c43566d17cdb66fb1ffa05d36f05e56c95edf0b2930c34e341f7e10007c392f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ResonateII.exe
Size

233KB
Sample

240429-txn7hafb52
MD5

b811abc76ffb771b4d8c4122d1b5887a
SHA1

429c85da69ea93ac98fe66a9e97ad0b656159465
SHA256

c43566d17cdb66fb1ffa05d36f05e56c95edf0b2930c34e341f7e10007c392f3
SHA512

16885587e92ebc7b7c94da7173a3fbce6565e1207488f0a5fae34044a8f8cd89aacd15d1ef33b165fb129fd47970a6da3ce75bcd91074982a797e93dd547f7b1
SSDEEP

3072:Q18NTN+jjChCPu4ZZzyU2uMuNmWyPkJrbltlYTTy6/WPR:QDqdugUX2kVvlYTn/W

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  ResonateII.exe
- Size
  
  233KB
- MD5
  
  b811abc76ffb771b4d8c4122d1b5887a
- SHA1
  
  429c85da69ea93ac98fe66a9e97ad0b656159465
- SHA256
  
  c43566d17cdb66fb1ffa05d36f05e56c95edf0b2930c34e341f7e10007c392f3
- SHA512
  
  16885587e92ebc7b7c94da7173a3fbce6565e1207488f0a5fae34044a8f8cd89aacd15d1ef33b165fb129fd47970a6da3ce75bcd91074982a797e93dd547f7b1
- SSDEEP
  
  3072:Q18NTN+jjChCPu4ZZzyU2uMuNmWyPkJrbltlYTTy6/WPR:QDqdugUX2kVvlYTn/W
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies system executable filetype association
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence