fb4b2c53641f2751f87d1afbdb12cb071df94cfa42e0a1c3faa6ceaf363ba5d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RemoteRipple-1.0.4-setup (1).exe
Size

6.9MB
Sample

230720-kqf3waee7y
MD5

54804d86890170472249624b2c44d7ec
SHA1

865def170b8bdff136b5beb66fe2d356f7dc2de3
SHA256

fb4b2c53641f2751f87d1afbdb12cb071df94cfa42e0a1c3faa6ceaf363ba5d5
SHA512

72cfd8637771a58b44242f8d1f8c58bf22d17667b26bb8edc2e3973ce34d35a072f9ac228da45a536b0ba115af5b422efcd8bc94084f139171a29441dd13f0e3
SSDEEP

196608:gTJw0nrDOWj+TIhocK5ljZJ0C0vz3GOUI6V:Qa0rqWj+TIoLljZqCI2h3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  RemoteRipple-1.0.4-setup (1).exe
- Size
  
  6.9MB
- MD5
  
  54804d86890170472249624b2c44d7ec
- SHA1
  
  865def170b8bdff136b5beb66fe2d356f7dc2de3
- SHA256
  
  fb4b2c53641f2751f87d1afbdb12cb071df94cfa42e0a1c3faa6ceaf363ba5d5
- SHA512
  
  72cfd8637771a58b44242f8d1f8c58bf22d17667b26bb8edc2e3973ce34d35a072f9ac228da45a536b0ba115af5b422efcd8bc94084f139171a29441dd13f0e3
- SSDEEP
  
  196608:gTJw0nrDOWj+TIhocK5ljZJ0C0vz3GOUI6V:Qa0rqWj+TIoLljZqCI2h3
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2