589a6af86682b17c1dec64c756196fd54b08c412cb9764b6a935610197649153 | Triage

Sharing

General

Target

game1 (5).zip
Size

15.1MB
Sample

231011-jyflmscf86
MD5

346bec785d2a0bed452b8be47e3fca22
SHA1

fb05d9663759c9c44465dbf908004db6049eec10
SHA256

589a6af86682b17c1dec64c756196fd54b08c412cb9764b6a935610197649153
SHA512

21a51ea81193fb4e9e028cbef410601fdbb1671d0496a1676380ba8f637d6332d3fd69fb30e2c47a90eab0acaef2335c9673dbade80b8237207943fb3fd258bc
SSDEEP

393216:ZKm/w5vVVZ9Zq+WwwFU4kbhJuGPEKcbuzqE8:MmY5vNYaFbbuGS

Score

6^/10

Malware Config

Targets

- Target
  
  TCFUJMPVCI.NMN
- Size
  
  15.4MB
- MD5
  
  27232d9f6170906052fb27a8ce13dab0
- SHA1
  
  59dca3da0f6bab92184256cdbb5d80e6a4e345c3
- SHA256
  
  bcf96d9a4bf2714c10d6d91e46a4f3af2cdf69c2e15d36e0354c867a12811900
- SHA512
  
  5e2e4e2ed82fdc3ccd74c0ab4ac4059b6e55459dd32080207aa51d9ef57e4b6bd134e12550713f46466b4eba1e0ee4e323a24e5fd08dc619abcefa3d4da2e8f5
- SSDEEP
  
  393216:0RHBGZIl4oGce/QC65tJK//7Fafu7U8c:0ReRuz5bK//B1A
Score

3^/10
behavioral1 behavioral2
- Target
  
  b.exe
- Size
  
  889KB
- MD5
  
  03c469798bf1827d989f09f346ce95f7
- SHA1
  
  05e491bc1b8fbfbfdca24b565f2464137f30691e
- SHA256
  
  de87c8713fac002b0b0a0f9b02c4e3ebcccf65282a22f5ab5912a9da00f35c2a
- SHA512
  
  d95aed75dd7b2470d4e5052b4b494ad9efbb9eee42c63cf0b38f1d0275ff7b1bb8ee4cbc69d1bb219dbbf33ad3b01cea97f87fa8fe69be7f943aa4417a603238
- SSDEEP
  
  24576:mjSsPIqS9jL0rJ3n770E9d8qTtE4n4CucuH:GzyH0ZOqTGQ4CDu
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4