95004cedd46d05041d9bf426097d7eed0891d376bcf385ebce16b6af77678ce1 | Triage

Resubmissions

27/12/2022, 16:30

221227-tz34fafb94 8

27/12/2022, 16:29

221227-tza3naad5x 8

Sharing

Copy URL Twitter E-mail

General

Target

PolyMC-Windows-Setup-1.4.3.exe
Size

36.8MB
Sample

221227-tza3naad5x
MD5

4de957f7f7a225d279e04d543465c0d4
SHA1

f7097b1435221613e95470f072f4fc476dc480d7
SHA256

95004cedd46d05041d9bf426097d7eed0891d376bcf385ebce16b6af77678ce1
SHA512

f743405729dd0ea052e9991daeeb5b397ab484ac2114d8467b5e86b78d4ac8978b4992c5a0819d56f96af967e7a9d0163e4bebf0fbc59750af63e2bf1392da0c
SSDEEP

786432:bipaXXHkdnMkZumuNLkP4HcZ1rH/I9ihqIse6COj4GkFGXG3P+1U8L:bisHtkZxuN4YcZ1D/KLzDj4HQXcP+qE

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  PolyMC-Windows-Setup-1.4.3.exe
- Size
  
  36.8MB
- MD5
  
  4de957f7f7a225d279e04d543465c0d4
- SHA1
  
  f7097b1435221613e95470f072f4fc476dc480d7
- SHA256
  
  95004cedd46d05041d9bf426097d7eed0891d376bcf385ebce16b6af77678ce1
- SHA512
  
  f743405729dd0ea052e9991daeeb5b397ab484ac2114d8467b5e86b78d4ac8978b4992c5a0819d56f96af967e7a9d0163e4bebf0fbc59750af63e2bf1392da0c
- SSDEEP
  
  786432:bipaXXHkdnMkZumuNLkP4HcZ1rH/I9ihqIse6COj4GkFGXG3P+1U8L:bisHtkZxuN4YcZ1D/KLzDj4HQXcP+qE
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2