c60c7061f20c6cf9645da0ebf22b143913038a93d9358c2693430e1925d6114b | Triage

Resubmissions

17-04-2024 09:27

240417-levmkaah66 8

16-04-2024 15:27

240416-svq3msde45 8

Sharing

General

Target

e00b253eda798487f5fef2ef25164fd8.exe
Size

126KB
Sample

240416-svq3msde45
MD5

e00b253eda798487f5fef2ef25164fd8
SHA1

cf2c21c845f16ed144487e9f86d8b5ba8376008b
SHA256

c60c7061f20c6cf9645da0ebf22b143913038a93d9358c2693430e1925d6114b
SHA512

bd3dd458dfe3cc38c3ac24a53bf96f7362052fedda39df8aa13ce41a250ce27ecd55068898d4c21e1622f7542891b82adc1b2d884684bf080080bfded7f17d13
SSDEEP

1536:duokBZMKvOsg8ISIv47rz0D+/R/Av3coL6+9D8rbBuS7BeAXJ6xkRQsN5xgSF:RkBGWOsTIJgIDU5A/coLx9DoBRe/xK1F

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  e00b253eda798487f5fef2ef25164fd8.exe
- Size
  
  126KB
- MD5
  
  e00b253eda798487f5fef2ef25164fd8
- SHA1
  
  cf2c21c845f16ed144487e9f86d8b5ba8376008b
- SHA256
  
  c60c7061f20c6cf9645da0ebf22b143913038a93d9358c2693430e1925d6114b
- SHA512
  
  bd3dd458dfe3cc38c3ac24a53bf96f7362052fedda39df8aa13ce41a250ce27ecd55068898d4c21e1622f7542891b82adc1b2d884684bf080080bfded7f17d13
- SSDEEP
  
  1536:duokBZMKvOsg8ISIv47rz0D+/R/Av3coL6+9D8rbBuS7BeAXJ6xkRQsN5xgSF:RkBGWOsTIJgIDU5A/coLx9DoBRe/xK1F
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  21KB
- MD5
  
  92ec4dd8c0ddd8c4305ae1684ab65fb0
- SHA1
  
  d850013d582a62e502942f0dd282cc0c29c4310e
- SHA256
  
  5520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
- SHA512
  
  581351aef694f2489e1a0977ebca55c4d7268ca167127cefb217ed0d2098136c7eb433058469449f75be82b8e5d484c9e7b6cf0b32535063709272d7810ec651
- SSDEEP
  
  384:VpOSdCjDyyvBwRlX+ODbswYM2s74NS0v0Ac9khYLMkIX0+Gzyekx:rdCjW/lX1PfYM2X1
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  faa7f034b38e729a983965c04cc70fc1
- SHA1
  
  df8bda55b498976ea47d25d8a77539b049dab55e
- SHA256
  
  579a034ff5ab9b732a318b1636c2902840f604e8e664f5b93c07a99253b3c9cf
- SHA512
  
  7868f9b437fcf829ad993ff57995f58836ad578458994361c72ae1bf1dfb74022f9f9e948b48afd3361ed3426c4f85b4bb0d595e38ee278fee5c4425c4491dbf
- SSDEEP
  
  48:iYXzAm8HGJLvwM8GJFd6I7W4JtT2bxNNAa4GsNf+CJ8aYqmtlKdgAtgma1QvtCSJ:lz2mJkpGR6GY74GQ1YqmstgGCtR
Score

3^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3

behavioral4

behavioral5

behavioral6