d5aeb3e547e305d2f7cdbf8612d065c658be9fed03f0c567912573e21ace80b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

restricted.zip
Size

3.8MB
Sample

230306-ybsd9aeb4t
MD5

c77f50ccb98f86f1624be4b738a1ce2b
SHA1

42a4a54453979dd5220ed339be7aa27de360915a
SHA256

d5aeb3e547e305d2f7cdbf8612d065c658be9fed03f0c567912573e21ace80b3
SHA512

f477bacc59013f42f21baf819be14147b00fa393f9c294d7817a09137bfcfa66b1d8e5a80068a177a4c4050d5511f3298bd9c2ffd7c42fa2e2e9d919197e6d37
SSDEEP

98304:IKxfXnevS3KUmxwML9cjT+3xeBPc77hdXn9NWjo7ntNOwhqzIGd:RxfXeumxwaZfvhd39NZlqzIGd

Score

1^/10

Malware Config

Targets

- Target
  
  Agenda21.pdf
- Size
  
  1.0MB
- MD5
  
  df2fe401fa4f3f873e93de384532a0fb
- SHA1
  
  f1bbd8b3fbad0099aeea9def62faa16219cc18c7
- SHA256
  
  603fb25352e113de7f3a3b319ecf8848b87858f14ae01fc272a235be882d4ca5
- SHA512
  
  309f54d5006bb226dcac648660c7b569bc207ca5d5444f4136a08c61bc253f1868504563e052a8fb13a5c5031ee9a793283d9b75ca38a013fe3646ae15ad4aa7
- SSDEEP
  
  24576:BLh2YILUcYjvBOPrHkQXTUoqKuGzR/Iz0kQ8v7CYMrvSaFv:N1I4dvUDEeNRE0kTvuYMrnv
Score

1^/10
behavioral1 behavioral2
- Target
  
  ImportantInformation.exe
- Size
  
  2.6MB
- MD5
  
  d64b18f7070505c6ed7c39588ceb7371
- SHA1
  
  defe294f2e4567c5b66f6d66c0c7d86cd7cb9ff0
- SHA256
  
  70fefe7f6112ca31d5d61a80802fcad687fad6b51ae405d25ac796df776084bd
- SHA512
  
  a68b9b73a30e267ebdf9ad03fd6518d6d688b63eb560facb19370980dccaa60eb85bb3dab91361213dbdd250b13c6caf486319634c377488bc35beb00fe2d838
- SSDEEP
  
  49152:ZCFvGLWrb/TgvO90dL3BmAFd4A64nsfJhUVUWCqgO3HWAlCD13R4fVdm9HCp7EvS:cFquU27Z4k2q+gYNk
Score

1^/10
behavioral3 behavioral4
- Target
  
  RocketScience.pdf
- Size
  
  618KB
- MD5
  
  dc1d4feffbaa1fc8ca027ccf78b1c589
- SHA1
  
  3406761fbe764130b22641f96071d04eb9c9e879
- SHA256
  
  aa213ddb5ba33d88308d3f3d5a5e1071160eb4e04a1f01cff3378d56b727a337
- SHA512
  
  d9e38acc1b391430e8014ba2b4b8cfbb23564167eca2c5d6c8aa1fa9b9bccca3a4ee9d82bc217cfcf9f14f96fa432371a319e7ab6299e3f8f810ee3266a9f0a0
- SSDEEP
  
  12288:QPbrTSO4XdJ1zmPiy5A5yx0Yn5VWrk/ygPWlTneZZUI+M:QPbfSOIVzmcSXn5F/ymdAFM
Score

1^/10
behavioral5 behavioral6
- Target
  
  nato security briefing.pdf
- Size
  
  976KB
- MD5
  
  52726ba933e0b9ae470c450df0b462d2
- SHA1
  
  698ec4be5a24f6314b2ad408a9abbd3fa4d5bd1f
- SHA256
  
  3beb33898d6436e57ab81ac882c6223cd78deedcd3473769281217726b8d461b
- SHA512
  
  750bfe07838ce3c1427188370be873b3a6c27e50feed81537df4a5a7aeec1202e38e745e0f8b257418d1bc4d7e8c2f7cc913aae83915611d901ecef158325e05
- SSDEEP
  
  24576:V1v+9laumXOLX+QQLGd9ns3VsFInXiBL4v0CHVHGPe08gGWGagS:VRClQoMGw3WWCL4vP1Se0NGW5
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8