Overview

overview

8

Static

static

RubyMine-2020.2.3.exe

windows7_x64

7

RubyMine-2020.2.3.exe

windows10_x64

8

Resubmissions

15-12-2021 16:03

211215-thfltaaaa4 7

24-11-2020 02:27

201124-axvpvjcp7e 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RubyMine-2020.2.3.exe

  • Size

    307.9MB

  • Sample

    201124-axvpvjcp7e

  • MD5

    7ddd8ecd1cb209bcc6b599126aad8e37

  • SHA1

    4cf04b6e45d5dafe68aeb90ba34290a6e2ee2504

  • SHA256

    28746a13fb1554be4343381135a72e8fcc8d978bdbb3d7c4b434f68ce20a418c

  • SHA512

    d1356db63a342ffc2bd1ee89070b27870995af67fafa3d828a1d00dbc85ab3f89c268e1920de14f18a3c7516763192926b4abe4ba9599e75ac08ff4f3e1e9eda

Score
8/10
discovery

Malware Config

Targets

    • Target

      RubyMine-2020.2.3.exe

    • Size

      307.9MB

    • MD5

      7ddd8ecd1cb209bcc6b599126aad8e37

    • SHA1

      4cf04b6e45d5dafe68aeb90ba34290a6e2ee2504

    • SHA256

      28746a13fb1554be4343381135a72e8fcc8d978bdbb3d7c4b434f68ce20a418c

    • SHA512

      d1356db63a342ffc2bd1ee89070b27870995af67fafa3d828a1d00dbc85ab3f89c268e1920de14f18a3c7516763192926b4abe4ba9599e75ac08ff4f3e1e9eda

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops desktop.ini file(s)

    • JavaScript code in executable

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks