38848e4c271c75bcdea254774e94a5e0806104235fe85920c4b160c510780ce6 | Triage

Resubmissions

07-02-2023 07:12

230207-h1ypkaaa39 6

07-02-2023 06:47

230207-hkmx5ada5t 3

Sharing

General

Target

Fwd- [Nexdigm] Payment - Invoice #IM33-1753-S3-1 Pay Remittance for 2023-02-01, 04-53.eml
Size

506KB
Sample

230207-h1ypkaaa39
MD5

79d1f34e89466ea020de7701038b1235
SHA1

37442643cb290c354fda0c7abb4edbbeb68ea844
SHA256

38848e4c271c75bcdea254774e94a5e0806104235fe85920c4b160c510780ce6
SHA512

8de63fc5b68163159638add687698b239054477e4bf39d94566f26edcaf5bef21415c6b52a15ed75a6b7c183530df0b6a94840617d00f4eba3ea85e6adb7be7c
SSDEEP

6144:kyFP2/eReiIvwyJQusiqJ2OJVEy6fMRiVHXKvk2yKoS3CmlPT5j2Td7a45:+e1IvW2JMGXQIKosCqATx5

Score

6^/10

collection

Malware Config

Targets

- Target
  
  Fwd- [Nexdigm] Payment - Invoice #IM33-1753-S3-1 Pay Remittance for 2023-02-01, 04-53.eml
- Size
  
  506KB
- MD5
  
  79d1f34e89466ea020de7701038b1235
- SHA1
  
  37442643cb290c354fda0c7abb4edbbeb68ea844
- SHA256
  
  38848e4c271c75bcdea254774e94a5e0806104235fe85920c4b160c510780ce6
- SHA512
  
  8de63fc5b68163159638add687698b239054477e4bf39d94566f26edcaf5bef21415c6b52a15ed75a6b7c183530df0b6a94840617d00f4eba3ea85e6adb7be7c
- SSDEEP
  
  6144:kyFP2/eReiIvwyJQusiqJ2OJVEy6fMRiVHXKvk2yKoS3CmlPT5j2Td7a45:+e1IvW2JMGXQIKosCqATx5
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  attachment-3
- Size
  
  499KB
- MD5
  
  3e1760e4f1beaa5bb7ea9f8ac821ba7b
- SHA1
  
  8681d248f07d71dae54e22861afbef95cca791cb
- SHA256
  
  4e841e30fc7af251c5793a164e04e5026e1f822f554d4af78d585f142dd787d7
- SHA512
  
  6dc8835baeb06afb685f7d44f0dd8fe3cf16236ae795a0ace64ba47aee91ce8a3c918bdcf58555d0d6917ccd3f3dbf718dd9d0318ede79beb4f82f55669403d5
- SSDEEP
  
  6144:LyFP2/eReiIvwyJQusiqJ2OJVEy6fMRiVHXKvk2yKoS3CmlPT5j2Td7a42:Le1IvW2JMGXQIKosCqATx2
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  email-html-1.txt
- Size
  
  352KB
- MD5
  
  a0d60722bb26972726e695ccf7ec5e3b
- SHA1
  
  682141b09fafff62eed789ad792aa6da1a0d945f
- SHA256
  
  027232e2c73cd327d548ea48aa67a9b0a9710aeaa9fe10f65c696dad8dc719be
- SHA512
  
  767d0df8b1a6968751543ecfd28410e99b5640226c41af741957c237f685883300133e14add20b79bf25a2b55e200138f96668b2604c3f28761348959c6c73f8
- SSDEEP
  
  6144:GaI+vZ3cEwPyNOtGGRKgMouO0skepbJXf:GaTvZ3cEwPyNOrtN0s5Xf
Score

1^/10
behavioral5 behavioral6
- Target
  
  email-html-2.txt
- Size
  
  1KB
- MD5
  
  a0a927ec6c0676bc09caeef910cf8d60
- SHA1
  
  d08817e9a814657c17cc46e66b6c1f8c65b1f27b
- SHA256
  
  bd28187e2e8c73515a06252d6cf1f0bd0de19f03e1486f2729d179fd71a0d874
- SHA512
  
  9862d3bbd481c4d9118234288581ab480fe1dbf27b367ed59ac0c2cd4927dded1a8edf822d7757bb42449b23242d8dca1b0fcf60c465b436ba87e34d3ac3ff94
Score

1^/10
behavioral7 behavioral8
- Target
  
  email-plain-1.txt
- Size
  
  876B
- MD5
  
  0df4f20c864ce5c7c7f3c7821b5edcf2
- SHA1
  
  04c969bfd82ee53ae1ed3061f5d5057dd3ee40fd
- SHA256
  
  6ba1e9c1c4c9a83843a0ab0234ddf7af4dad7a8c83302e52c948613b6a21228c
- SHA512
  
  7a7a55e358d207cf3b93df1a8c35b1c13244f3f135556f13a1c4b76f957a77a1ad4e26f0ef22370055f0445a3972517262c3357c417525dd88547df56e46c539
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10