6edce5c29bf58881a8dacfc3cdf5ecba918596bd05927de49c91397845615cd8 | Triage

Resubmissions

03-03-2023 09:48

230303-ls996sgh98 6

02-03-2023 20:39

230302-zffrpaec61 6

Sharing

General

Target

1677733803-102b52ed5b0eea0001-Ejmesz.eml
Size

929KB
Sample

230303-ls996sgh98
MD5

4c394d055803068210afe948235b4abf
SHA1

b1e7abb7475d81f920d9bba8f86a20bcb8b87aa4
SHA256

6edce5c29bf58881a8dacfc3cdf5ecba918596bd05927de49c91397845615cd8
SHA512

4654453c180f6f015dc015b74e22f30c356f8bf513fcb9a645f341a7fa335da18d6ebfb6f17e387966508a452d486777cd99dbea739682fce61dcf2a3bd6d228
SSDEEP

12288:Xss+VE+pRZTPoyKI/AotsL3n1ALdD30yfL5C60voaZSY4HNAxuYKztU0pi1aLW7M:hYtYjpowYoNoaB4e4H61n4bImd

Score

6^/10

Malware Config

Targets

- Target
  
  2023.html
- Size
  
  666KB
- MD5
  
  38ff79cac35e9c194543dcc59fe922d6
- SHA1
  
  a01bb14cf31d3845b77b95fdd16d3986dc86f5b1
- SHA256
  
  02c385687bf2a7cd1f39b1edfdc13493a0109f852cce8e428f7a0dff150f1cab
- SHA512
  
  eef0238c58c0d12bc8d5f19ba7fcc100a93d801d3c3f7324c0f65e552e74533efbfbb24911d8553dc414fd033d6228c77535c891da7088316540a5e9e8ecb8d7
- SSDEEP
  
  12288:m9WWFO35xp6B7ju/1YEnQde8yxc/cuY62G7WgAm0KoRJZDeICpg+F+lSq:mb4xp6B7sZQdeKsEFeDe5Az
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2