b36726aaf78b085d289247ffcd61dfe6121ebefe721bbbcd28f3327db73ece4c | Triage

Sharing

General

Target

SecuriteInfo.com.ArtemisE8B534F89B0F.17048
Size

156KB
Sample

201116-pm931vvfnn
MD5

e8b534f89b0f23446b410e47ded4a76f
SHA1

10081260a0f36ef8046beaffc3454da41fe62362
SHA256

b36726aaf78b085d289247ffcd61dfe6121ebefe721bbbcd28f3327db73ece4c
SHA512

6758b332a5b664a1a9a008d74c7af3e8fd3dd684c675eb27821dcecb2e4670264e2fec8e9fe41730a716828bc7a45dd2587c7274722a7e57d6b4412873594479

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  SecuriteInfo.com.ArtemisE8B534F89B0F.17048
- Size
  
  156KB
- MD5
  
  e8b534f89b0f23446b410e47ded4a76f
- SHA1
  
  10081260a0f36ef8046beaffc3454da41fe62362
- SHA256
  
  b36726aaf78b085d289247ffcd61dfe6121ebefe721bbbcd28f3327db73ece4c
- SHA512
  
  6758b332a5b664a1a9a008d74c7af3e8fd3dd684c675eb27821dcecb2e4670264e2fec8e9fe41730a716828bc7a45dd2587c7274722a7e57d6b4412873594479
Score

8^/10

discovery
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2