b6701b408aeb00e373baa28be8ca7d1eb073ff15021c2dd2c85dfdffb9e4574b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Русификатор от Tender.exe-20240219T185050Z-001.zip
Size

1.7MB
Sample

240219-xkdf1sba2w
MD5

70cc01afd2382ba5c41a2baa32f556e8
SHA1

346322fe5dc163149088208a34130c9030d38d3c
SHA256

b6701b408aeb00e373baa28be8ca7d1eb073ff15021c2dd2c85dfdffb9e4574b
SHA512

167a95887898f913808b03248e275b2d108dfc6b4f23f08a5775438c3a5bf26819a56d45ad303ba629920bf3354942c32d03b20d7f14b4f174b26ac9d575ff3f
SSDEEP

49152:uNOghta9A4xPN8x14r5B3Js6QbF2ftlgkK:cta9A4pN8xyNBk2ftWb

Score

7^/10

Malware Config

Targets

- Target
  
  Русификатор от Tender.exe
- Size
  
  3.5MB
- MD5
  
  be2056b6335f11fb674001812a31d6da
- SHA1
  
  850ad38764d8c5c704d71e07cffa226ee09b72c4
- SHA256
  
  d77467b2bb59904f96076c3ac47a0a897f22d44be0525675115b650ef7cdc673
- SHA512
  
  28bae0fb87d7a644e2d6c364f33e2a4d557935c4855e1e420c4cb93f28aeb005eb98c954d14d5b486c818f023f43ed7056e28975d892d16da853bd1c44010486
- SSDEEP
  
  98304:u35E+vGaiDnXGtwcmoQvoTn0iNYxbx0AUYnkPOY03BJ:8vGacofn0jbGYnkWxJ
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2