a0a34facbcc28dbe0b6905b29f6aa17353d40383214414e5693d4640f5e4527d | Triage

Sharing

General

Target

audacity-win-3.2.5-x64 (1).exe
Size

13.7MB
Sample

230408-le5sjaef7x
MD5

36a195ba95270d76f105b3cf7aff4a4f
SHA1

05cdc660d848b7ed2bc4f58e8a5532cd7a98af69
SHA256

a0a34facbcc28dbe0b6905b29f6aa17353d40383214414e5693d4640f5e4527d
SHA512

1d1c142737cf4188ad34518a474c7e68b6361ccbf2e89c5dd773c3a678451c9bb55cd8be2d02a4ca4bd5b59104171cd85e33f28a1629ec7d11c51cda30dbb04c
SSDEEP

393216:MNwu8pVRbrRZZDWMmzOXBerWqJ5Sb/RgYAfEo:vu8VRRZZKMXXBGimYxo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  audacity-win-3.2.5-x64 (1).exe
- Size
  
  13.7MB
- MD5
  
  36a195ba95270d76f105b3cf7aff4a4f
- SHA1
  
  05cdc660d848b7ed2bc4f58e8a5532cd7a98af69
- SHA256
  
  a0a34facbcc28dbe0b6905b29f6aa17353d40383214414e5693d4640f5e4527d
- SHA512
  
  1d1c142737cf4188ad34518a474c7e68b6361ccbf2e89c5dd773c3a678451c9bb55cd8be2d02a4ca4bd5b59104171cd85e33f28a1629ec7d11c51cda30dbb04c
- SSDEEP
  
  393216:MNwu8pVRbrRZZDWMmzOXBerWqJ5Sb/RgYAfEo:vu8VRRZZKMXXBGimYxo
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1