkcJguqAVNefLVXNOR2
Score

6^/10

collection persistence
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionpersistence

behavioral2