66262cd24479f4ad1812508bc71ddc21ea04b168ecf7ca8ca942459e1bc6b1e6 | Triage

Resubmissions

30-08-2024 17:58

240830-wkhv3axbkh 8

30-08-2024 17:38

240830-v7p28axcnp 3

30-08-2024 17:34

240830-v5fe1awcrh 1

30-08-2024 17:29

240830-v2wykswbrf 8

30-08-2024 17:24

240830-vywteawape 8

30-08-2024 17:19

240830-vvtvmsvhlg 8

Sharing

General

Target

More certs.zip
Size

271KB
Sample

240830-wkhv3axbkh
MD5

8c0db7cae4c7bfaa4206a7001caf8b98
SHA1

c94d76644237d67bb78d1f7d807801f542e62b6d
SHA256

66262cd24479f4ad1812508bc71ddc21ea04b168ecf7ca8ca942459e1bc6b1e6
SHA512

d42ed046fcdc69efbbc8ebfe62315919e0f7b6a174b5c28dddc31cd471e17159f342204cfe6c45c19773c692329263dfd1dc323a2076106f499022da5c9961e1
SSDEEP

6144:2NTyjVmz9xh12smp75E0Aw62wB2rMk5b5+DY5hMq7f95LU:s+ajj8XrMkP+DQyq7c

Score

8^/10

Malware Config

Targets

- Target
  
  ACCVRAIZ1.crt
- Size
  
  1KB
- MD5
  
  d0a05aee05b6099421a17df1b2298202
- SHA1
  
  93057a8815c64fce882ffa9116522878bc536417
- SHA256
  
  9a6ec012e1a7da9dbe34194d478ad7c0db1822fb071df12981496ed104384113
- SHA512
  
  72820a7b6327b5342507dd1cc22cfd70e015370ae3994e5d98dfb5508459035eaebd6bc43df9664bb2b8a3b6a18dcc65ac80f67a1c32fc8bf42631cd89e5235d
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2
- Target
  
  EC-ACC.crt
- Size
  
  1KB
- MD5
  
  ebf59d290d61f9421f7cc2ba6de31509
- SHA1
  
  28903a635b5280fae6774c0b6da7d6baa64af2e8
- SHA256
  
  88497f01602f3154246ae28c4d5aef10f1d87ebb76626f4ae0b7f95ba7968799
- SHA512
  
  90085096b0598e9309fc565bcd39918ef3eae9aca6b506085e993e1891584623f659682bf86020a0136d2d7e65e52392144ac89fd8ecabe42296c2fdb8ea76ac
Score

8^/10
- Blocklisted process makes network request
behavioral3 behavioral4
- Target
  
  Izenpe.com.crt
- Size
  
  1KB
- MD5
  
  a6b0cd8580da5c5034a339902f556773
- SHA1
  
  2f783d255218a74a653971b52ca29c45156fe919
- SHA256
  
  2530cc8e98321502bad96f9b1fba1b099e2d299e0f4548bb914f363bc0d4531f
- SHA512
  
  3e9adc81fa64fcd7d3475d06eed5eadb113a8aba20060cfe2833b839e8c9f6b9bc4e42f6bb9143fbf346db41d4152c73c9d170183984dd9ba3fdcde2ccbee802
Score

8^/10
- Blocklisted process makes network request
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6