f75f1a92e4380692aa5d73fa82cc6f9d02974a58e8210c7452ef40e6e7197d85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tsurugi-roblox-workspace-cracked.exe
Size

1.6MB
Sample

240223-fa1p5aba5z
MD5

3c1095b2c09fa834bbbd625650bf2956
SHA1

532ecc3f78e2fb5ec765cd18fe4d2654f241fd9e
SHA256

f75f1a92e4380692aa5d73fa82cc6f9d02974a58e8210c7452ef40e6e7197d85
SHA512

7b2ee3087730dc9eab6dc89450ab2fa3d466f28499e74d82be90604f6249b12f130e00535369803b5d7201ac33115443fb77302cf62f6a02874f6e5eeb09ba00
SSDEEP

49152:LgFV1MEMsppTlMHyyHh7xyixRBQwgzNV07:LEOApTl0XPRBD

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  tsurugi-roblox-workspace-cracked.exe
- Size
  
  1.6MB
- MD5
  
  3c1095b2c09fa834bbbd625650bf2956
- SHA1
  
  532ecc3f78e2fb5ec765cd18fe4d2654f241fd9e
- SHA256
  
  f75f1a92e4380692aa5d73fa82cc6f9d02974a58e8210c7452ef40e6e7197d85
- SHA512
  
  7b2ee3087730dc9eab6dc89450ab2fa3d466f28499e74d82be90604f6249b12f130e00535369803b5d7201ac33115443fb77302cf62f6a02874f6e5eeb09ba00
- SSDEEP
  
  49152:LgFV1MEMsppTlMHyyHh7xyixRBQwgzNV07:LEOApTl0XPRBD
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1