6a9e7f788aa8416b83ceef0ce03a7847c767efc31ff65d370b2c01e18c511bc9 | Triage

Resubmissions

26/11/2023, 07:56

231126-js1dvsfe62 7

26/11/2023, 07:10

231126-hzhlysfe6x 3

Sharing

General

Target

Topaz.Photo.AI.v2.1.2.exe
Size

452.4MB
Sample

231126-js1dvsfe62
MD5

f405d98e3694b6d0d066b4df7c1721f6
SHA1

9c88fb3ec95ab0b8b8a854b0c55e54beff154cd6
SHA256

6a9e7f788aa8416b83ceef0ce03a7847c767efc31ff65d370b2c01e18c511bc9
SHA512

e40240e2e349419f7bf20f28b6d67cb316805b9e8a86c652fb8165f064e032f95c5dc23e2a07989cb77f80f909e066f30734c7ba864ce01b0dca8ff424c1c9bd
SSDEEP

12582912:iOO5uEQydu9KJr0XqQv0/7QI8TAfeVbmWRkjgvk48KvYcKv07HxAxu:iOOuEQyduUGXqSG7QDsO/vV8MSMDSE

Score

7^/10

Malware Config

Targets

- Target
  
  Topaz.Photo.AI.v2.1.2.exe
- Size
  
  452.4MB
- MD5
  
  f405d98e3694b6d0d066b4df7c1721f6
- SHA1
  
  9c88fb3ec95ab0b8b8a854b0c55e54beff154cd6
- SHA256
  
  6a9e7f788aa8416b83ceef0ce03a7847c767efc31ff65d370b2c01e18c511bc9
- SHA512
  
  e40240e2e349419f7bf20f28b6d67cb316805b9e8a86c652fb8165f064e032f95c5dc23e2a07989cb77f80f909e066f30734c7ba864ce01b0dca8ff424c1c9bd
- SSDEEP
  
  12582912:iOO5uEQydu9KJr0XqQv0/7QI8TAfeVbmWRkjgvk48KvYcKv07HxAxu:iOOuEQyduUGXqSG7QDsO/vV8MSMDSE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1