41a17ef940860c7ecc486581cc0ca9702fc264fbc2845c2c3b386b81c9b19150 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NO ABRIR.rar
Size

609KB
Sample

230202-c51f3agc3v
MD5

496226b100a4d87ae6a667f74e6653cf
SHA1

f96d69175782b0e053ce790ed0954c08b35c8ba0
SHA256

41a17ef940860c7ecc486581cc0ca9702fc264fbc2845c2c3b386b81c9b19150
SHA512

8b2616c7dab05d0d86d2644fa9ed0b56991f1fb706399821fdabf9ffeb994ed0340850efd23aca39d6815927544d73b96c4a9e959097bb35188ab10e83a58359
SSDEEP

12288:bQinGhWZbL6GVMSWn3LkFOdRs9tgsLmWDkds7X9OPxNCUla1ydX9O:bQirbLPVbWn3DdRs8WDUsj9OPxU1yJ9O

Score

6^/10

collection

Malware Config

Targets

- Target
  
  NO ABRIR.rar
- Size
  
  609KB
- MD5
  
  496226b100a4d87ae6a667f74e6653cf
- SHA1
  
  f96d69175782b0e053ce790ed0954c08b35c8ba0
- SHA256
  
  41a17ef940860c7ecc486581cc0ca9702fc264fbc2845c2c3b386b81c9b19150
- SHA512
  
  8b2616c7dab05d0d86d2644fa9ed0b56991f1fb706399821fdabf9ffeb994ed0340850efd23aca39d6815927544d73b96c4a9e959097bb35188ab10e83a58359
- SSDEEP
  
  12288:bQinGhWZbL6GVMSWn3LkFOdRs9tgsLmWDkds7X9OPxNCUla1ydX9O:bQirbLPVbWn3DdRs8WDUsj9OPxU1yJ9O
Score

3^/10
behavioral1 behavioral2
- Target
  
  NO ABRIR/AUTORIZACION1995324BM7.html
- Size
  
  284B
- MD5
  
  5e8193b8c0bdb81a258be1a2c46bc6d0
- SHA1
  
  36c53ee4116ac4e37978ca225709194fc603aa35
- SHA256
  
  c3369a8ea8526cf7f7adf5d011afc6bf802a1ac383942cf7c1247277a9c3debb
- SHA512
  
  ffb28355fc28b082d3a249e4f063df6daaa61e01ea6c9ad23c53b5186b31649d30640844295bb715ff151c93f8c3d1818bcb36b6c8b2aeb4e6e602492bf26e0a
Score

1^/10
behavioral3 behavioral4
- Target
  
  NO ABRIR/Envio del comprobante fiscal - N6428.msg
- Size
  
  27KB
- MD5
  
  83880f5ab0138184aa90103345826760
- SHA1
  
  378e3d1d13dadfe7372e33d34b636cca79424355
- SHA256
  
  9f515446898be56e1c6b21340a7f87c17896ab89768883ddb5b20c460a3d0892
- SHA512
  
  985b5d5bb76188f05c9f5e14070fe39e8c747c6b95d141711e87936d18a7695ebd2ecb8bfd2303d57a77859755b8e6273f0a60ac7e5afa64cbc0ae087a1fb9f8
- SSDEEP
  
  384:I2ffCFVFCFfXuUtqKiHGt4Ot/zXiGTOV:rffCF3CFfXuUtP7t4OVzX3TO
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  NO ABRIR/Envio del comprobante fiscal - N7547.msg
- Size
  
  33KB
- MD5
  
  66d165bc387121cb9f69065b08a9c13a
- SHA1
  
  d0f49c22cc8212c60c474a101739960820ed7841
- SHA256
  
  699259b1fde5570d9e97094d1aecdf7b684e64d56d1f76f528c8a7182e118495
- SHA512
  
  58b893c588b61b32c0da366e9d050c15db34d7d96b956013480e0147c9ad899a13d575ea70ed354536858cd59bfc8d21dabad2a56067fe953e4d0879f9645feb
- SSDEEP
  
  384:eDfoCFVACAn7Zix/fqtOtqTYHVnB8nrweOrHXvAmOR8NrZnHsV:eDfoCFGCY7ZOfqtOteMVu8tbYUFtHs
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral7 behavioral8
- Target
  
  NO ABRIR/Factura-8118980.pdf.html
- Size
  
  401KB
- MD5
  
  dd262a39abbd4398d449098834772d81
- SHA1
  
  eb9c36217c09501bf3f665eac04ab48c47f6556b
- SHA256
  
  0de177cd155ff3926f64c424f027cab06d7a7e52f56e3129c349ea5e1229d17e
- SHA512
  
  5163d8068befcfd202944d98b4a6c8ba1712b00c00e2a735a810cd6eea132ba5aef23c36600b214b0b0bbf869da6b26496fe55ed64ceb7d3fe1b52f3c9b1e979
- SSDEEP
  
  12288:GK0BOU3+06BkHl81fs2mxOa4njhiYRxz1z0:rUu0OkeVRVa4F1R/w
Score

1^/10
behavioral10 behavioral9
- Target
  
  NO ABRIR/Nuevo orden.xlsx
- Size
  
  143KB
- MD5
  
  3f1db5a45b5b74594b2a0654d12186a9
- SHA1
  
  12d44c7cdd93b43e4dc0c944ec38a8336eb1e022
- SHA256
  
  7c3eb757b09232c9b1233b48a62b796ce549991b1a1f77106d878e33bf3a1a0d
- SHA512
  
  206c7f0c52baa35a6bde47c021267114961d80b45dd6bea9f501f5b3b6b605556608729c11c91a8abacc5116e2e78c10d2622a789a32c58d77f7b55a1c21678a
- SSDEEP
  
  3072:o0RgaT2YYch+3ItIjLH+LAiPkEyEsXUPsnwkSFP2F9pN+Km:o0R3KchKItiL7nEsXYswvu+H
Score

1^/10
behavioral11 behavioral12
- Target
  
  NO ABRIR/Operacion SPEI-6279 a tu favor .msg
- Size
  
  25KB
- MD5
  
  d0844d9ddb4d67071ae71b62d1d3dbd4
- SHA1
  
  1ddb829d117eeb33e82dba3893b674c1cec39577
- SHA256
  
  109d756625fc89b66d36b04117f3ccd73df9787237bfc58cbcae3c19c48252bf
- SHA512
  
  e7b18b8e12d72366c5ac57e5f1e50213e9a826cf53ef515bdee905f6ab28fb619f0f8b97db1b4d462f2a1bf62ac034bf7bba1439e0b7c931e1384339523f33f6
- SSDEEP
  
  192:yVXXf9V7MfRMgSvdSV7NGOMmxiE+Vyi+3zuz0te980tegv+lJt0/VMH:cXf9V7MfdwSVRTi8uQtcft8jt09MH
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  NO ABRIR/Orden de compra.xlsx
- Size
  
  143KB
- MD5
  
  7e595887ed3c0487f218f546e8dd7a0a
- SHA1
  
  2ceb7c9fea61ec16118c8bc583b34a151b4eee70
- SHA256
  
  048a7b321ef072d527043da00d1e8b62d52315cce31acdca4fa7e474b4d46c83
- SHA512
  
  3abce9c8b21619ea10ef613553cb4e3293e0b753069acb9a19b52b423d32011b7218e7e395d8316987beb177e39484dce04b856a910818967082658d34afd237
- SSDEEP
  
  3072:1RgaT2YYch+3ItIjLH+LAiPkEyEsXUPsnwkSFPKF9pN+KnQ:1R3KchKItiL7nEsXYswvC+IQ
Score

1^/10
behavioral15 behavioral16
- Target
  
  NO ABRIR/desktop.ini
- Size
  
  115B
- MD5
  
  d7c38922f655480ac3a6eb886a32012c
- SHA1
  
  7fd127b2752fb1b6a67189b2b3109571580f53fb
- SHA256
  
  26e22601f98aaf7d5046bfb784bbacceca9ff145d64a4117b71e8b8b5d1c2fb6
- SHA512
  
  a61755129d4261a474d7151ecd64d503ea9af3a78f09645341f4c3d860fa04e67eaacadefac8489c63e954c81ec30d63ac96c8c7059701156bfd0448f10ffc5a
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18