7de68704bad0f0ecc0a815428043c3eed923d5e93c02df4ee593cf95db334705 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7de68704bad0f0ecc0a815428043c3eed923d5e93c02df4ee593cf95db334705
Size

1.5MB
Sample

231012-ta4zfacb59
MD5

88c0a82aabbeab4f40b1fa6f570de2bb
SHA1

eef8332738bb5e06e9b0c9be9ac7265f412b83db
SHA256

7de68704bad0f0ecc0a815428043c3eed923d5e93c02df4ee593cf95db334705
SHA512

799f17d5b84cb47449e4d6973bc9f5a6996705ea5cf5968cf38267fab04e91fd8a821460580cdb8b2f32470dbed5821df63b107fc6535ed78f464498bb0d420f
SSDEEP

49152:jS8psYLDXfEByZ+HulSVjup9wVTQtNEqxwf0p42:m0uZ1arwBqI0J

Score

7^/10

Malware Config

Targets

- Target
  
  EOPAudioRecorder/EOP Audio Recorder.url
- Size
  
  55B
- MD5
  
  ea087ac405ce32754a41371e83e7c6f8
- SHA1
  
  e738cfba2cfe6bb6b87414e4cb98431a735369e0
- SHA256
  
  c75b3369268ceea1360984ca04fab8bbb574a3125856c669a5e7d45ab5f91376
- SHA512
  
  d074d00a4c5abfbc06589e3db2e7b8b9579225d3ee23bafec87ee95dc90eaeaf1bed99ef83c636dff10927dda41c042b914fdbcb1a120f58ca4420c5a2ac8758
Score

1^/10
behavioral1 behavioral2
- Target
  
  EOPAudioRecorder/EOPAudioRecorder.exe
- Size
  
  1.8MB
- MD5
  
  50504349a70133f5f4bd9c63045b02a2
- SHA1
  
  981cfa88868e544cb9f219894fb56b163caf170c
- SHA256
  
  c134be2c4ddc4e2f50a615b347f6a470f56f6cd77ca7a30de28f19ccccfc70be
- SHA512
  
  dc9618a219c310d9a520e35add0dc3b358058470b8052cadca2060a1bfbc221fa11f9e63482cf780f3828b833fa718d7a03d5a609892028d5efe496286b5cb73
- SSDEEP
  
  49152:s6IlZUKGhwjxVOSGmrKOL8/SQh/kTnMy6Vr2A/K:sTcOVOSXrKK8aQh/By6oj
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  EOPAudioRecorder/RecordAudio.dll
- Size
  
  234KB
- MD5
  
  48468b252c2fdc9f112693e57084f85c
- SHA1
  
  89807e70d6c852db4806f6b1e037bc0403996dfb
- SHA256
  
  547d814ff4d3838c01eed83acc1cf5220cefaa9a3e1acbdde67ec43ee1890522
- SHA512
  
  08e9a90b2f214d2b2ec4d14867680d2153679bd8038d190b8a3c788d3bee652565cd4cc5eb0dc4f908288cdd5da834bb4541e5dec574c719ab8b7113fef208be
- SSDEEP
  
  6144:AUa7rNXASqpparRA+Gh1Uj1dhAQBqZiiEL:AXAnAGh1Uj1dhAQBqZg
Score

3^/10
behavioral5 behavioral6
- Target
  
  EOPAudioRecorder/unins000.exe
- Size
  
  1.1MB
- MD5
  
  fa0198baf47061e6a5c3f38a6334c7fb
- SHA1
  
  8d54151c5e2cedc59d3855d650863116935c61e4
- SHA256
  
  7d8f852409cedead04999131d382d37478c2eb0a0e2b178bf16b9ef6a3fc0a5b
- SHA512
  
  b066aa7b7fc63ce9b84b928532dbeae8f227ed30c700f9584316789f05db7432cf0a0f286daf42de6e50402b15850eda52d8428a14d5c6d5931a71f8d110d77a
- SSDEEP
  
  24576:Bh+EpSGP3ZEgRhuRKOODzjJBwjOGfcCUWgEf0ZsMCmGHHx9b7:Ba+PjJaEWZAsTxB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8