45ab4270d58e1ae1a7d02eb2dd09bed4f1108c4f3ac2e4c54f67a06535e2e93e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Screenshare.Tool.exe
Size

360KB
Sample

231127-sfr2dshc7t
MD5

9e94eaa1b58407d16fe4ccbbfc503ec7
SHA1

f8fe60e55429511c5406f6d92d2bfed711d125ea
SHA256

45ab4270d58e1ae1a7d02eb2dd09bed4f1108c4f3ac2e4c54f67a06535e2e93e
SHA512

07cc9494448c52c22de31f0d4b222b97b8f1dc24162e2bbc29869951b196a046562a6c1dd041a97c70b8e2be150ad0b44e249265b765e1df909cd1076525974d
SSDEEP

6144:Nkr9uw11dnO9UOAV6OtQVzPpDUJ7o0HqAaGWqoJwXd9/mczHcma/iXdgaeFjSee:NO1OIV96Pe7o0Hq9GWqOcd9HzHYaXdgR

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  Screenshare.Tool.exe
- Size
  
  360KB
- MD5
  
  9e94eaa1b58407d16fe4ccbbfc503ec7
- SHA1
  
  f8fe60e55429511c5406f6d92d2bfed711d125ea
- SHA256
  
  45ab4270d58e1ae1a7d02eb2dd09bed4f1108c4f3ac2e4c54f67a06535e2e93e
- SHA512
  
  07cc9494448c52c22de31f0d4b222b97b8f1dc24162e2bbc29869951b196a046562a6c1dd041a97c70b8e2be150ad0b44e249265b765e1df909cd1076525974d
- SSDEEP
  
  6144:Nkr9uw11dnO9UOAV6OtQVzPpDUJ7o0HqAaGWqoJwXd9/mczHcma/iXdgaeFjSee:NO1OIV96Pe7o0Hq9GWqOcd9HzHYaXdgR
Score

8^/10

evasion
- Looks for VMWare Tools registry key
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1