9007329eaf532e2138a845d50881748a6896f73a7a814127f38213f499a47b79 | Triage

Sharing

General

Target

ItroublveTSC.6.1.3.rar
Size

6.8MB
Sample

230720-e1tttsdc4z
MD5

00fb4b131d06c1b0939d6f5fb4ef4e7a
SHA1

9dd4b19a72af99c40bbf5897b436126565062795
SHA256

9007329eaf532e2138a845d50881748a6896f73a7a814127f38213f499a47b79
SHA512

5618ce2db13db8d4f6a015589a4580efe25ba0a3987f9089860f5c73b936b55d58e65ffc15df87c8aec0cd8d6002cbe4560d4987124bb91581edbc9e2ec2575a
SSDEEP

196608:+gn8rPfxkqj/4m9UjJKKPC3Z49ftp30twdHa:+gnAPfRL49fP8Z+ftp30udHa

Score

10^/10

Malware Config

Targets

- Target
  
  ItroublveTSC.exe
- Size
  
  2.4MB
- MD5
  
  b5915bb34f01bad573a6cc0c314b9b8b
- SHA1
  
  8b10c4cbdf11fc016d9a48c79afd3ac05a13939d
- SHA256
  
  51353852176f069b6ab794f567a7cc2064341c8b80d9dd4ba0cfd8ca9948ae35
- SHA512
  
  6559d86bd6970a07c31c4fa330f41a50136b6d0abfa14e3782f5eaff1cbdfc9a1f39b3f1af4d2c0d181a7c83b73145a68ac54452ac21fe8f9584c47d9ac173c1
- SSDEEP
  
  49152:TAbfHjnTDRqfevVL3DfQ3QUzbzO9ayYaPSPFcKKiNixScEU4a3/B3D:TiPAfevVL3bQRO8Ea9csExN/r53D
Score

7^/10
- Executes dropped EXE
- Drops file in System32 directory
behavioral1
- Target
  
  bin/Binaries/RtkBtManServ.exe
- Size
  
  4.4MB
- MD5
  
  3405f654559010ca2ae38d786389f0f1
- SHA1
  
  8ac5552c64dfc3ccf0c678f6f946ee23719cf43d
- SHA256
  
  bc1364d8e68f515f9f35a6b41c11a649b1f514302eb01812c68c9a95a3198b30
- SHA512
  
  cb1e5ffed2ab86502ea4236383e9a4211a14b1abda13babbcceea67700c5746b37b4da6e45e10196eb76fa1e6959e71f19c6827466a54df1d5ba5ad2e16fc05b
- SSDEEP
  
  98304:lQf3s64R9ybzUcwti78OqJ7TPBF3ZlHHgkWJ0P39qXSaDv:ozUcwti7TQlF3ZxxWJSUnDv
Score

9^/10
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
behavioral2
- Target
  
  bin/obf/CLI.exe
- Size
  
  30KB
- MD5
  
  a6f83da2bfe041d92ff79b9c238ed72e
- SHA1
  
  ac12c6e8973f0f64d1395523fdcfcd0d73856128
- SHA256
  
  0b997165e348b17658bef1e869881c37c79c2a9bb26e132ac4141eefd5912652
- SHA512
  
  9ce5c2825848d360a07c9555bd940ceaf9c598dbf55f99fa783bbc47ca55dc375f562f29dc94e767ccd0f94120e37be90ad055ea22d353c283b0d3992df36e84
- SSDEEP
  
  384:AtQiJWE1r0K0vYzZBgB1P5AkWFq7UQweltaJVuTlVKMwW7nj8VtDVth7WAl9MWod:biJWE1QzvYz/K1yXqYQ8VuAwbfVogxq
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3