fbba67f67f5a79f47252d265c0c526018fd7fa0366398f91154c4d5f655185fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

448dbb12b2fe6ed6f97cbb770ca4ec28
Size

4.0MB
Sample

240105-1153rabeak
MD5

448dbb12b2fe6ed6f97cbb770ca4ec28
SHA1

e35129192763883e1fd3e7c73e81b43cf0b6e842
SHA256

fbba67f67f5a79f47252d265c0c526018fd7fa0366398f91154c4d5f655185fe
SHA512

b6d27df214b7f74ef8719147855d3a53b9b5b28bfb6347aa570d0aa8840f0eb45dba6c8e584b9dba919fb58e380ca43311203d0dadf840a3db56ed2461806c33
SSDEEP

49152:u01WF+95MlHN1W6sa2A5VfF0Qy25m+ibsF6gdyPm:yE5mHN1WyM25m+tsgs+

Score

10^/10

persistence

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
porrameu

Targets

- Target
  
  448dbb12b2fe6ed6f97cbb770ca4ec28
- Size
  
  4.0MB
- MD5
  
  448dbb12b2fe6ed6f97cbb770ca4ec28
- SHA1
  
  e35129192763883e1fd3e7c73e81b43cf0b6e842
- SHA256
  
  fbba67f67f5a79f47252d265c0c526018fd7fa0366398f91154c4d5f655185fe
- SHA512
  
  b6d27df214b7f74ef8719147855d3a53b9b5b28bfb6347aa570d0aa8840f0eb45dba6c8e584b9dba919fb58e380ca43311203d0dadf840a3db56ed2461806c33
- SSDEEP
  
  49152:u01WF+95MlHN1W6sa2A5VfF0Qy25m+ibsF6gdyPm:yE5mHN1WyM25m+tsgs+
Score

10^/10

persistence
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2