b8ff1dd80f370b137922a9dd2d8b04e16fd4f8681458f92c566e65e2e80724ad | Triage

Sharing

General

Target

HashTab_v6.0.0.34_Setup.exe
Size

1.1MB
Sample

240508-j5zm4aba5x
MD5

0a401aec90a0b4f4da73b4131f24eda1
SHA1

e0ab0528ab4daa470ec2e1d6a723cd6a308306f7
SHA256

b8ff1dd80f370b137922a9dd2d8b04e16fd4f8681458f92c566e65e2e80724ad
SHA512

7d28c09e5536d2cec1e7f2b57817dc7061fdb82bbc0352515154e18fd20caf7bbfa79104f388e4f3bc20a7c0c5732fd9f5d51708805414300d558b3f6cd02365
SSDEEP

24576:r7LyKHCmlCRWCjgzh5gHE9WIrAp8YOyS1Dm2CyE8rHNQOo:DyKHRERWCszhqEw5qYOygrf1o

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  HashTab_v6.0.0.34_Setup.exe
- Size
  
  1.1MB
- MD5
  
  0a401aec90a0b4f4da73b4131f24eda1
- SHA1
  
  e0ab0528ab4daa470ec2e1d6a723cd6a308306f7
- SHA256
  
  b8ff1dd80f370b137922a9dd2d8b04e16fd4f8681458f92c566e65e2e80724ad
- SHA512
  
  7d28c09e5536d2cec1e7f2b57817dc7061fdb82bbc0352515154e18fd20caf7bbfa79104f388e4f3bc20a7c0c5732fd9f5d51708805414300d558b3f6cd02365
- SSDEEP
  
  24576:r7LyKHCmlCRWCjgzh5gHE9WIrAp8YOyS1Dm2CyE8rHNQOo:DyKHRERWCszhqEw5qYOygrf1o
Score

7^/10

discovery persistence
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  3e277798b9d8f48806fbb5ebfd4990db
- SHA1
  
  d1ab343c5792bc99599ec7acba506e8ba7e05969
- SHA256
  
  fe19353288a08a5d2640a9c022424a1d20e4909a351f2114423e087313a40d7c
- SHA512
  
  84c9d4e2e6872277bffb0e10b292c8c384d475ad163fd0a47ca924a3c79077dfde880f535a171660f73265792554129161d079a10057d44e28e2d57ebc477e92
- SSDEEP
  
  192:d4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjsK72dwF7dBOne:Wn3T5KdHCMRD/R1cOnrjs+BO
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  3f176d1ee13b0d7d6bd92e1c7a0b9bae
- SHA1
  
  fe582246792774c2c9dd15639ffa0aca90d6fd0b
- SHA256
  
  fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e
- SHA512
  
  0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6
- SSDEEP
  
  192:OPtkumJX7zB22kGwfy0mtVgkCPOsX1un:/702k5qpdsXQn
Score

3^/10
behavioral5 behavioral6
- Target
  
  $R0
- Size
  
  1.3MB
- MD5
  
  6e6559ac4c7abf6f7d60165e1c2f9b65
- SHA1
  
  2d0faf4d27680c9c971f8ffbf2b0152b8fb9c4c2
- SHA256
  
  33110cfbb450b0a06a9a70449e674774823e730ed37dda83a25dd0dbc81f8b21
- SHA512
  
  22eff4290feae094d14559cf150bc3d6cc5203f79554d8bee8bad7a7b509a5cdd953e45eb897dabffa1377b7636e03cdd83ec6de903970b65dce1f7475af4dca
- SSDEEP
  
  24576:hqSCTJeq4W2L/yF6/D48i8Kfy5w0aEJiBjkL9hhKfVqe:vCgGF68kK6mtTBChwVj
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral7 behavioral8
- Target
  
  HashTab32-6.0.0.34.dll
- Size
  
  1.2MB
- MD5
  
  5ebabc79ba313e50e024cc9099c90152
- SHA1
  
  d78b4453fe5226a2a129beba59aa4ff724e76092
- SHA256
  
  b6c79d19cf48580ede405e33b7975773ce5d23b9be5a6cabdb17ddb908c61735
- SHA512
  
  ed5fd6d98a1af599132b0cf1700ed77532b640ce452239b1e4044d9ad97530ee67b6010b6fb943ded03328db47e2f7fdc2b24f2136b03026475e432d5cefbfc5
- SSDEEP
  
  12288:FHHwfhr7G5CqSgqqxy+gaOxx2rIRTos+OeO+OeNhBBhhBB/RvMsr0M8P3024rBsQ:FHH+qCqSD+OgQ+RvMsrH8P02MsAqu
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10