f6a5112b969d1fa88dbd095df950e3b586b00166c857656c1da21685ab94e093 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TÜBİTAK SAGE 2023-48567 NUMARALI FİYAT TEKLİF İSTEĞİ_xlsx.exe
Size

615KB
Sample

230417-rt5nzagc3s
MD5

dc8106fcebab19300756ddbfa16aa135
SHA1

2914026880911037c76d83eac26666821dbd9fb4
SHA256

f6a5112b969d1fa88dbd095df950e3b586b00166c857656c1da21685ab94e093
SHA512

d8a2fc67fe5ab941dbd276bb864d76c69b96654c4ec079beba345f87ab298214d362b5e7a32fcf205a075c870729ab76fa2ca86e982a05a44ba9f01dc66ca79b
SSDEEP

12288:vHB9EPRXARehfBzSPyN3TOHPeCWcBhU5uFC7RQmFkFJ:CRXwehZey5CWgm5uQRQKkH

Score

7^/10

Malware Config

Targets

- Target
  
  TÜBİTAK SAGE 2023-48567 NUMARALI FİYAT TEKLİF İSTEĞİ_xlsx.exe
- Size
  
  615KB
- MD5
  
  dc8106fcebab19300756ddbfa16aa135
- SHA1
  
  2914026880911037c76d83eac26666821dbd9fb4
- SHA256
  
  f6a5112b969d1fa88dbd095df950e3b586b00166c857656c1da21685ab94e093
- SHA512
  
  d8a2fc67fe5ab941dbd276bb864d76c69b96654c4ec079beba345f87ab298214d362b5e7a32fcf205a075c870729ab76fa2ca86e982a05a44ba9f01dc66ca79b
- SSDEEP
  
  12288:vHB9EPRXARehfBzSPyN3TOHPeCWcBhU5uFC7RQmFkFJ:CRXwehZey5CWgm5uQRQKkH
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2