c2371e9a9f138772f0347598601f118cabb3fcc05d9dd93fbb5c605b1a58cbe4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FW Perubahan password pada aplikasi HR.msg
Size

45KB
Sample

240424-karvfaga77
MD5

a374e33238ab53db5865c346ac59a383
SHA1

0a6b6ebcdf42878114da76e806a673a170b697fe
SHA256

c2371e9a9f138772f0347598601f118cabb3fcc05d9dd93fbb5c605b1a58cbe4
SHA512

ca0b2636538de09453ccf0c66a43d02695666b9a9ca66b0fd7882b037fb61e3ffa915f1c1cba7cff9e5a009f0af9ec39a49258703c8acf47246a7ac202729133
SSDEEP

768:Tl8g1VsIPfNCkmfK5U/6PqXt+yMkj7al02Uhu4t509tV+:FNCkp5UCPqXt+ypj7amPr0DV

Score

5^/10

Malware Config

Targets

- Target
  
  FW Perubahan password pada aplikasi HR.msg
- Size
  
  45KB
- MD5
  
  a374e33238ab53db5865c346ac59a383
- SHA1
  
  0a6b6ebcdf42878114da76e806a673a170b697fe
- SHA256
  
  c2371e9a9f138772f0347598601f118cabb3fcc05d9dd93fbb5c605b1a58cbe4
- SHA512
  
  ca0b2636538de09453ccf0c66a43d02695666b9a9ca66b0fd7882b037fb61e3ffa915f1c1cba7cff9e5a009f0af9ec39a49258703c8acf47246a7ac202729133
- SSDEEP
  
  768:Tl8g1VsIPfNCkmfK5U/6PqXt+yMkj7al02Uhu4t509tV+:FNCkp5UCPqXt+ypj7amPr0DV
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  Hanabank.png
- Size
  
  6KB
- MD5
  
  859b17b975785153738284f28baa7127
- SHA1
  
  4165d0856a5e19b75539acf642c32998aec4bc23
- SHA256
  
  3e6dfbb5e64e223193f44e0be0373d2d3e8dfcf0e1d8d8986e7775366c393ffb
- SHA512
  
  de63d23ddc391ce7f70ceb37781e6d31a9c04c4ba48509d29decf29b3259a237d30c87d63274d819577edc81b1fefdf160b4509854e56900ccd5064d989c3442
- SSDEEP
  
  96:QY2pfqE4i97nEzunV6s1TUXqPqcR5lIRReNCGsOQv+KaGUYtTzFavFo:Q1/zPhR50gNCZGHGUmzoNo
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4