a6e8c7bb7e4bd3cc05386be8bd2844ea8cc8c726f616c37937f815d85f403e9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Comments FRANCE - EU-CELAC Summit - May 4.html.zip
Size

4KB
Sample

230704-k8eyjabg55
MD5

558950fec625b61ecd1cb89c29dee281
SHA1

2c2901c426fe913ea62a1f531394fde704a90d33
SHA256

a6e8c7bb7e4bd3cc05386be8bd2844ea8cc8c726f616c37937f815d85f403e9e
SHA512

d096fc85d3503bcbe756ce48e678c63b11184c4e3c5391b8b688e36a13abd91b2bd1420d63b0f82f3eded4bd96c3e3965bd9e8e5157119db13b74e00b6f3d50d
SSDEEP

96:cD51Vp2BUXolGxYk8G22rOXGc7X0eYEJD1Qn+EMSmMXAop3:cD51z245DDrOXGc7X0evDrSrJp3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9ce5abd02d397689d99f62dfbd2a6a396876c6629cb5db453f1dcbbc3465ac9a
- Size
  
  9KB
- MD5
  
  a09e4ca13545425764b8d0d95eb97d63
- SHA1
  
  9439cf64598bb25bd7015aadba673ffd520df19a
- SHA256
  
  9ce5abd02d397689d99f62dfbd2a6a396876c6629cb5db453f1dcbbc3465ac9a
- SHA512
  
  d3ad0a11eeed676c040090b8550d073d0ef33604c9302ebfe30ad0ce22c50d9e20cf496ec65680501642396d9c02adb4e9e96559953462595f1d8cf22e3d3639
- SSDEEP
  
  192:haLJLL8HbqJwAZOAFlFYWkQlA8E9/HWPy2kLd6o17XkUf7yLE:hoR8WJwxALtkQlA8E9/HWPylLd6oRXLR
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1