83ac3aa3ddb2b4e61e491fd285964333d0aff50a48cc2d19648f4b29f2166cf8 | Triage

Sharing

General

Target

Studio One Keygen.exe
Size

2.4MB
Sample

240405-jac6lseg98
MD5

1d98a9a9a062ae63e9f88391caa38319
SHA1

8a15b38589645f4e5a81ebad51e0bc2e5e28ed61
SHA256

83ac3aa3ddb2b4e61e491fd285964333d0aff50a48cc2d19648f4b29f2166cf8
SHA512

cfa1b0244467b1e1de38728fe37404cd6952f0bbfa3feb47824c284b05fa97d0aaecd5f2f22236303b3c0ef882111530b7748d2cda3716d8d40958feab7b8649
SSDEEP

49152:okA/g8S9JdJRkpRUliy9cogyJXh5AIEHP4+JhFxEh5hF/t0HbOh3DHdPslij:oXLS9jJRkpKZQ0R5tEvLSveHbSDHN+ij

Score

7^/10

Malware Config

Targets

- Target
  
  Studio One Keygen.exe
- Size
  
  2.4MB
- MD5
  
  1d98a9a9a062ae63e9f88391caa38319
- SHA1
  
  8a15b38589645f4e5a81ebad51e0bc2e5e28ed61
- SHA256
  
  83ac3aa3ddb2b4e61e491fd285964333d0aff50a48cc2d19648f4b29f2166cf8
- SHA512
  
  cfa1b0244467b1e1de38728fe37404cd6952f0bbfa3feb47824c284b05fa97d0aaecd5f2f22236303b3c0ef882111530b7748d2cda3716d8d40958feab7b8649
- SSDEEP
  
  49152:okA/g8S9JdJRkpRUliy9cogyJXh5AIEHP4+JhFxEh5hF/t0HbOh3DHdPslij:oXLS9jJRkpKZQ0R5tEvLSveHbSDHN+ij
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  $TEMP/BASSMOD.dll
- Size
  
  33KB
- MD5
  
  e4ec57e8508c5c4040383ebe6d367928
- SHA1
  
  b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
- SHA256
  
  8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
- SHA512
  
  77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822
- SSDEEP
  
  768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0
Score

1^/10
behavioral3 behavioral4
- Target
  
  $TEMP/R2RS1KG2.dll
- Size
  
  729KB
- MD5
  
  90f4d27517acc223d1698e6d189861e9
- SHA1
  
  070ca52f21232bbd9e1e99ef87a339dea43efb0b
- SHA256
  
  d53db9201a4a0ba627f107739398be8b16e8618d06fa88eed476026a43a4cc6e
- SHA512
  
  289daf70f5e97b304721ec249cac284f621c6606b84e832049747f264be464acbf7f9dfdbe7b39b18ea1c25754158cb0fa472b70ab70a9a3b3163acba2a308cd
- SSDEEP
  
  12288:5dvLDWGJ0E2gUPxrDIRYB/0hzYSmujEMPYKHWkQTnl1wEFHysG56E982x8ozOGzH:5dvLDWGr2/xpSmuUnlI6U82RzaE
Score

3^/10
behavioral5 behavioral6
- Target
  
  $TEMP/keygen.exe
- Size
  
  583KB
- MD5
  
  1b9a74d3cc46f9ee0d453cafc565ee56
- SHA1
  
  c1bf1898738a6b18c45a929de19cf4356666c273
- SHA256
  
  495a29f5092924fcb86fd47f2ece35fab64f3f9ca20fb12b42b33946c2a053e1
- SHA512
  
  cd57f0088ab58afa37b9cbec61da854db93bd79e7475a35f783e73f527917260eb78768ad3bed47998b1a892aa0d3bff78dc6a1915ab0024393ea0d0a4a2ac9f
- SSDEEP
  
  6144:pcmzikEPDonRgNgz1+hw6hNgPfHv9PAimIAOtEoG7CYxniJODg+D:pc/kEPDonR6Y436vR4W6g+D
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8