Overview

overview

8

Static

static

1

Ashampoo S...up.exe

windows7-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ashampoo Soundstage Pro-1.0.3.0 setup.exe

  • Size

    108.6MB

  • Sample

    231208-agt82agc39

  • MD5

    2a18e03b7b6e090dc8bed865ed4fbd41

  • SHA1

    4fd73fa350d8c7db9c1811d715beb930a7af1036

  • SHA256

    13a091c228d92a51e138d49a1de4eb70b6cc0c635c0cdefa7e61f4e91b71d120

  • SHA512

    1af2f33ff519b8993096ce0b2032deeda39150b38071f5daf2daf35ae0f0e16b2b4cd7b5d06a1a835162427ae464be8b1c91b6cecb2eaf4923d95117500a0da1

  • SSDEEP

    3145728:7+ui5Z7y62xgAvEzbPXpaKQvt01CcqenP5SKz6ptM:7+3TFAv8PX4KCc9hSKz6Y

Score
8/10
discovery

Malware Config

Targets

    • Target

      Ashampoo Soundstage Pro-1.0.3.0 setup.exe

    • Size

      108.6MB

    • MD5

      2a18e03b7b6e090dc8bed865ed4fbd41

    • SHA1

      4fd73fa350d8c7db9c1811d715beb930a7af1036

    • SHA256

      13a091c228d92a51e138d49a1de4eb70b6cc0c635c0cdefa7e61f4e91b71d120

    • SHA512

      1af2f33ff519b8993096ce0b2032deeda39150b38071f5daf2daf35ae0f0e16b2b4cd7b5d06a1a835162427ae464be8b1c91b6cecb2eaf4923d95117500a0da1

    • SSDEEP

      3145728:7+ui5Z7y62xgAvEzbPXpaKQvt01CcqenP5SKz6ptM:7+3TFAv8PX4KCc9hSKz6Y

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks