691fa6a7e43babc26e37f9d65a74e7e1ea17eb3d4440141aa7eab6cd5b4c39a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RAMMap.zip
Size

671KB
Sample

240418-tpwxdaad8y
MD5

2a730bb3cb813286d872ac6a754ffebd
SHA1

1385669404022211e34010c1395509fda3ebe36f
SHA256

691fa6a7e43babc26e37f9d65a74e7e1ea17eb3d4440141aa7eab6cd5b4c39a9
SHA512

5426e3a0cc258d9a637b55f4952b6701cc56aa8e09f7ec025d12ca18a516e321d9f94af2d66cbe93f30922d97d2f205e47dd52563190bc33b8ad4fccfcf7b576
SSDEEP

12288:A/ynWW44hNHbspvIhlXDBWBCI0dwvWVKyl5RHhwcFFsDP02lZdhUB3:mI4pQHXDByXwwzyldFMm3

Score

7^/10

Malware Config

Targets

- Target
  
  RAMMap.exe
- Size
  
  661KB
- MD5
  
  f8c7e41d1fbe9bee01fb44244087ae86
- SHA1
  
  342fb0c13f31697c4f032bc51d4083a69e479f59
- SHA256
  
  9200237404fc7936ed5854d904907f0ab9a4c689f38f98b49d30599a5498c84d
- SHA512
  
  08014d143dbd95cc29622c142c445f36d201218f7ec70c1ca6b728c3c7643e8da1e7718b2fc1fb422c5fb084a21788ccbdbe2fd7d37c3c56652f6ccb82591250
- SSDEEP
  
  12288:TRmy60QfnnEJtOzwH69iT1yr6IvLbfIfITRYei0TrhuPgA:tmLfErH69PeIvHwIFYqByz
Score

7^/10
- Executes dropped EXE
behavioral1
- Target
  
  RAMMap64.exe
- Size
  
  354KB
- MD5
  
  633470671cc8035b945f7ccad2cd4024
- SHA1
  
  c3807ead9f2081d8d92bf25ec7fdb8a777c837d6
- SHA256
  
  f80852a5ab710dde6489760b3fba6907ba63a7d9704dd2fc58b387c472541bf0
- SHA512
  
  c89807e4af79afe5331a2f7a26c178a833eecee2c8c8cc380de01baec9cd1f647e13aa294887788ad87356da3278ebeeefb3dee0bd8f37f135479dd1c022ee33
- SSDEEP
  
  6144:LWsH7fIfITRY4Nk2mBaHTnHnMshTZW/BLEKC0dUcu:LLbfIfITRYei0TrhuPu
Score

1^/10
behavioral2
- Target
  
  RAMMap64a.exe
- Size
  
  370KB
- MD5
  
  1de68434548372c7d3eb79b3f10fca3e
- SHA1
  
  fbb9728dd7900b72808ff6aca815b0c5de43445d
- SHA256
  
  9d110b7af0f89899bd6c8e7b3d7e689dd1e0f5471ad7aef03e8288ba169f4de3
- SHA512
  
  186bdc837f7f4630cc9e20c3b71bd654ccdc854c7b998c1ae5b779a6cd63eacdcdb5e082b2de812f959ed035cffc03178173c56615ca5dabdc974ec37a42a263
- SSDEEP
  
  6144:0P+UfQYBtIR1EIZbWOsNDCu1RGjC6UgvubhBM3S4MI8k4cXU:xP11dGRGe6U+utCXU
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3