ebe69714cae2aaa01d242082ed4f230b8b09b2be701a3b6fa14e191daa34502a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ACTA PROCESAL EN SU CONTRA CON RADICADO 70001-33-33-002-20150000.REV
Size

1.1MB
Sample

240823-wj6kqsxhlc
MD5

44d0e6fa4311ff8e10a9956545ef7368
SHA1

8d0b46581b2acd791c4502ccb1b89e20b5e070e8
SHA256

ebe69714cae2aaa01d242082ed4f230b8b09b2be701a3b6fa14e191daa34502a
SHA512

045cd053828673e0856cc18d33856a5d11c08491b7befe0ee809815f0f2dbc7bb7c7828a2d440d41eaf72a450a8b4a60857115ae00f38b8df4183550022419c1
SSDEEP

24576:Zg9vN04UZoDC+kQoUnGri1aoVNuaR9iVR3WnEdcs/9:m93UZoFoUnGrimVdF

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ACTA PROCESAL EN SU CONTRA CON RADICADO 70001-33-33-002-20150000.REV
- Size
  
  1.1MB
- MD5
  
  44d0e6fa4311ff8e10a9956545ef7368
- SHA1
  
  8d0b46581b2acd791c4502ccb1b89e20b5e070e8
- SHA256
  
  ebe69714cae2aaa01d242082ed4f230b8b09b2be701a3b6fa14e191daa34502a
- SHA512
  
  045cd053828673e0856cc18d33856a5d11c08491b7befe0ee809815f0f2dbc7bb7c7828a2d440d41eaf72a450a8b4a60857115ae00f38b8df4183550022419c1
- SSDEEP
  
  24576:Zg9vN04UZoDC+kQoUnGri1aoVNuaR9iVR3WnEdcs/9:m93UZoFoUnGrimVdF
Score

3^/10
behavioral1 behavioral2
- Target
  
  ACTA PROCESAL EN SU CONTRA CON RADICADO 70001-33-33-002-20150000.exe
- Size
  
  1.1MB
- MD5
  
  9f8f5962c8d3e8ba5e5b374b76de8a0b
- SHA1
  
  46516a215ecad09f6912aca13a3a5c721b7ef847
- SHA256
  
  576700e02475a3b2dc014167c5167b69598ec5801fe5256a808285c2055fd23f
- SHA512
  
  bef7d7f6a3c1dddc2627e884b79450444f4888052f8c97fc9d9f809b39b66756592440a2a0e7d489a1067a2e61eed903d026165dc26795f701006540b91c9a1d
- SSDEEP
  
  24576:ax/Ar8SP0BJtWjzFkyVZOWZv23DyAR8HWkev0XqH8PDSSGKoc:ax/AjV2D/jkev1MGSQc
Score

10^/10

discovery persistence
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

discoverypersistence

behavioral4

discoverypersistence