3d00792fe310d354eada406918daad41a7d102296ba8390e649a6def121e6766 | Triage

Sharing

General

Target

Ruby.zip
Size

552KB
Sample

230823-xs2tksgd61
MD5

58c213d473fa01908376e381e5d25934
SHA1

abcaa58dbf350eb36c5594cf1046317a817ec876
SHA256

3d00792fe310d354eada406918daad41a7d102296ba8390e649a6def121e6766
SHA512

e9bdbcd5c39aa166c5e15e7516f452e825e742941225b36fef61bd02472b90726ead456abdf2eb8ab96b7d818982f42307c37a814a4fa1dd741d3985d2e13055
SSDEEP

12288:H/3qMAZ8A07B9qnMP83c+nzy5u1y5h3LWNcZhQgVYOS/AYmp+zkWmupTWQP:H/3qh0l3PElnzy5u1y5h31hhSoizkWFP

Score

3^/10

Malware Config

Targets

- Target
  
  Ruby/Ruby/Ruby Free.pdb
- Size
  
  2.3MB
- MD5
  
  fd9f3da9fd32564de3e16985e947c218
- SHA1
  
  fd25285983c2d470eb3932988ca3d703829e5ddb
- SHA256
  
  629d0c820069298fed47986f2aea1f1c74bdfc4fdc603579b0981f3a2d833910
- SHA512
  
  e337767418266eaa76c704c8ab12b9b2cc841674ceb34315d128708bd8d0a3c49cd931f74881813ca3db9a96e815d4c2c1727f4a633f90ef21817d7727c0bb97
- SSDEEP
  
  12288:eehz6Ij4fkXUUGvxD/T5eogZwIgJs0koMxcQ83hxUvweWWslyhuRfscQIx:eIz6DhTcogZhKsjoM
Score

3^/10
behavioral1
- Target
  
  Ruby/Ruby/Ruby.exe
- Size
  
  88KB
- MD5
  
  a046cf27c339b64df6eac701d1782690
- SHA1
  
  b7115fa7e56ccd7ad95f41ad8b25549d857b2e7b
- SHA256
  
  ef5123495425de4d4ac751bcbf335f54ee8a68c5bd47223fa2b2c468707784e7
- SHA512
  
  280c1860cd5a705085d15758db123993528fa98efb731c490c21fc48580416b66dfa48365907a99ed0ed10969c7ee07843ad409af1bbf964baeda104f47180db
- SSDEEP
  
  768:X0E6aa2ypQ1p+C2yKX5FudFIlKqBx0WscBL+Ck7As9:55ypQ1p+C0pFu4lKqpzBLy
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2