b5dee576d6819e1965a3803c7484b619977aa32c512da363114f95352a4a74d9 | Triage

Resubmissions

06-06-2023 09:43

230606-lqc7nada75 7

06-06-2023 09:38

230606-ll7kpsda58 7

06-06-2023 09:34

230606-lj2xfada48 3

06-06-2023 09:31

230606-lhbnvsde51 7

Sharing

General

Target

Manipulator v1.0.3 Windows.zip
Size

99.9MB
Sample

230606-lhbnvsde51
MD5

1a9babcdc9837cdf01cd948a5526dafb
SHA1

7c81e1c43de17c6b406c4d959532729a248002f2
SHA256

b5dee576d6819e1965a3803c7484b619977aa32c512da363114f95352a4a74d9
SHA512

432438fd264132187e3b33fb59fad6e1e4f7b77cc79a2f93cd0b3728b8bf21f7796a541048b06e16373e6ef3c30c781cc3fcef8ce80a420077decc5b5cb1586d
SSDEEP

1572864:PvoS38K5iC0KOVpMWIUUOXB2AIqYSCt90prdYN3zPwUPd083rUtr5cBwcO:PJRIC0rpMMBtInSA+pYNDIUl083ra9CO

Score

7^/10

discovery pyinstaller

Malware Config

Targets

- Target
  
  File Transfer.exe
- Size
  
  92.2MB
- MD5
  
  621945b8f2bb16441a3e0c0b28c18743
- SHA1
  
  553febd509c19df4f26733d5a55e32ca099b2653
- SHA256
  
  84e45baaeef388502601c556a54ce5a55812ed704b7fb1d60cf28e543b683ac3
- SHA512
  
  f43d34d741817c4780fc2dc0a8134d6c8fae9273cd9cac4ae4cc6184815fa43349018a5dde31ccb78e3dc6aed893755238e1a1a61030e284acc25f4e17f55490
- SSDEEP
  
  1572864:u5CXSX7Pi/Rt4PBkuzTDOCatomkEccC5kgXd9slriZH6+6SaBSOnuFw:uhWz4JkeR0kLcWk8QRiZa3SSSOnu+
Score

7^/10
- Loads dropped DLL
behavioral1
- Target
  
  Polyverse Infected Mushroom Manipulator v1.0.3 CE.exe
- Size
  
  8.0MB
- MD5
  
  195674f30fd4a6103f8dc60bd57bbb3f
- SHA1
  
  1f7c9f56b5b633b1c581d0eb036db4a04661e1b1
- SHA256
  
  69675855662bb2b45484683526f27556a5effc52ba8e604d9c0effd7a5a77c44
- SHA512
  
  1e15318c1d6acbecb621b656aa63ec50601d6cdafe6cbf3dc8b07e46c19d68af1a7af68b6e1df1a5b223548832fa3e9628bac9c297ab86d1c1d27884ec5a16a8
- SSDEEP
  
  196608:FAcle5/yf4wi6/vbJ2xuMQ+hcL3DcEwt5P9bqNo4X:qcU05i6nNulSHfwt5P9bqNt
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2