5cc13036ae38c332d6e1b3cd0f22ea4078c2d8555bd0e551d363167296d99d05 | Triage

Resubmissions

07/01/2024, 20:56

240107-zrad2sedam 5

07/01/2024, 20:54

240107-zp8h3aecgq 5

Sharing

General

Target

Thunderstore Mod Manager - Installer.exe
Size

2.0MB
Sample

240107-zrad2sedam
MD5

5a25c98966ec400df0fd2a2e825cfa14
SHA1

2fc1e3b4891c273f2a27b65dea57f1db65757f74
SHA256

5cc13036ae38c332d6e1b3cd0f22ea4078c2d8555bd0e551d363167296d99d05
SHA512

dd070e77120a55057730eac5e2272b092be6ab00f9f275e4d835c2b3461e52137c589630504a32ab278d673b7df96e5b0f28b27ef61b5a8d5a1d4b87c40ac38a
SSDEEP

49152:9SlBxE87vxpsrFpIvxqMsaMwgs3W/0s9YdBA0c2:9SRPN+TIvxqMshwv3W/0NDA0

Score

5^/10

persistence

Malware Config

Targets

- Target
  
  Thunderstore Mod Manager - Installer.exe
- Size
  
  2.0MB
- MD5
  
  5a25c98966ec400df0fd2a2e825cfa14
- SHA1
  
  2fc1e3b4891c273f2a27b65dea57f1db65757f74
- SHA256
  
  5cc13036ae38c332d6e1b3cd0f22ea4078c2d8555bd0e551d363167296d99d05
- SHA512
  
  dd070e77120a55057730eac5e2272b092be6ab00f9f275e4d835c2b3461e52137c589630504a32ab278d673b7df96e5b0f28b27ef61b5a8d5a1d4b87c40ac38a
- SSDEEP
  
  49152:9SlBxE87vxpsrFpIvxqMsaMwgs3W/0s9YdBA0c2:9SRPN+TIvxqMshwv3W/0NDA0
Score

5^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2