d0313163bca71a49c6714dbb00fbdb795d455d04d156e50e424c2adedc1437d0 | Triage

Resubmissions

27-11-2024 09:58

241127-lzvhasvqek 10

04-06-2023 06:36

230604-hdan8abh9s 10

Sharing

General

Target

d0313163bca71a49c6714dbb00fbdb795d455d04d156e50e424c2adedc1437d0
Size

444KB
Sample

230604-hdan8abh9s
MD5

b76f5c48eba8424f23d9a8dcfd2068ac
SHA1

630280826caaeb26042aac416de5cb638bb1086c
SHA256

d0313163bca71a49c6714dbb00fbdb795d455d04d156e50e424c2adedc1437d0
SHA512

ddfd62ee99dfa138fd2ae4d2d0c272cc99f7f7d8dfde1de027ef34e1558a92ed045ec76f3f5b3417d0ff80cb0478328c6cff9c6ea8ce588cf1a64fa7e1271e3e
SSDEEP

6144:IjKvnAzRPqkroWkScrTIhB1uA2dOJhhgWbMbitWGFNuldsfiy3NiGA:Ijzgk0TSoIuA6ahE+F0/y36

Score

10^/10

collection

Malware Config

Targets

- Target
  
  d0313163bca71a49c6714dbb00fbdb795d455d04d156e50e424c2adedc1437d0
- Size
  
  444KB
- MD5
  
  b76f5c48eba8424f23d9a8dcfd2068ac
- SHA1
  
  630280826caaeb26042aac416de5cb638bb1086c
- SHA256
  
  d0313163bca71a49c6714dbb00fbdb795d455d04d156e50e424c2adedc1437d0
- SHA512
  
  ddfd62ee99dfa138fd2ae4d2d0c272cc99f7f7d8dfde1de027ef34e1558a92ed045ec76f3f5b3417d0ff80cb0478328c6cff9c6ea8ce588cf1a64fa7e1271e3e
- SSDEEP
  
  6144:IjKvnAzRPqkroWkScrTIhB1uA2dOJhhgWbMbitWGFNuldsfiy3NiGA:Ijzgk0TSoIuA6ahE+F0/y36
Score

10^/10

collection
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1