38e3439acc61a4cccde272a5aa3dfc3291e82c7967db9bc040e2336f2bc4b1a7 | Triage

Sharing

General

Target

FireDaemonPro.4.0.6.rar
Size

62.9MB
Sample

231012-lscnxabe3t
MD5

548ea3bd02588da136c070702d6c285c
SHA1

8151440c6587d973908057d5c56aa99a3606c2a5
SHA256

38e3439acc61a4cccde272a5aa3dfc3291e82c7967db9bc040e2336f2bc4b1a7
SHA512

e603b06fb9b65fa9254eddf039239fce57d950f63c4f6113c4297d8ba95eb6accad5414ed8755832a6ead8e59d01cbf8ee7cc55133806ce1358ba3ed497ff246
SSDEEP

1572864:DEHc3XSdYYGraNLkzUTOh0B4FdZNsvyBX+SAH7f4h0RZ0Myoegd6:DEUXSL2aNjBB4FdZbB2gOJyoef

Score

6^/10

Malware Config

Targets

- Target
  
  FireDaemonPro.4.0.6/FARegistrator.exe
- Size
  
  128KB
- MD5
  
  2a6e9d396a090baaf8ab9707baf1cb2f
- SHA1
  
  25e36241a7c6c817bd8ef20320db1a5a38167a92
- SHA256
  
  a4e51ed579fecdfd61857220d016fe2447bc7af828f6b5a3513d31cbacfb9e86
- SHA512
  
  21ae96a4fdb7d5bd7788893c6248a4c1cf5996b565a9da0780250d99f7ce2cb00b06e81e80da73e0a16ec37cdece218c88fbe33747203bad6741d4c50b270361
- SSDEEP
  
  1536:15EJdTsYnZWpy41OBhPFvp2orlqfDGzf7yaX2mXjAw1zdA4oEizGEM12tqlEpJeV:15E3FnQczDPFvvYf6zfbXzjAQjoZ5CV
Score

1^/10
behavioral1 behavioral2
- Target
  
  FireDaemonPro.4.0.6/FireDaemon-Pro-x64-4.0.68.exe
- Size
  
  32.9MB
- MD5
  
  1fb7bc200e2015fd749605e8cc9b70e1
- SHA1
  
  47860f259e5711b8235681849441a5a5fa698e67
- SHA256
  
  b76c6dbff614ff0375bd66789b2b5f694b3e6a9e082211331dfc3be47b1fe279
- SHA512
  
  f0cdc7b8b01b9b96a4d1f0c08ec231250a350dc411eefe67d0546d89cb1be5fa379a2d9e8aa46bb8864584a9114d5ca13f1e5836c2066cfb0b41eabed9c6e7c1
- SSDEEP
  
  786432:VnkiJzIqsDRVMP4zBmgkWALsEycCmudWiNIklf7S:VkiJzIq3P4zBmgkWVuC4KIR
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  FireDaemonPro.4.0.6/FireDaemon-Pro-x86-4.0.68.exe
- Size
  
  31.7MB
- MD5
  
  820d7ee9fbab8a864df2d49944a158ba
- SHA1
  
  a0dbd4e2ed8124bf9003c428a2529365f2260ad4
- SHA256
  
  971df80e6831a2c4619b70f35b5c8ff99f1986fbcf5f447a374642540c4b1395
- SHA512
  
  8d006c17f645bca4769d3f9fb7776a49b8a63739f9303cdfb03c07aa2430d24426f0560c17f4b48094a42f32d8b209cfaee8ba2b2b16bd70e3888609d6d702b3
- SSDEEP
  
  786432:vgfbfssF3AfmtsvGP3CTVkw2zvcffiEngGVcYNmKyQ:vgf1mDvGP3EVGg2ZDQ
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5 behavioral6
- Target
  
  FireDaemonPro.4.0.6/Huong dan cai dat va crack.URL
- Size
  
  255B
- MD5
  
  ad14ca493bee6033a95d4e30454f5566
- SHA1
  
  977f03b9c957ca02e8517e5455ac99f952d5b96a
- SHA256
  
  04148036b2e8c1f0826cdcda014f8139c012b5a6fa8c035e521af86cf3733c2a
- SHA512
  
  ad9f7454fe9886e898dae866ab84da5ec1c9f096d155a0280b468a2a158f222c4b0f42a63aff7bf8132e07dccb64dbe50ec6b413af37ae469a526996e6dc8a5b
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8