3de5f8732ba0959ba80909ca24344d6a58cded1792210b146c9d416c524b5371 | Triage

Sharing

General

Target

3de5f8732ba0959ba80909ca24344d6a58cded1792210b146c9d416c524b5371
Size

11.6MB
Sample

221125-17bsgsah33
MD5

a3d9f6661be0b2f9d6aa446d19f69384
SHA1

f318abc660788d345eebcf9d166856ba35e67931
SHA256

3de5f8732ba0959ba80909ca24344d6a58cded1792210b146c9d416c524b5371
SHA512

f7e940fa46e2a4cd96964b57b421f58f7de26c22d9f3780b62cf69f47cb4c5d71f714ad41209385bc5198d7eb32702bc38c409caaea7782f2423126635dd8b45
SSDEEP

196608:4cNiq58+x13UUgQgmQzVWBZjsKIPHmYNvPWUuLANLL2jAWVNblhb+w3+UM/PqKCr:V48GUgiQz4Bx8HhHz5sNZhbPOUeqzr

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  Keygen.exe
- Size
  
  2.3MB
- MD5
  
  04798a0dde80c2064f5466301e701fc2
- SHA1
  
  fe4dc773c04d58eef623324bf503b3cf2afcc5e0
- SHA256
  
  b66ce5aa238a4ce12fbc6315b1306b788d64ee57d7805e055ef3661bff847a0e
- SHA512
  
  ff35340c5f32c882d8b6710e47c80cdcbc31f9d7caf3f466d848873b71bb437d17dedeedde2c90b67c9815d8947db15bdba39f591354583b77df8bbaab1be064
- SSDEEP
  
  49152:8kTgiNPgVxquveP3eBzV43TGgnR4hEGSOYvyqOZVWHO1et1jEResgJB25t:8p4PgVxqRPZygngy/vdOaHO1MDsgJBSt
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  SmartAssembly.exe
- Size
  
  4.8MB
- MD5
  
  772cf222a9183d529f0f8d33d35d079a
- SHA1
  
  0fce1ebb7254b5118d73a268863d7e312b203546
- SHA256
  
  c85a61c4ea4526afdb7ff61344c5266d3d8a65df80e5c437e0460e902651e71d
- SHA512
  
  d2dc77692ebe611f27960ef9de6d3f5268eaf4e646d61f4da910092d53d35f70d8e10793fc78802e5855a72f635727c1e6bdfaa348ee179924e8ae74b9eef3e5
- SSDEEP
  
  98304:N48aPAB2z0XEg8JyLbLJBbRq5PHmbTUl2LA6T+WMJ14e+9Cr3l6/:e4ZXTL/J9Rq5/oLbTps14eAOl6
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4