46c074e01f6368093a284c88cbd932b6454fd580f31cffdfef74a697cbd2ca8a | Triage

Sharing

General

Target

RR_mpgh.rar
Size

457KB
Sample

210417-8maqb1vn22
MD5

1b694cdad5f0dd2927ac364fa924dc4e
SHA1

d53079ec9825012c62db8ff5ac8bb11be04327c0
SHA256

46c074e01f6368093a284c88cbd932b6454fd580f31cffdfef74a697cbd2ca8a
SHA512

6d44367a2a9a23f00ab61149e8ebdfcb156235e275a28c73eea78a79acb4f5916c04fd3a002e62bfb23ec8e73bd6bb890230bd4813744e5987a8900b057be1f2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Inject.exe
- Size
  
  573KB
- MD5
  
  82b4c1727d772ad05cdc058c63e70fe5
- SHA1
  
  429a7f57effee074b346e1ca4e2ec5e4ffd57044
- SHA256
  
  1ec49226856e504990878135f929fbfd03596d764415d7300f0e24f78cfbadb1
- SHA512
  
  83edd5bf5b4f829983215881787cf34bdba7c4f8aec5f4385668ccc56aec082382dab0d58920943341836a84659c1c4ceb3fc2f1057736511ef10a7a54ec571f
Score

8^/10

persistence
- Executes dropped EXE
- Sets service image path in registry
  persistence
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Paladins.dll
- Size
  
  401KB
- MD5
  
  bfb209e842ee665236750e047fb97055
- SHA1
  
  afd782ce68de4fea4e62703891cc9c3fdf563157
- SHA256
  
  2500df72b41928fe9999a9d85165af209d4fb74de90145694373dd525b9e2a44
- SHA512
  
  374d0aae4220d2d9ec81625e69a525e5c82ee386d60507eae2d8814a96c94a34579d3acf84dc8eb7a6d4038b4a3f6e001e73e20a0295cc6df0d9db3cbe2d0a8d
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4