7e80a38c47a1457a35567f30a7ea515248ca391ae3d9deec48b31868af7315b0 | Triage

Submit
Reports

Overview

overview

8

Static

static

tightvnc-2...it.msi

windows7_x64

8

tightvnc-2...it.msi

windows10_x64

8

Sharing

General

Target

tightvnc-2.8.59-gpl-setup-64bit.msi
Size

2.4MB
Sample

210524-wvxl9h292e
MD5

a85259eec8742fdd4acffcdac54cd930
SHA1

696204de2e5688356bc01bae037c3b955432acdd
SHA256

7e80a38c47a1457a35567f30a7ea515248ca391ae3d9deec48b31868af7315b0
SHA512

1b2fd5b8e723c69250d6dfe2c24bbaa80b1a8d050c4d8ca24a2e92cc7f5d284bbac711e452f727c2ce12293ccbf7a4e005f3795015626d4a20f20c49f977a6b6

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

tightvnc-2.8.59-gpl-setup-64bit.msi

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tightvnc-2.8.59-gpl-setup-64bit.msi

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tightvnc-2.8.59-gpl-setup-64bit.msi
- Size
  
  2.4MB
- MD5
  
  a85259eec8742fdd4acffcdac54cd930
- SHA1
  
  696204de2e5688356bc01bae037c3b955432acdd
- SHA256
  
  7e80a38c47a1457a35567f30a7ea515248ca391ae3d9deec48b31868af7315b0
- SHA512
  
  1b2fd5b8e723c69250d6dfe2c24bbaa80b1a8d050c4d8ca24a2e92cc7f5d284bbac711e452f727c2ce12293ccbf7a4e005f3795015626d4a20f20c49f977a6b6
Score

8^/10

persistence
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy