edaaa26f500024b459673c81b7d37b8e8281ef5f08de04291662021c3d44673a | Triage

Sharing

General

Target

keyfinder.zip
Size

9.0MB
Sample

221123-mlck1ahf2y
MD5

1e84d2480d9a2febf421aef7c1abd025
SHA1

3e396f5c01c7c81e6af61068be8d8a3e2e903c44
SHA256

edaaa26f500024b459673c81b7d37b8e8281ef5f08de04291662021c3d44673a
SHA512

9abd1d1787976f480ada92c3ef72f70c14e00f975ca466ce6bad814817f00175b84ed079b994af736dd7d20c3956d66e3f0ea60159ecc1b827350320686fc974
SSDEEP

196608:bTDp2kx9wTzuMQGBEfeW+5H0UhQhuB6LBxKNq4l24PSytOqT:Dp2kx8zyGmfVobxMLB8q4vTtOA

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  RecoverKeysInstaller.exe
- Size
  
  8.9MB
- MD5
  
  14d68897c90cc7a664444ab814514e9f
- SHA1
  
  2f295f5dc8d6b5c515fdeb45645c5a380dcf899d
- SHA256
  
  9ec7ff8bff95cb87561940849e877cb12f3e07d50762f2dc1c474b39d7c74b6a
- SHA512
  
  2c0ca9d49f5be5cbf3a1f3d629bccf0d0fdd4d0bf3f2b4222d9c763ac4df3b5924b37b97ea86aa95112a4cf1c9bb7509c97b02b91260b566143e117b4475ce91
- SSDEEP
  
  196608:StJMM796FzCSsOhQPsaOlzwSN+nGDuLbbGB6srwkv6y/2AQ:6JMM7yzQOuPxyj9aLbQ6sd7/2n
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  keyfinder.exe
- Size
  
  787KB
- MD5
  
  4187dfaf99e89cc211eb3f2bf6af81ca
- SHA1
  
  55fc92048228aaab920a9d164dff7ba92117ec82
- SHA256
  
  3cf64f198a3a58f608639823ae689cbff75dc475996cbd14ebd16550d9886f1c
- SHA512
  
  9ffc1e6f76ad4826abe7ece3dcf0a59c49564f03bb3ebde9a11d8dbaeb5f870cb5d9affcebd001ffe6d84aa6bd34fa8f94851de4d8f2a22e1941002e49b86d61
- SSDEEP
  
  12288:XQx8br+SgmYjgVobXcJTEjK25I3yWwR4C0Ecnb/Lxh+khPg85:PfQjUT/25a87inxIX85
Score

6^/10

discovery
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Security Software Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4