cded96db69d409e2517aadfe14b297f11a06529e4678649c24e3912aae6dcd1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hesaphareketi-01.pdf.exe
Size

33KB
Sample

240307-wk7t7ahf22
MD5

46070632cb729ab4504e3eda8aa5d6ff
SHA1

36e613ecaf07f0ec882ec43a5e0302a3f772d63f
SHA256

cded96db69d409e2517aadfe14b297f11a06529e4678649c24e3912aae6dcd1a
SHA512

e0ad349bd9ba6b50d1ffe4e1245728fa393768f2a057ea905b57520c1d3d22be4db24114bfcf4d6352167edae5d3f17cbe5b4891b33c7e1ea42eddb2b3af863d
SSDEEP

384:aitEC/6Inu+d22mKPj1I4KdKzVtyJVyEY6ZnrCP0UGFnU5/obDEwK2eV6q1xElkS:aL+688vN52MwM264qkmcNzk6Xd6

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  hesaphareketi-01.pdf.exe
- Size
  
  33KB
- MD5
  
  46070632cb729ab4504e3eda8aa5d6ff
- SHA1
  
  36e613ecaf07f0ec882ec43a5e0302a3f772d63f
- SHA256
  
  cded96db69d409e2517aadfe14b297f11a06529e4678649c24e3912aae6dcd1a
- SHA512
  
  e0ad349bd9ba6b50d1ffe4e1245728fa393768f2a057ea905b57520c1d3d22be4db24114bfcf4d6352167edae5d3f17cbe5b4891b33c7e1ea42eddb2b3af863d
- SSDEEP
  
  384:aitEC/6Inu+d22mKPj1I4KdKzVtyJVyEY6ZnrCP0UGFnU5/obDEwK2eV6q1xElkS:aL+688vN52MwM264qkmcNzk6Xd6
Score

9^/10

discovery
- Contacts a large (4684) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2