553aae68c08cdd4c612c990148828ded487f08d4e9566e3f73db58e3bdd43a94 | Triage

Resubmissions

03/04/2023, 04:20

230403-ex3ybsea8y 7

Sharing

Copy URL Twitter E-mail

General

Target

VdhCoAppSetup-1.6.3.exe
Size

42.5MB
Sample

230403-ex3ybsea8y
MD5

9be9b671c7dd8ad50413975352782a6a
SHA1

76fa97525fcbcb7e3d11e5c5c3b3cd6fa175124f
SHA256

553aae68c08cdd4c612c990148828ded487f08d4e9566e3f73db58e3bdd43a94
SHA512

8c9c5fc06af33034f48c2067e2f2ee2ee63f79c5bc32568522c97b83a67683401800a35c5cc395059aee7ef41e6a42caa9148b3b92f436497efb974f69108f7c
SSDEEP

786432:qNI1sG0uABaPCyVBoc8cAYUzZzltC/tq3X3lqlQ/CDJHsAgZTbZNN2k8pDxh:qNWSBaKGdNUzFlN3XVCHsPZTtP6Dxh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  VdhCoAppSetup-1.6.3.exe
- Size
  
  42.5MB
- MD5
  
  9be9b671c7dd8ad50413975352782a6a
- SHA1
  
  76fa97525fcbcb7e3d11e5c5c3b3cd6fa175124f
- SHA256
  
  553aae68c08cdd4c612c990148828ded487f08d4e9566e3f73db58e3bdd43a94
- SHA512
  
  8c9c5fc06af33034f48c2067e2f2ee2ee63f79c5bc32568522c97b83a67683401800a35c5cc395059aee7ef41e6a42caa9148b3b92f436497efb974f69108f7c
- SSDEEP
  
  786432:qNI1sG0uABaPCyVBoc8cAYUzZzltC/tq3X3lqlQ/CDJHsAgZTbZNN2k8pDxh:qNWSBaKGdNUzFlN3XVCHsPZTtP6Dxh
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2