c9fa12f510e3c6db27b932b9bef09ea59d7db0c276a937b23d33ceb3f0973dbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

toponoesis.exe
Size

27.0MB
Sample

231030-kh9efsbh91
MD5

b840e7e147e1c0ce75397d893c23c7bf
SHA1

29d60d23d8f527cc6819624feef9502f79c78e50
SHA256

c9fa12f510e3c6db27b932b9bef09ea59d7db0c276a937b23d33ceb3f0973dbf
SHA512

6f44bd044773fb10649a129f94c73f196f86e788d27204903fbc4afb9dff15208554d973dd2db313f6efb8eb5d9dcfeae2fbbeb778049ddd5614e9f225032e8f
SSDEEP

393216:VGkUehdTfTZq5lJqWDMOadpOCewQ9hApI6WCocWj9Bzqct+xOJ9zfJ/Sg/jLcfTd:VjUehBTulJqkOQXApIxCq952Ozzggf0h

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  toponoesis.exe
- Size
  
  27.0MB
- MD5
  
  b840e7e147e1c0ce75397d893c23c7bf
- SHA1
  
  29d60d23d8f527cc6819624feef9502f79c78e50
- SHA256
  
  c9fa12f510e3c6db27b932b9bef09ea59d7db0c276a937b23d33ceb3f0973dbf
- SHA512
  
  6f44bd044773fb10649a129f94c73f196f86e788d27204903fbc4afb9dff15208554d973dd2db313f6efb8eb5d9dcfeae2fbbeb778049ddd5614e9f225032e8f
- SSDEEP
  
  393216:VGkUehdTfTZq5lJqWDMOadpOCewQ9hApI6WCocWj9Bzqct+xOJ9zfJ/Sg/jLcfTd:VjUehBTulJqkOQXApIxCq952Ozzggf0h
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2