388f9597ceb743647162cc71e5546c08b69b6a191cc6d09f7eabacba9abbf466 | Triage

Resubmissions

22/01/2024, 21:54

240122-1skrvadeaq 8

22/01/2024, 21:43

240122-1lebgsdder 7

Sharing

Copy URL Twitter E-mail

General

Target

disneytarzan_win.7z
Size

34.8MB
Sample

240122-1skrvadeaq
MD5

03e2089aaf20c198eb3d6927a65efad0
SHA1

d33ddb85611eafd4b4821d2062a13176c5747d42
SHA256

388f9597ceb743647162cc71e5546c08b69b6a191cc6d09f7eabacba9abbf466
SHA512

9dfdd8fb29b084d47cb6b24d3260eb4a0013248e5e6e3e89643ab6a46903006b0238b80b06d5638a24d92e5f1c7005ce81b0be9404dc7c1f7f617e871c03d53a
SSDEEP

786432:3Gkn9Fo3466xMevWPoy5LjW4t8yfReca5ioXkgUyJEvv6yIauA6LRY:x9CgMevqFW4tvReca530g9EaynuA69Y

Score

8^/10

Malware Config

Targets

- Target
  
  Disney Tarzan/TARZAN/tarzan.exe
- Size
  
  1.1MB
- MD5
  
  eca7d4ba9bbb4695495578e0e7d69485
- SHA1
  
  1862e7938db16faaa486d054ff02113d271833a2
- SHA256
  
  e9abf3193ca0a98101fd9f784a012dcc581e527878e7a2c3df99c507d97ab111
- SHA512
  
  a3da7d355851cc5b7e83c41413c71cf7908e01812110950c98dd9239cc3b7a733cb1bb0490aa58fae983d1531c18c75ea52564794e9624fde4dc1a133a9a2e5b
- SSDEEP
  
  12288:xljqnA1aln7oOJyFg9LCN66gpJfaogUopHtTEgr6Lj3G3m7hd74QzWZzA/Io:xleACn7oOJyFELC0cb8AIhdMoWp2
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  Disney Tarzan/donations.url
- Size
  
  57B
- MD5
  
  27e7b006a99f7000a2bcd5d79ad295ae
- SHA1
  
  3d2f45e28bbd52b482c87b5f6485344d91977e2b
- SHA256
  
  b96dab7b21802343e855fc6e3f168ce8fc88a70388d5da4fb4b6df2d1af80e24
- SHA512
  
  90935bf5f7d97bce608cdee9635894b0154c2b786212e085447bf8c8331aebab501d292a99cad764f09335920ead54416d0f14978050aa385700c9ee62189106
Score

1^/10
behavioral3 behavioral4
- Target
  
  Disney Tarzan/gamesnostalgia.url
- Size
  
  53B
- MD5
  
  55b2a219b9ecb70a50e90eee1ec4d51f
- SHA1
  
  5697861aacce2d4a22a19d9173fbd17b81958def
- SHA256
  
  d1ce68dd9f2b2a0c495a55ea07069690a40b9bf30ccad66e66c416d3af3c0b23
- SHA512
  
  7f189bf79920e72d37eb3823d111f9038f93acfc0389691f01288275d23c91a9d36649e88d4e970071cd9be29dc2f5cb76303d0ccf2c8979f7fd3fe60d87a519
Score

1^/10
behavioral5 behavioral6
- Target
  
  Disney Tarzan/patreon.url
- Size
  
  64B
- MD5
  
  bce5b7754a3eeb1edac2feac5edac7c9
- SHA1
  
  6b96d3d83f58f90f31ccf9253d302f983163169f
- SHA256
  
  cb3fd1ce7cb04a92ebb2246b7c9398bc2dd233212d478e97b90cf9eae05c8a83
- SHA512
  
  5b2167ca4ba2459bc95a178220ac33491eeb07b67d4d91d3f9813d1cce57e2bd8139cf1d21425eed0ee4cff021abd0808445881a2eef30a5883a6719c6396c28
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8