5f66ac351b392182000935480b265e39e9d39d17a696f9b20aea5c284d26404a | Triage

Resubmissions

01/04/2023, 02:12

230401-cm737agf6y 7

01/04/2023, 02:08

230401-ckqfcsfc83 7

01/04/2023, 02:03

230401-cgtnlsfc63 7

Sharing

General

Target

DarkOrbit-Client-Setup-2.7.0.exe
Size

87.4MB
Sample

230401-ckqfcsfc83
MD5

031c2960ea14a8e8c25bd5231680ac41
SHA1

f50af93a0c0368027a9df15da70816503f5c3a12
SHA256

5f66ac351b392182000935480b265e39e9d39d17a696f9b20aea5c284d26404a
SHA512

7815c46fb707b42422c117a1aa38f1d1ee6a24ff1b9e2917285b9bb019f8ac6d8189aca0cb9328fb48c6c5dbff5615181c86eaaaee30ae39d2b58e71d6eb160a
SSDEEP

1572864:ASW7RwoFRV44eZEE9BuA+L+R6vDBhx7Vu6h785R8BxMg3Auug93Wi3hcT0iav:AxwoP24IEImBhBhcwFr9mGc1m

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  DarkOrbit-Client-Setup-2.7.0.exe
- Size
  
  87.4MB
- MD5
  
  031c2960ea14a8e8c25bd5231680ac41
- SHA1
  
  f50af93a0c0368027a9df15da70816503f5c3a12
- SHA256
  
  5f66ac351b392182000935480b265e39e9d39d17a696f9b20aea5c284d26404a
- SHA512
  
  7815c46fb707b42422c117a1aa38f1d1ee6a24ff1b9e2917285b9bb019f8ac6d8189aca0cb9328fb48c6c5dbff5615181c86eaaaee30ae39d2b58e71d6eb160a
- SSDEEP
  
  1572864:ASW7RwoFRV44eZEE9BuA+L+R6vDBhx7Vu6h785R8BxMg3Auug93Wi3hcT0iav:AxwoP24IEImBhBhcwFr9mGc1m
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1