a0529bb77c75438120f1ca4dc8550ff505b1374008df4d63736fb9627ae08168 | Triage

Sharing

General

Target

a0529bb77c75438120f1ca4dc8550ff505b1374008df4d63736fb9627ae08168
Size

492KB
Sample

230612-3kqdgaeg4s
MD5

8970dda6d085a3e2e44d0322f914965c
SHA1

7fdefeac53a55700a2f107e5ed65fab9388f91cb
SHA256

a0529bb77c75438120f1ca4dc8550ff505b1374008df4d63736fb9627ae08168
SHA512

cdbe82dea9edad22a2fe88e4517191d5198977c8e55226def38acd4d8ecd146faef1f5d87e97e2726f81f7ee32802a46332133ff8a6047724af2a65f9b3897bb
SSDEEP

6144:LmP/YyA1RwP57sjFgOgzDxrWuvq1x0jJx6OKU2mFvIsMm2EkQDZGINQfHFWDj:yXY657FxzDxhC1xIOFm2EkQdGey2

Score

10^/10

collection

Malware Config

Targets

- Target
  
  a0529bb77c75438120f1ca4dc8550ff505b1374008df4d63736fb9627ae08168
- Size
  
  492KB
- MD5
  
  8970dda6d085a3e2e44d0322f914965c
- SHA1
  
  7fdefeac53a55700a2f107e5ed65fab9388f91cb
- SHA256
  
  a0529bb77c75438120f1ca4dc8550ff505b1374008df4d63736fb9627ae08168
- SHA512
  
  cdbe82dea9edad22a2fe88e4517191d5198977c8e55226def38acd4d8ecd146faef1f5d87e97e2726f81f7ee32802a46332133ff8a6047724af2a65f9b3897bb
- SSDEEP
  
  6144:LmP/YyA1RwP57sjFgOgzDxrWuvq1x0jJx6OKU2mFvIsMm2EkQDZGINQfHFWDj:yXY657FxzDxhC1xIOFm2EkQdGey2
Score

10^/10

collection
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2