28be1bcfd275756888fe4e1e2d866d7af521022f9a13e0267778e63e8ae98aa7 | Triage

Sharing

General

Target

504368519288583f7d6b6981c641b4b9509bdee7aac1e0d6c2371fc952451392.zip
Size

118KB
Sample

250327-l53e4asmx2
MD5

b856331357666c2ccd812c00a84b76dc
SHA1

8ed8e16c36b75b08fe19d038c86e0cbc66569b3d
SHA256

28be1bcfd275756888fe4e1e2d866d7af521022f9a13e0267778e63e8ae98aa7
SHA512

697c8c01d4795434e3ba9246c1264f457081ba95522a74d8d060f448ab5c11930005c535418bb54221ba1e7b1169528f0983d5447387fc38d6577b2d6483c8ce
SSDEEP

3072:t0COxZUalxAXXpRnBB1ItAcN03ge66b0HmWILq9C:t0Rbh4RStAv376l0

Score

8^/10

discovery macro macro_on_action persistence

Malware Config

Targets

- Target
  
  504368519288583f7d6b6981c641b4b9509bdee7aac1e0d6c2371fc952451392.zip
- Size
  
  118KB
- MD5
  
  b856331357666c2ccd812c00a84b76dc
- SHA1
  
  8ed8e16c36b75b08fe19d038c86e0cbc66569b3d
- SHA256
  
  28be1bcfd275756888fe4e1e2d866d7af521022f9a13e0267778e63e8ae98aa7
- SHA512
  
  697c8c01d4795434e3ba9246c1264f457081ba95522a74d8d060f448ab5c11930005c535418bb54221ba1e7b1169528f0983d5447387fc38d6577b2d6483c8ce
- SSDEEP
  
  3072:t0COxZUalxAXXpRnBB1ItAcN03ge66b0HmWILq9C:t0Rbh4RStAv376l0
Score

1^/10
behavioral1 behavioral2
- Target
  
  504368519288583f7d6b6981c641b4b9509bdee7aac1e0d6c2371fc952451392.doc
- Size
  
  179KB
- MD5
  
  e267aa39a15e33909dae39ec74828f8b
- SHA1
  
  ed519641868e38c0531358622bc10b863979e301
- SHA256
  
  504368519288583f7d6b6981c641b4b9509bdee7aac1e0d6c2371fc952451392
- SHA512
  
  95d9712e8f760e589761337376b329c28e9b5ee2d6ededd77e9dae29dc5dab41927f382562848bd3e2dfeb72859ec6d373335cc51d6c91bf60c1a10da735bb8e
- SSDEEP
  
  3072:Ean7O40C8HRLzZI5Cb1WdqfzdVWnTqUJxDZaQnRBvbmV8tbB:Ean7t0tRHK5C+qfzdVoqwB8Qqk
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

behavioral3

discoverypersistence

behavioral4