Resubmissions

23-07-2021 19:26

210723-yzn6xtp67e 10

General

  • Target

    csrsc.exe

  • Size

    2.0MB

  • Sample

    210723-yzn6xtp67e

  • MD5

    984287b2d5eb06be3bb771f84e3b5ee8

  • SHA1

    c75b5e359169084504a78259fd79f0d1e86a19ef

  • SHA256

    c28abaaad1b7b2c7a37f28e974e8214f07c88feffef986e0a60a44ab0fa575aa

  • SHA512

    412af5359691a2caea5a4e452b9ed2603d31db6306cf1c0b375c5f67400769108bc89c047b080d96e8f647b6fb6a47bfe9d6c6a123a4f27839953cd624e7ff9a

Score
10/10

Malware Config

Extracted

Family

rustybuer

C2

https://shipmentofficedepot.com/

Targets

    • Target

      csrsc.exe

    • Size

      2.0MB

    • MD5

      984287b2d5eb06be3bb771f84e3b5ee8

    • SHA1

      c75b5e359169084504a78259fd79f0d1e86a19ef

    • SHA256

      c28abaaad1b7b2c7a37f28e974e8214f07c88feffef986e0a60a44ab0fa575aa

    • SHA512

      412af5359691a2caea5a4e452b9ed2603d31db6306cf1c0b375c5f67400769108bc89c047b080d96e8f647b6fb6a47bfe9d6c6a123a4f27839953cd624e7ff9a

    Score
    10/10
    • RustyBuer

      RustyBuer is a new variant of Buer loader written in Rust.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks