f2a29b15f64ed7a275557d68525ce4142735ae709d91d5587f2b5ee7c8460c7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Croma_Proxy_Setup.exe
Size

27.7MB
Sample

230104-fgkbqadh86
MD5

facba54c9a297489cd7f414d958fed0d
SHA1

09728454adfb0696ab0f7c7094a5156eaae65364
SHA256

f2a29b15f64ed7a275557d68525ce4142735ae709d91d5587f2b5ee7c8460c7e
SHA512

3ce121b72d1ef051b8d7b004c11fd341d6000dd4f6479af677a0b358944991045370c078a930d5cf3eee77463849aaa859233ed60b0fcf95652861c693c2eec9
SSDEEP

786432:2oHOxzu4bErUhK/+CGLuoDarzoMJKW5I14ICaL2Al1M:xu7EFe3arzH8R2c1M

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Croma_Proxy_Setup.exe
- Size
  
  27.7MB
- MD5
  
  facba54c9a297489cd7f414d958fed0d
- SHA1
  
  09728454adfb0696ab0f7c7094a5156eaae65364
- SHA256
  
  f2a29b15f64ed7a275557d68525ce4142735ae709d91d5587f2b5ee7c8460c7e
- SHA512
  
  3ce121b72d1ef051b8d7b004c11fd341d6000dd4f6479af677a0b358944991045370c078a930d5cf3eee77463849aaa859233ed60b0fcf95652861c693c2eec9
- SSDEEP
  
  786432:2oHOxzu4bErUhK/+CGLuoDarzoMJKW5I14ICaL2Al1M:xu7EFe3arzH8R2c1M
Score

7^/10
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2