89e09019b606f98a12c5bc8e8e75730044fe6d69619dea1dceb474da98fb7c0a | Triage

Resubmissions

31-03-2023 14:34

230331-rxfh9acc75 7

Sharing

General

Target

npp.8.5.1.Installer.x64.exe
Size

4.5MB
Sample

230331-rxfh9acc75
MD5

cfe2387019f5b782ec50da652c334c5b
SHA1

07c3aabf4726964d6544f8ba2a1da2b17ef4e8c7
SHA256

89e09019b606f98a12c5bc8e8e75730044fe6d69619dea1dceb474da98fb7c0a
SHA512

42e703b32f2f0cbfb0681d477556c7aeaa0901f3e00e7b5cbedc680d7b3e3e19a0a2690edee6da3955a88ca4d7257c7ea50dbeef04edd303490142d56e36cf09
SSDEEP

98304:gNv7kL78FmamEC2E4j2t9DHyBMhDyGUSItJPXV2ixj/hCmfovOLo:gNwkFm+s9zFALVi6CeaIo

Score

7^/10

Malware Config

Targets

- Target
  
  npp.8.5.1.Installer.x64.exe
- Size
  
  4.5MB
- MD5
  
  cfe2387019f5b782ec50da652c334c5b
- SHA1
  
  07c3aabf4726964d6544f8ba2a1da2b17ef4e8c7
- SHA256
  
  89e09019b606f98a12c5bc8e8e75730044fe6d69619dea1dceb474da98fb7c0a
- SHA512
  
  42e703b32f2f0cbfb0681d477556c7aeaa0901f3e00e7b5cbedc680d7b3e3e19a0a2690edee6da3955a88ca4d7257c7ea50dbeef04edd303490142d56e36cf09
- SSDEEP
  
  98304:gNv7kL78FmamEC2E4j2t9DHyBMhDyGUSItJPXV2ixj/hCmfovOLo:gNwkFm+s9zFALVi6CeaIo
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2