8ac4a8fe0340b8ec6ac45328284e80016dcfb5945296fbaa4aa49729a564d26b | Triage

Sharing

General

Target

8ac4a8fe0340b8ec6ac45328284e80016dcfb5945296fbaa4aa49729a564d26b
Size

20KB
Sample

221128-e5bttaag9z
MD5

e0069ba9f521a902fb5e8dbb04224c1f
SHA1

198599a69720542d0459102cf9bddd841eaeef8d
SHA256

8ac4a8fe0340b8ec6ac45328284e80016dcfb5945296fbaa4aa49729a564d26b
SHA512

2aaf4c76578d1cf51f13ce62a2608a555f53ade9a125bd449648fdd61e75a6cba58e633c014c79566119f7ba8363d34e8b5e99f0027ce03f048a2f0b47ae878a
SSDEEP

384:GjdKDRJWNDkzcgCQtsfpVAvpM9rYlT/2aiSOp8/DtOC96GBSX7X+KuatTg:GyWRxgRsfcva9clT+b6/Dt96nLuKf+

Score

8^/10

collection discovery persistence

Malware Config

Targets

- Target
  
  8ac4a8fe0340b8ec6ac45328284e80016dcfb5945296fbaa4aa49729a564d26b
- Size
  
  20KB
- MD5
  
  e0069ba9f521a902fb5e8dbb04224c1f
- SHA1
  
  198599a69720542d0459102cf9bddd841eaeef8d
- SHA256
  
  8ac4a8fe0340b8ec6ac45328284e80016dcfb5945296fbaa4aa49729a564d26b
- SHA512
  
  2aaf4c76578d1cf51f13ce62a2608a555f53ade9a125bd449648fdd61e75a6cba58e633c014c79566119f7ba8363d34e8b5e99f0027ce03f048a2f0b47ae878a
- SSDEEP
  
  384:GjdKDRJWNDkzcgCQtsfpVAvpM9rYlT/2aiSOp8/DtOC96GBSX7X+KuatTg:GyWRxgRsfcva9clT+b6/Dt96nLuKf+
Score

8^/10

collection discovery persistence
- Executes dropped EXE
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectiondiscoverypersistence

behavioral2