cfb536c3bb7a4e1453a10cb09d33dea1312556ad60f641f5e5a9276a0e74ef2d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Beast_Conquests.zip
Size

70.8MB
Sample

231228-1vmzzsbhdp
MD5

f9142aebc21b6f20633f6dfd68ea8980
SHA1

9fdd41243462a09a794ab92ec3903416af7f5d87
SHA256

cfb536c3bb7a4e1453a10cb09d33dea1312556ad60f641f5e5a9276a0e74ef2d
SHA512

70069990c3a2dc04e12e211c0f3c5d6cbbd54c37f92b83614e4adc66efacaf584602a76dce10497cac57e8728533e8c907b01484816ac9b37a71b6a0c9355d2f
SSDEEP

1572864:1GDfLFr4Fv6yVBYb8ISmLG3E3giW7dQAikZnFyRiLWk:1MfLFr4MWvE3gr7dQgFyROWk

Score

7^/10

Malware Config

Targets

- Target
  
  Beast Conquests.exe
- Size
  
  70.8MB
- MD5
  
  770d8a9c6f0cbe97a7b738bb46da1a00
- SHA1
  
  8614c64540a1dddadaa93d0674c079b501dd857f
- SHA256
  
  33ab895e270da5c3783cadbee52e1728500af03fb414520c29f1bebb9fe3c504
- SHA512
  
  00a5f5659d411ba3e05f71eac2beefb40909c6da1c79f233cec7c43292cc620f0387a7cf2a96cd8462981403fe7025a02b8d7beb71bd063da011b479587f9378
- SSDEEP
  
  1572864:/4/4rzOchPVTO6DvtS0WeNeGEyvH5lXLf8t7hyTahT6O81em7:QkqcdVTOWw0RpvH5xE9hDGOtm7
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4