af32a6bcb9b7982ee4aa440cc69aae712ebdffdc1fd7fc6a8a87316a3a951628 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af32a6bcb9b7982ee4aa440cc69aae712ebdffdc1fd7fc6a8a87316a3a951628
Size

991KB
Sample

231029-ark34sff69
MD5

7e1860609e010aae0d88fea5842cfd31
SHA1

a888703652f9a3494144b61140615aef46e9b360
SHA256

af32a6bcb9b7982ee4aa440cc69aae712ebdffdc1fd7fc6a8a87316a3a951628
SHA512

430c4c1a9a9441cc5575d00e8199303273b3ed9de904833d662e8ae74089a71079704645d1db8d8b591b163c673834bdf1a04547db956d43ab50454a5b13d776
SSDEEP

12288:dtIqOeamvX7iNB21y3b72sxfEYGHyRLovZR25jmYXMQnWXaEdi5NhRINDpQRPXMn:TIEriFH2sxfE1Ad1MPKRNfa2RvU0Dw

Score

7^/10

upx

Malware Config

Targets

- Target
  
  Imagine.chm
- Size
  
  23KB
- MD5
  
  5abb1cda07d55378864709bba76bdfd5
- SHA1
  
  a0e5c0365bb231b1f8df24553ef88010f5cf0e8d
- SHA256
  
  8eb745ffae92ede5be83be5eec5dc0c228f763e3adc994851c93b8968914d537
- SHA512
  
  903aa830cb2bffee5b8c5bcd4b5535fb511c494cadf526aa34ed47d56220bb8b97da5a5f82d7e500639136982059323d0252901c59166da0608f02a0d927060d
- SSDEEP
  
  384:Yjm/fJCyQvZ0uQ6XG1aNypaiFNt0Neb0zbSz2YtZualC7PYd0k/V:YK/fJCyr6XGoNypPJC9zOyow7Pg7N
Score

1^/10
behavioral1 behavioral2
- Target
  
  Imagine.dll
- Size
  
  862KB
- MD5
  
  b86a3ec9b257839464b0d00bd8a1499b
- SHA1
  
  8009632c155c1687e9a8977c09204f07f2f07680
- SHA256
  
  1630ae890550662afbf93e4b2602e73dddaaff2787a2986283c58e2f176fb590
- SHA512
  
  99e35f5a108eee7bf3d6896ad720f064256bbc7e8348ffcfc8536cc30ada4aee6df0e3935aece609ffd7e14774370ddb90176f2ff5190d819a1b8b1c3b2fc316
- SSDEEP
  
  24576:8Wl+2J7XReLMcmigwbnQB+11HvrkWt0x9q2IYIw:3b7XRVigCnQM1PYPmtw
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  Imagine.exe
- Size
  
  13KB
- MD5
  
  0d6b89ee8c1fa51745fc6272bc7febb9
- SHA1
  
  0ea9c7bc550b583f7156e32badb84b4c61ca34a6
- SHA256
  
  a525b22cdd0e6a232b7a8d61791934fd3ef1cbb9befcc3e4d347cc39579614d9
- SHA512
  
  a14aaee1d2dde13fa855fc9f66434520cd8caaf637720f8e2c4e0468562dd5f5d015d1c21e0f95233f21cbe535c33b5a41c0e440ad5cad65649a0c14be04bd69
- SSDEEP
  
  192:nGoGm9aQYpn7XEQg9TfMMxv3h9pxqB4IC7dcwICB7ucuHpUynT+v54UMD:GmkQa7XEQMfrxvqBAizA94
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  Imagine.wcx
- Size
  
  6KB
- MD5
  
  de80c4b14cedfd5b520bbdb78b76885e
- SHA1
  
  6151cc5e8c014e89e31a0f44f3c8d622213c8773
- SHA256
  
  1159b708c7725118d302bf04a73320fb92aec95dbb4ff8c2a1eb5d1c4b6e0b23
- SHA512
  
  4c541081a94948a1a0da8d75cb41a64cdd76eb14bd3e641811b15702e6d7a02fe7a23ab7eca4c03549ec6b3efc6d4161d1c946fc9faba3f10c53a4bf11f1d6d5
- SSDEEP
  
  96:ZqAIxewW4rEvwiVslDappLBXep59eunXD:iAL4rUwiV5ppLBE
Score

1^/10
behavioral7 behavioral8
- Target
  
  Imagine.wlx
- Size
  
  4KB
- MD5
  
  6aec3ec3afcf4ae202618cc3ff4900aa
- SHA1
  
  98ff05f27a5e499090503cfa6f05c16589a9d3f2
- SHA256
  
  0f7ada6f6d85e450d1d328fd7d80f7f8b180d90d15de7588c44784d1775356f6
- SHA512
  
  4ab4fe687a7154bf1bb4cc6a6fb66abfae66ce633f5a34d2b63fe7e5cf0d3ca5638e5f93b8bbea394cce184fc2fda4d92ae5d19bbed58c3ba1f19c265c64676c
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10