14d2a1d41ba37203d736437fa963ca3099238750b5279069ba7ced550c24fc1e | Triage

Sharing

General

Target

Price offer __HVAC __ VALEO (2023-06-27 10-31).eml
Size

851KB
Sample

230628-a6xepagg9v
MD5

8148e91ef49964bd3d61a0c994f15b35
SHA1

f401b2d213217b158ce298abb7fb35a0596b20a0
SHA256

14d2a1d41ba37203d736437fa963ca3099238750b5279069ba7ced550c24fc1e
SHA512

1d2b8eb6edae8b6eeb7fa172b546552ca75fcc99d1ba1b3fc2277a57d12058ff3969df8ea6b81be44b898dd9a25cae038ae236a6f85c329bfc47d0b9f72b97e6
SSDEEP

24576:VVCEfkgvEonGcm6FqX2jNzjVf111zm3e3DtS1:VbkrkUgNfU

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Scan-02.exe
- Size
  
  628KB
- MD5
  
  6aa2ee2bfaff750ab8266c41c6fda649
- SHA1
  
  ab769fe01ed9ce1bff433356905e84a9c14279cc
- SHA256
  
  a15661ebcc1385f7f9dad588171f02e25fc5049b65f597e195d1feb71bd5c2ea
- SHA512
  
  356eba1771324b8b2c1278b5fbbaf3a09bbfb3a345245c94bc18761cd3c586a31fb21946e8aa5a939fb03fa378692c316d384271a691e2be73b0315325c6e5e0
- SSDEEP
  
  12288:ZYDPCt5ZeA+VjB2IiNXiSjjhx9NQhp/vwyhFXG/dFaoLSS6YN6gPBlhU:ZYDKpeZsNz5NQh1wa5GVFBSruDO
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2