20f237415445092295ae8a90ce532cec34626ce7305a5b7f10607a116e4c2ef4 | Triage

Sharing

General

Target

750fe441a59bf5f9b13593ef003f4412
Size

551KB
Sample

231226-rmcplsebcn
MD5

750fe441a59bf5f9b13593ef003f4412
SHA1

b2935e5fbbba3266a4f43dc752dac822cca0db13
SHA256

20f237415445092295ae8a90ce532cec34626ce7305a5b7f10607a116e4c2ef4
SHA512

b6f95c98366a01207a1d03c83bccd6dcfe68f37c231d273b4c4552e6096018b0ca05085fc42ae7145013783b7c2dd7f7eb3be3aa48226914f356d868eed6c30e
SSDEEP

12288:QPLvQ81WT4wWj7AEL0jip4GLdY1vyQ3ccP3BlpsSo3fsp966M4+:QPLvQmbwWjEEeip4GLO1vyQ3ccFL6uMB

Score

7^/10

upx

Malware Config

Targets

- Target
  
  ScriptJPG.cmd
- Size
  
  8KB
- MD5
  
  59d5201d66327e6fcce09bce1b4318c1
- SHA1
  
  e0b79de15b0f865329c7490572622b1318a538e2
- SHA256
  
  d32850760190dcefb32271de14247c768e7b8c354a4d8a04b620f5e8a59890e8
- SHA512
  
  306f381aec9427eafc5e41906a323ed693d9570c15f8a63869ad7ee6ca914954eb945f96f568c8355e4cb62ab9a0da7994fc9980d0fbcbef309c478f965532af
- SSDEEP
  
  192:Ipl1SsBF5cBlNTnTUf232mHzc05mBY320P2r8N8UAgwrnsib0GwgN8oMYs37MY:jQFmLTNNHzc05QY320P2r8N8UAJrnsaI
Score

1^/10
behavioral1 behavioral2
- Target
  
  lib/jpegoptim.exe
- Size
  
  112KB
- MD5
  
  cb9418fff1da966a91d7f1202d0ede74
- SHA1
  
  355b6cd5ab8fb47d20b66db033be3591e0475cbd
- SHA256
  
  fca72cd1ab9c9db0bc6cec61c85f71dbcfbf4e47cefdcd8f5ebd5f08a1f026ca
- SHA512
  
  d54bdf6780293fcd2596feca8a15f6f0a0f3eda4f0f4521d2819b354151265c4b2853686d09e76836c24e861c720224f1687c0205c42845125e62c272cb6436d
- SSDEEP
  
  1536:RoaVvyAmLBRFpKb0/ruEBT61Da5Rf0mbk/Ih6Ps5PMI76mqhCqHedlLm0RhUJ:RoaNq9r1T5rfxw/M6PQp0jedlS0AJ
Score

1^/10
behavioral3 behavioral4
- Target
  
  lib/jpegrescan.pl
- Size
  
  2KB
- MD5
  
  10ef26bad67a8b663a8967b9aafa2ed7
- SHA1
  
  73ebe36b530161b829945ab4047ade1ff4d728ee
- SHA256
  
  8c6ffa2918e3e31ff5d6a2879ddf342d2deeb443c7f8e36b43ca54a552ec388f
- SHA512
  
  f1d2e864913fe29d817f529ff2e78dfb285cdaa405328abf94c10eee7558bce3ccffe0c9c3e733c2f53e3a46df148ed60c7e9f73aab6edc0e6ac1754e839ca36
Score

3^/10
behavioral5 behavioral6
- Target
  
  lib/jpegtran.exe
- Size
  
  66KB
- MD5
  
  c65498792731eb2aeb1b206ffcd8e6fa
- SHA1
  
  ecaf3124d4a33a4edb2a54dc0c8ac4d3f7a40253
- SHA256
  
  4824a02b87efd1c15d179fb7af93250065de6b8bd2d6bc97a28e23f5febe013a
- SHA512
  
  bacb3bdb33d3af5d748ab0df0dea9f484e6bae02ba57e6ad33b550eb0a17a2059ff3de73435a19e754a9405b5aa14ec42334e62479fff8747e1f859924d8c80b
- SSDEEP
  
  1536:IwJkDzsNJtihJAV2S/KKwhCyx2DXzyG22V/Sl4H2nouy8:tiwNJwGPvGCO2yP2V/W/out
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  lib/jscl.exe
- Size
  
  15KB
- MD5
  
  255ed10062bf75d9d908ff816ddc9db7
- SHA1
  
  f93f16890f0eb6b864e2015adcaac2f34215e8f5
- SHA256
  
  825a817b22f1af4147cd655abc16e74acf4b2eed3a7a0d79730df704c8f137a7
- SHA512
  
  49fc9981eb16f5040dcd6fa0b6b1b66d03f2373fa3fd9387d44d52a2c4d3dee3291a0ce25ffbd0a8191eb4c351c4d06ebde2d38a7a6995f10d42267324b24455
- SSDEEP
  
  384:twim+dlEMY6/YMrbxRH1En51sTaOgvWpGCSoo:twiZXgIrbjHfTV+Wc
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  lib/miniperl.exe
- Size
  
  251KB
- MD5
  
  a67c7470f3eca5bc09767a8c1865abac
- SHA1
  
  cc6ff43fb8cca0d833415d4c5ff0ef579136c401
- SHA256
  
  01e0bf4447491821cb24bb9aa91a47d17b92eae85f4d63dc738b65eb2ad4ad6f
- SHA512
  
  ca0af3a20a495edd77e16bef87166267337ad04594476dad12555eacd63188e35a0daea564e9efb61dfe65f7263693e363354b0aecddf1c1759e2c85c8b08b2b
- SSDEEP
  
  6144:MgLOjhK/ks3Qc2Vw1Es3nijQCqKRJa1ouqqOn/kB1oS:LLO1KMAOuOG1Y8B1oS
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  lib/packjpg.exe
- Size
  
  79KB
- MD5
  
  bde55f6a0e64c2951e34754eb1bb5c6a
- SHA1
  
  cacbcc22d73b0c1969f059ada8924752c3cc4710
- SHA256
  
  5bb5f56afccd3452241d830683cdddce76545a42b89b0b1c9edd911c77e74512
- SHA512
  
  82c3cd1a1decb91fbf3c398caad24c9519ed72f2fd4206e95a77163d1455f0f92f622e3eac88d0add502ed624a2633d3f5da76be5fd5c931b84c4bf01e5c016b
- SSDEEP
  
  1536:h1GQOscDKlhfypQuJseagTL9+XpDxIyotUixQu2rnouy8:iulRypQuzgpCyotUvuoout
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  lib/pngout.exe
- Size
  
  38KB
- MD5
  
  05c673de53b2d220a4c9cb289d716f2c
- SHA1
  
  7a3f817dd8840b37a1f2236283beb927d20315e7
- SHA256
  
  777f8144f2bbfb91b5334cf34e307a7835ad16425d1df74b976db00bcc1377e3
- SHA512
  
  555533a769cbff89277751f1173f7d1200bd397913b6a3f19ea17f31ce8d4907e9edfb7d8a103a2c893086b52f6069f7d47a2822052b95ff4df842a8b4fa9720
- SSDEEP
  
  768:VZDumOX97+wybuDgSw9JclgQFQkSrITcQVTknbcuyD7U:7umEB+fu7OO9QFrITcQRknouy8
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16