b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d | Triage

Sharing

General

Target

b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d
Size

1.1MB
Sample

230730-sjx2taaf4v
MD5

31867eb002d468df6ed7267d3db66a63
SHA1

2194c9d88a3f90ace25733dad8a3dad004dc0e4e
SHA256

b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d
SHA512

ce983f213e19c0bd083678ba2652be5502ec3a72843056ad8fa972efc067aa3572c2fe3ef0b81ff36d314fe3f4a629b090d5c47f8a8b5007b54dcbf27030c82d
SSDEEP

24576:rm1kEv/rrVwBOuOvVLmiGUWIjyNbYi59WYjt+I:rm1ZVwBOLvVIImN0i59Hd

Score

9^/10

coreentity

Malware Config

Targets

- Target
  
  Information/AppvIsvSubsystems64.dll
- Size
  
  245KB
- MD5
  
  d2b2f086bf9241954435caecc3ea851e
- SHA1
  
  e16d41f69f5dbcffd39b9a6c1f8b5b5eda7f6651
- SHA256
  
  e7c49758bae63c83d251cacbfada7c09af0c3038e8ff755c4c04f916385805d8
- SHA512
  
  bb90c6dbe3dcc36b80fc4969adf2bf345dbf37ffc8f27ef3b20f94ff2f5150e1af7e5cded060af820d1fe18e16be1e9eca627b42dfbd563bcc0f9f32d3884a83
- SSDEEP
  
  3072:izOFLss8Lsf3gMAPr5k+Ycx+VHiTAyWOhvccCtaCWe8RA2w1SAMe0UAzSXw6gGPZ:izQLs/NMo5TAHcXVccHCWTA2KGzfGh
Score

9^/10

coreentity
- CoreEntity .NET Packer
  A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
  coreentity
behavioral1
- Target
  
  Information/Information .exe
- Size
  
  1.6MB
- MD5
  
  b1820abc3a1ce2d32af04c18f9d2bfc3
- SHA1
  
  b260d80fa81885d63565773480ca1e436ab657a0
- SHA256
  
  6c55195f025fb895f9d0ec3edbf58bc0aa46c43eeb246cfb88eef1ae051171b3
- SHA512
  
  01085bd21fb6206b2af03cdef7490c73960d66a9c8a730436f9aa1fcb350063313ac06274ad6c63575410cd2b2ac64a6d33166fe5facc861926f762c0ca67924
- SSDEEP
  
  6144:ZmmDPbOztkAzkAZqrEdrEAZUCwFjNN1U:ZmmDgNPqrEdrEt
Score

1^/10
behavioral2
- Target
  
  Information/dbg.info
- Size
  
  764KB
- MD5
  
  9d600c319637e49e2ce40c7261bfa707
- SHA1
  
  b7b876191d6836d65da6e901da8aa66885a065f9
- SHA256
  
  5f6219ade8e0577545b9f13afd28f6d6e991326f3c427d671d1c1765164b0d57
- SHA512
  
  f91a90daf29e4d590ed9c7f1e16301756e2c09aa70c08e13b1dbcaf79cb413ff639512bd3dd3b8ada5589c696a2f2d4406ebe84c7be425c50ab1a0c340cc9518
- SSDEEP
  
  12288:IkEK+mczSyn8IJ95wF0gOuhEbMIrEQL2iIAqXoYkjiuPjIYl8dwResmMSg69nY:IkEz11X5wPOuibJL2SGoKsjIL7smZhY
Score

3^/10
behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3