f32a336d1e20c1d80f16fa90c5e4437b9daa8fc224d1a3faa0d1cc4db41c04bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NUMKASP-V3[@hackers_assemble].rar
Size

7.3MB
Sample

230830-jmg1bsae57
MD5

8cbd90c33ecea50e5395397d7a23dcca
SHA1

013eb6066f50223dc7465f7a1b3695a5180b0d58
SHA256

f32a336d1e20c1d80f16fa90c5e4437b9daa8fc224d1a3faa0d1cc4db41c04bd
SHA512

9fc3a3791d52d6565601080a88d3f93edaee13300e660a88173bc5090b2bf730493f755810a0405b7db67f6b09684d98b1a1fe98ee499f24a463b1f96c5efb3f
SSDEEP

196608:pZq++GI8WrCUD0M0KSu01uCQyvnEoCtcidFXOndnCt:pZq3GIlb0M0Y01LQyEoCtP7EO

Score

7^/10

Malware Config

Targets

- Target
  
  NUMKASP-V3[@hackers_assemble].rar
- Size
  
  7.3MB
- MD5
  
  8cbd90c33ecea50e5395397d7a23dcca
- SHA1
  
  013eb6066f50223dc7465f7a1b3695a5180b0d58
- SHA256
  
  f32a336d1e20c1d80f16fa90c5e4437b9daa8fc224d1a3faa0d1cc4db41c04bd
- SHA512
  
  9fc3a3791d52d6565601080a88d3f93edaee13300e660a88173bc5090b2bf730493f755810a0405b7db67f6b09684d98b1a1fe98ee499f24a463b1f96c5efb3f
- SSDEEP
  
  196608:pZq++GI8WrCUD0M0KSu01uCQyvnEoCtcidFXOndnCt:pZq3GIlb0M0Y01LQyEoCtP7EO
Score

5^/10
- Drops file in System32 directory
behavioral1
- Target
  
  NUMKASP-V3[@hackers_assemble]/NumKasp-V3.exe
- Size
  
  7.4MB
- MD5
  
  f500d6bc7a963f1d063dcf786b7a1906
- SHA1
  
  62c24fb454c3893507d395ddde6fe083133443dd
- SHA256
  
  d94906c553f1959b3cd3289f1b0679c166429ce8eeb0cf556b23648cc4dc9566
- SHA512
  
  5aebf64edfffe372babd4d0c0e5ae0f414823b541b1163a131b6623150d232caa10d5aafe14df15806f9e4c31e8a80dbc4ccb2960a9191fce68cf4900878c380
- SSDEEP
  
  196608:lGjesyqnWC9ZyyXyllOWgg2KQzQWjD+SFwu:lGjPyqWGyyXNg2KkA5
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2