c47520a072a43d5442ba8df9d1409837e63a037ca955b2aa9759780c9e49a6e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b99c0f2d-dc69-50be-f5b1-86f069dc891f.eml
Size

445KB
Sample

230203-k4xb1sdf22
MD5

af124e76dfc913806799b634ec1889ea
SHA1

486fd7e9458d8358eefbfaa8ad6379282a3db4ae
SHA256

c47520a072a43d5442ba8df9d1409837e63a037ca955b2aa9759780c9e49a6e8
SHA512

47457ee513482e59fd5fa840eb364f18a147d157d596f4c2e8b6000802630d23b8755e28a83a14c9ed59b1a4d988f44e52adaae7ce0fb175a74f23939fcc9a09
SSDEEP

6144:b1T7XW8y3i081riRJ+RnTBaSiIYBQ5N0uDQBg:b1T4lK1DD+g

Score

7^/10

collection

Malware Config

Targets

- Target
  
  b99c0f2d-dc69-50be-f5b1-86f069dc891f.eml
- Size
  
  445KB
- MD5
  
  af124e76dfc913806799b634ec1889ea
- SHA1
  
  486fd7e9458d8358eefbfaa8ad6379282a3db4ae
- SHA256
  
  c47520a072a43d5442ba8df9d1409837e63a037ca955b2aa9759780c9e49a6e8
- SHA512
  
  47457ee513482e59fd5fa840eb364f18a147d157d596f4c2e8b6000802630d23b8755e28a83a14c9ed59b1a4d988f44e52adaae7ce0fb175a74f23939fcc9a09
- SSDEEP
  
  6144:b1T7XW8y3i081riRJ+RnTBaSiIYBQ5N0uDQBg:b1T4lK1DD+g
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  Inv_02_02_#1.zip
- Size
  
  133KB
- MD5
  
  95392525d086e41bcdac989634556457
- SHA1
  
  a4a5bb1220572835d2ded1b332f4ef33fcfb7c59
- SHA256
  
  753154ebbf1f631c862a5f21f3e037b534ce1e34e00666f4d8910fbd2a0aa050
- SHA512
  
  4ef0cc2102a21d1bff361eb18092fe3fc89d72a5cafe3b591a2b529461694a551eb108a8b91b904e029f4179d1e3db1351d24ce1eeb1b9a32df6f853841838f1
- SSDEEP
  
  3072:00nmspPF6n+rHqdlwA662Z7FHrIl3eOKpJmhgdRiziYC7YVFvz5R5ri:00mstAwHqHwA66mRHUvuIqdmKkVFdLri
Score

1^/10
behavioral3 behavioral4
- Target
  
  Inv_02_02_#1.one
- Size
  
  213KB
- MD5
  
  d03d52a10f8990cc3e5fdbe0188008b4
- SHA1
  
  e41eeb9d457db5039078fc4151c1a5ad77f519aa
- SHA256
  
  53fb2aee9f2ed55575d1172966abf771b63679ea09db4c9a6ac5b0914f554cbf
- SHA512
  
  e7e999ccb6d1b2b581b5be324f1f3b04e154265dea03916d65cb20db48aa3e9393bb0efc9c189e9a8ade508324c48ab3594410f6293b3a49b0ec15e0c9a4b3d3
- SSDEEP
  
  3072:eaA0YRw9/WITtTWR7IbNzvL1a3dhuWt4AJERnyNenUWHCoTCCCCCCCCCCCCCCCCc:ka9xytedL16p4iERBLL8ep8
Score

7^/10
- Drops startup file
behavioral5 behavioral6
- Target
  
  email-html-1.txt
- Size
  
  140KB
- MD5
  
  022f3861edcc2605a36ba913c4a23c49
- SHA1
  
  fdd55c85ff7d063443b22b488966adeb8085527f
- SHA256
  
  06fe262caa8687233063df8fc44344b18bb4a00faf3a4016d2d61e56ef5c9d18
- SHA512
  
  3f3066626ec1c7d45adab22bc36d64408cdb1b223be853536218250f536a531ee5b35612086ec7dfbfcb52a592176e1d680bc35f7e50743a20282100e04d84ab
- SSDEEP
  
  1536:tnKlAcrTDHX1YuCV21Rz9KzDT0nBFRXmRMRoLbPvcARKqHOdbYPZy7WEHPc/RDRI:lcb7Xj
Score

1^/10
behavioral7 behavioral8
- Target
  
  email-plain-2.txt
- Size
  
  40KB
- MD5
  
  65e587f66c39ff6561069a091b0bf343
- SHA1
  
  4abd289fd9b40e49e21fb7f6ea0deb28b95da8ba
- SHA256
  
  55fcd2fbb6a6d73140164627549759e06190a230f25d35aff06bf26c422931ee
- SHA512
  
  efed99ca70852ea683ed7c460fd39a64106fa156d15494bab39ac57788d0656a9f6b1d16dca6774e50fb07f5db0e68b682f547acd614d8426b451c82b55dfac5
- SSDEEP
  
  768:DpHamDAFDsGWwBxAFDhbLehvAvBtuWckxAFDQQckxAFDAv9BxAFDgackxAFDhsnT:DpHamDAFDstwBxAFDhbLehvAvBtuWckJ
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10