949a29e44e8258e4d647e474c499a774bca19ff0902ba01ed6c458c351846deb | Triage

Resubmissions

18/05/2023, 00:21

230518-ant7lsfg9t 5

18/05/2023, 00:19

230518-al8l8afg8w 5

Sharing

Copy URL Twitter E-mail

General

Target

a1s-root1=email_banfield_2023_05_17_22_SMTP-att-1-4QM7RY5vtxz9sB1-2023-05-17T22_43_05.eml.infected
Size

59KB
Sample

230518-ant7lsfg9t
MD5

62643898278c4363c028e01e23bd0ec1
SHA1

88cc2889fc4801230cb2a9d2a8441b7f1ad3b55d
SHA256

949a29e44e8258e4d647e474c499a774bca19ff0902ba01ed6c458c351846deb
SHA512

9b13506f1c3f2d5c9de3f2ab9f321d4d33687cc9cfd78a00db29d1a98131f92d4482007f16d390542294cf943fde9c7b24c8e7fc3dedc08fefe3e8b4e59e7f9b
SSDEEP

1536:Fvi9Tq9fNfMQK+Y4ja3CPg48K8PqNSH315nGI547j:Fvi+PKBcdvzSznr5Kj

Score

5^/10

Malware Config

Targets

- Target
  
  a1s-root1=email_banfield_2023_05_17_22_SMTP-att-1-4QM7RY5vtxz9sB1-2023-05-17T22_43_05.eml.infected
- Size
  
  59KB
- MD5
  
  62643898278c4363c028e01e23bd0ec1
- SHA1
  
  88cc2889fc4801230cb2a9d2a8441b7f1ad3b55d
- SHA256
  
  949a29e44e8258e4d647e474c499a774bca19ff0902ba01ed6c458c351846deb
- SHA512
  
  9b13506f1c3f2d5c9de3f2ab9f321d4d33687cc9cfd78a00db29d1a98131f92d4482007f16d390542294cf943fde9c7b24c8e7fc3dedc08fefe3e8b4e59e7f9b
- SSDEEP
  
  1536:Fvi9Tq9fNfMQK+Y4ja3CPg48K8PqNSH315nGI547j:Fvi+PKBcdvzSznr5Kj
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  SDK.png
- Size
  
  32KB
- MD5
  
  b7e53671e91b7b245194103264dc2056
- SHA1
  
  25e050578ae4a84d4315475a0b30dd2b514bcff7
- SHA256
  
  608bff65d2d71ead551f2d3de68360a27a59d0596054cd182130f5498a48f472
- SHA512
  
  7bab9fc67f805dca5b9ed56817aeeb66499154bba4a2485e4aa02c137321907c9eec7e8505c115766874a07e7a8f38feded3f0f5b4bfffcaa09394b20ecd4db1
- SSDEEP
  
  768:zWGWoAw1sQuq+8F97PmYreb7ZFUT+TXnzRu1r4ymcT7Slz+Hyts:yGuwuHqt7PmYG7K+j9qrm+Hus
Score

3^/10
behavioral3 behavioral4
- Target
  
  email-html-2.txt
- Size
  
  5KB
- MD5
  
  28625cdc0c029c19bf1e62d7b4bc0e36
- SHA1
  
  169645751495775df3353cb09493265be82811da
- SHA256
  
  58496bd47291284156bbd717367870634b8713343b3d7a430826ff6e5bd88392
- SHA512
  
  59f083e3279be103e9e79a77be9c4a4397be7bbb94d591cb42ce743eb7565ebbab5d531245dbf0715906e541f84babd2f2e5162117eed33af75fc7b93d539489
- SSDEEP
  
  96:C/L5ZHeqJ6rMbGFerf/30qbGfHNIsNNptoGbBrE+16d1nnGbBrE+gltoGbBrE+HP:m+qJVa+XEfNINGJ1ennGJggGJ5yA
Score

1^/10
behavioral5 behavioral6
- Target
  
  email-plain-1.txt
- Size
  
  783B
- MD5
  
  8bfae36c746f6213ffef0b815957a0da
- SHA1
  
  7ba749fe386b6f8d0c11595c8c0a4ff2c685f1c8
- SHA256
  
  16e730179124f16d7bf057e22737d30b248175e3ad430150d7a2ab6ba4758322
- SHA512
  
  45d2183ed5c744543862d9eddaea34e4e32ec2853b06235e9600eca518163cae0df9583b3f8c9acfaa3b44a746795673411795200fd2543f9fc06270f486163c
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8