e277cfeb552a2e1543c4d419e6e52b4dc4678580199814e0e4da3d0ccc7605d5 | Triage

Sharing

General

Target

323317d95d40108aa42de6bff8ee8bbd.bin
Size

339KB
Sample

230616-bk994aca4t
MD5

450f31475910d6313b05dc89374f9b89
SHA1

2dce50a826b995cad8c21e3091e21ef8fd4b6ee1
SHA256

e277cfeb552a2e1543c4d419e6e52b4dc4678580199814e0e4da3d0ccc7605d5
SHA512

dab87f81cd4e2396160166154c9ea66eee53a11459d1be6d87d7e9bca49e67b0698ac3d91dce67a3b7ff4e0fa3dac60792d9454f4f2fbff4e2f0d6898e2a162c
SSDEEP

6144:ppJ+b2/wv6Iltg/7Vxu36RCB1WFOxMZnLhuLCEI4+xMMN23/pKToAdiiP8185iq4:EWwiMtg/7VxHCeX9LdEt+xNq/pKTLp8v

Score

10^/10

collection

Malware Config

Targets

- Target
  
  695ebf4db6a46967bdecfe41ea5db0b2f96845a460f7d16eb2fcd3111f2dd36c.exe
- Size
  
  404KB
- MD5
  
  323317d95d40108aa42de6bff8ee8bbd
- SHA1
  
  6e6f135129f9fa143e193970cafadf19ae4cd28d
- SHA256
  
  695ebf4db6a46967bdecfe41ea5db0b2f96845a460f7d16eb2fcd3111f2dd36c
- SHA512
  
  3d924aee0c61485de779ce1fca5a4bf8cfd545c7bda40efde631be999b961b2e4f1ec28552846f51c08c4421ddf23993ac8c1fb1b9dbbd94627c1e47cb56fd4a
- SSDEEP
  
  6144:icdgWObGvTv2nH0r4uikBHKznOji/H08GZgtDwsnGRxTxvL:i8gWCG6nH0rxiEHKznhbFwAG
Score

10^/10

collection
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2