61e81c4bab7c086d4380e4629348f70714324d720df45da49a90460b6ca1e5ae

Resubmissions

11/06/2024, 11:08

240611-m8wbmavbpf 8

11/06/2024, 11:06

240611-m7n6xsvfjq 8

Sharing

Copy URL

Twitter E-mail

General

Target

plsqldoc.zip
Size

8.8MB
Sample

240611-m7n6xsvfjq
MD5

dcc36793ac1493f750631e606ba0ab63
SHA1

2ed30a2f0513bfdc04652194d8ef837383c05fac
SHA256

61e81c4bab7c086d4380e4629348f70714324d720df45da49a90460b6ca1e5ae
SHA512

9aa206c2c5f2e935f0e87f11b98b6259541957465c4d11b3824e209b8062a38b9a25c4f88cafa0a942b853a891993e86ebd4cdf9cf84bbec46cd14d648f65af1
SSDEEP

196608:+mete7YYZhUhtNo1FG/Xbqm7HfI2MN/FzT0AtyCoc5t7KqKw:we9chtN9Lt7HgjN/F8jc5Bn

Score

8^/10

execution persistence

Malware Config

Targets

- Target
  
  plsqldoc/APEX_IOFXCHECKED_x86.exe
- Size
  
  10.4MB
- MD5
  
  4a7085e16bb9126b099627f73b2e3b04
- SHA1
  
  e5ecbc05077052f73abab5e0e315dc93a694edaf
- SHA256
  
  69451a0cc8c98adad64e49a655ba1caa68bf4d540392e8573f312bf7198b12d1
- SHA512
  
  73ad6d8b24560a03d8e4dd0c1622c1b413781d481e2075e8230a338011a0269d8cbe04522b8c9435cefabbb0db63279292163072a28448642560cd53d3480d5e
- SSDEEP
  
  196608:XcIVde2CpbZxFN9DYw90YFNCJt18VhUlvTAoFThocQlN/thgCbA6yC/hvUaCo:Xc+de2QZx/biJt1NLTFTeblN/inC/Vh
Score

8^/10

execution persistence
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Command and Scripting Interpreter: PowerShell

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2