79bbb63e4ad87a6cf16160dba2a7e1c9a92b1aee7278020aa8e8591b75d30fcb | Triage

Sharing

General

Target

FLIR_Thermal_Studio_Installer (1).exe
Size

132.8MB
Sample

230104-vez2qagh64
MD5

4ef5ceb4f91120ccb9ef482331d26c85
SHA1

469ad57936485f1a421c73edc3db2df7f807f514
SHA256

79bbb63e4ad87a6cf16160dba2a7e1c9a92b1aee7278020aa8e8591b75d30fcb
SHA512

5a6948103354525f403bba07ee5c5de44aaa108bf3cab7c4da65158f363713f55046fb26d2c22696ddf117c464720f5d577e8d2deebba8f4c9c287416b22183a
SSDEEP

3145728:BFMxC088FmdPCdjczzLvsHV7ZyOhRU9SDsYU0+8ys1ZUSVq4:j0aumdqdQXLvs175GSG0+8ys1mS84

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  FLIR_Thermal_Studio_Installer (1).exe
- Size
  
  132.8MB
- MD5
  
  4ef5ceb4f91120ccb9ef482331d26c85
- SHA1
  
  469ad57936485f1a421c73edc3db2df7f807f514
- SHA256
  
  79bbb63e4ad87a6cf16160dba2a7e1c9a92b1aee7278020aa8e8591b75d30fcb
- SHA512
  
  5a6948103354525f403bba07ee5c5de44aaa108bf3cab7c4da65158f363713f55046fb26d2c22696ddf117c464720f5d577e8d2deebba8f4c9c287416b22183a
- SSDEEP
  
  3145728:BFMxC088FmdPCdjczzLvsHV7ZyOhRU9SDsYU0+8ys1ZUSVq4:j0aumdqdQXLvs175GSG0+8ys1mS84
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1