e64e1fd55824c26842efa2a513c51c8845aae87941425d9f107cc642ff8aab60 | Triage

Sharing

General

Target

e64e1fd55824c26842efa2a513c51c8845aae87941425d9f107cc642ff8aab60.zip
Size

16.0MB
Sample

231008-bk3j9abe67
MD5

4b49e42c291d2169b05434200feabeac
SHA1

7b265ab5b0c4f298ae1a469dcc6ce07fe45eadcb
SHA256

e64e1fd55824c26842efa2a513c51c8845aae87941425d9f107cc642ff8aab60
SHA512

f896f364c724ca02c4d8503cdc3449b4279d87fe43d47906e7177c15eb6db85564e7f4609063dbc3276f407d21ab459b43af4189b29a4a029515e66369a6b121
SSDEEP

393216:QGC4ttT20Ll+HvdFq7vDfWX92PMLYwvwY7XKOj7B05KHME:HttFlY7qvWX3LZweXj7B05xE

Score

7^/10

Malware Config

Targets

- Target
  
  Installer(1.5)_2005-09-27/setup.exe
- Size
  
  5.3MB
- MD5
  
  fde670ec1f9c11746f32cbcb8ff35b7a
- SHA1
  
  a288ad3009cf56f13ee8945b0202b6f05d785629
- SHA256
  
  108109cb7f77630735469bab477b30234649fa59f87a9205d8be9bcbf8b51fb3
- SHA512
  
  d08f6b0daccf4a5d19566b897d73a938eb6a264aadc7eeb42a1fca8ab6f040cd19960a5157c3c619a1223ee7b4f9ff6f2e01ca126a4554560d38d19b81e76ef5
- SSDEEP
  
  98304:ZSDyGb1FLqQF6dWry//DthQiooP2qDAN0mVgSxa872avkRu4t4JpYbeSlclb:sDyA1oMuWr45hrr2imVf72aL4tQ8lc
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  Surveillance System(1.1.00052)_2005-09-28/Surveillance System.msi
- Size
  
  841KB
- MD5
  
  8471e53a5fc2661f4cd0a9d6151eead9
- SHA1
  
  575886d0310d4d00c90ff937b30e1dd0ca87b228
- SHA256
  
  47a90f403618ab2e7c67898af3bc8abf6a8cd8a210b5c48e28b844e63bef0ad5
- SHA512
  
  cdd5eda0ab639494e10cf8be9c00401b761e5fa3f8177bbf8487c3c109ca5a11fe3b4cf764508b25f779751fc5b081855c6e564bee2137739633657ecf01bca1
- SSDEEP
  
  6144:+QC/riBt6iJhfKGGn+QAXUvcHXJqEW+T0yEgZdYUsUt7tYxasUfed:iTiBAiJhfu+QkWcKk0odFt5BsUU
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  Surveillance System(1.1.00052)_2005-09-28/UserManual.pdf
- Size
  
  5.4MB
- MD5
  
  d2e96d7662bf3d7d85519ad36bf89682
- SHA1
  
  0c3d27e64bc54ddaac3f6d085ee62695165c02be
- SHA256
  
  78b998d4323ac2807cbd05349ec308a57ba7d8d50134e749c42e05319c33a31e
- SHA512
  
  e591a073e0ae242723f3bf2e53666b942182d3de4e0a78c56b80f569cc7d3105a9a6f1d946dd6b5353cab855db63c78d0bfe084e8db6d90eea2335ce677a9e34
- SSDEEP
  
  98304:6aeSZ2L6rrrrrzvVGTFXgMjfTlj4NPxvgusP0fmdfu9W7FeoLsYAogm:6hs2mrrrrr+goBjgPV60fm1u9W7FeoAq
Score

1^/10
behavioral5 behavioral6
- Target
  
  Surveillance System(1.1.00052)_2005-09-28/setup.exe
- Size
  
  4.2MB
- MD5
  
  54a28f6c3ed2532ef77a173a67c43ecf
- SHA1
  
  284d3423cacc3ddc66c4dfdf703c23e0fd0a8f78
- SHA256
  
  170f2f2e690e933713d22edd6527b9b5aff81466ac6b01aa4427dfd0b6b34c8f
- SHA512
  
  294e2e7bdd16a8724bf1c0861482eaa1b172972c89ab68b9ce613be9df6d4c0b30a9cf5eae19fbd0ed48ff293d011994852366861d31b06975baf445b080e4fb
- SSDEEP
  
  98304:ZS6pGb1FLqQF6dWry//DthQiooP2qDAN0mVgSxa872avkRu4t4JQ:s6pA1oMuWr45hrr2imVf72aL4t/
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8