cb73cf3d45425d784b7291efb862cef136047bb82e4c4d40b723373cb5337f84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eFax-Online.htm
Size

188KB
Sample

230308-vktrwsgb45
MD5

9419a04d66a837922277abb0f073bb21
SHA1

4ce1fb52ca88f8045f80a62d9f019af7009d4961
SHA256

cb73cf3d45425d784b7291efb862cef136047bb82e4c4d40b723373cb5337f84
SHA512

fcc8eb4369dcd243b9c52849a70fb1cda6e1665ae448002e7597fdc6ff790ac3e113749cca95ae0638d5bc83cd329ed8858c30e2d0ecaa6a41d3c09e48f0866e
SSDEEP

768:h7L5Xu4RV/WxXHgH+erT5zpBGD/lwq8FE6952fREprFvHST6y1klEvbESnJ9KHdG:Xr3KQjsRiaprnKfc

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  eFax-Online.htm
- Size
  
  188KB
- MD5
  
  9419a04d66a837922277abb0f073bb21
- SHA1
  
  4ce1fb52ca88f8045f80a62d9f019af7009d4961
- SHA256
  
  cb73cf3d45425d784b7291efb862cef136047bb82e4c4d40b723373cb5337f84
- SHA512
  
  fcc8eb4369dcd243b9c52849a70fb1cda6e1665ae448002e7597fdc6ff790ac3e113749cca95ae0638d5bc83cd329ed8858c30e2d0ecaa6a41d3c09e48f0866e
- SSDEEP
  
  768:h7L5Xu4RV/WxXHgH+erT5zpBGD/lwq8FE6952fREprFvHST6y1klEvbESnJ9KHdG:Xr3KQjsRiaprnKfc
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1