RubyMine-2020.2.3.exe

General
Target

RubyMine-2020.2.3.exe

Size

307MB

Sample

201124-axvpvjcp7e

Score
8 /10
MD5

7ddd8ecd1cb209bcc6b599126aad8e37

SHA1

4cf04b6e45d5dafe68aeb90ba34290a6e2ee2504

SHA256

28746a13fb1554be4343381135a72e8fcc8d978bdbb3d7c4b434f68ce20a418c

SHA512

d1356db63a342ffc2bd1ee89070b27870995af67fafa3d828a1d00dbc85ab3f89c268e1920de14f18a3c7516763192926b4abe4ba9599e75ac08ff4f3e1e9eda

Malware Config
Targets
Target

RubyMine-2020.2.3.exe

MD5

7ddd8ecd1cb209bcc6b599126aad8e37

Filesize

307MB

Score
8 /10
SHA1

4cf04b6e45d5dafe68aeb90ba34290a6e2ee2504

SHA256

28746a13fb1554be4343381135a72e8fcc8d978bdbb3d7c4b434f68ce20a418c

SHA512

d1356db63a342ffc2bd1ee89070b27870995af67fafa3d828a1d00dbc85ab3f89c268e1920de14f18a3c7516763192926b4abe4ba9599e75ac08ff4f3e1e9eda

Tags

Signatures

  • Loads dropped DLL

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Drops desktop.ini file(s)

  • Executes dropped EXE

  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      7/10

                      behavioral2

                      8/10