e9317532eb94a2dcfe16a943f6c29d4d9a4cd2d780814b4b16dcdf6a79be446c | Triage

Resubmissions

17-01-2024 18:54

240117-xkjyssdcf4 8

17-01-2024 18:40

240117-xbebyscefm 8

Sharing

General

Target

14236264228.zip
Size

135.7MB
Sample

240117-xkjyssdcf4
MD5

a5655c352a46bee9e6f7a4f9b062063c
SHA1

40890ee4f24a398c5e0d9ee5b9892966a1d7bba6
SHA256

e9317532eb94a2dcfe16a943f6c29d4d9a4cd2d780814b4b16dcdf6a79be446c
SHA512

438fb7c9a48642ba42384a3750ced7b8291bda4473eb3990d822dc2d48bb9dc902f7f12f8dc4812b17cc4988ba8db7b5d52ecec97a87a0bb5dc4c162c1d62356
SSDEEP

3145728:wk6IUdFC1ysm/th85WpxeUmsEwHG2TdhsqpqmEaMLceDIzuIT5:zxUdFC1Lee5oxeUBGKPbnreA

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  efed9df5db764689c3ba1a06084599f47278e8a7a6732fb35f5ed1b01748864f
- Size
  
  135.6MB
- MD5
  
  e347a58cf88cc6f686207d30d2e3db65
- SHA1
  
  8b24338138775079f8fdd85366fed7598a9f288d
- SHA256
  
  efed9df5db764689c3ba1a06084599f47278e8a7a6732fb35f5ed1b01748864f
- SHA512
  
  d9347486a247e40f53b27270bca7afa29b428236be514d5261a19115226dc07de776c84fa6b0d0150f6e7d5d8bdfadba0da2d9ec9c6a5ca1d2a17943ebcadc43
- SSDEEP
  
  3145728:YZXsiKRnMfIcYNVZiTeoVu1uX7rAUMg47zNO0SPo8Z1Z4wX1JfSbmbd3d:Y9ontcyVZiamAuLX947xOj1Z4wlQbw
Score

8^/10

discovery
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2