d276f07b8b4bbae22e9a6d132575e592379ffa926dd799edc8af90b7c32469cc | Triage

Resubmissions

10/05/2024, 23:38

240510-3m7ersgd9v 8

10/05/2024, 23:15

240510-28h4maab26 7

Sharing

Copy URL Twitter E-mail

General

Target

TangoGen.rar
Size

39.6MB
Sample

240510-28h4maab26
MD5

b58c32edcd7f6a0dde017e53b366734e
SHA1

f8d849e656e7e558531bc50f9bd21ff5ed3ba0bc
SHA256

d276f07b8b4bbae22e9a6d132575e592379ffa926dd799edc8af90b7c32469cc
SHA512

f8735f6255d91a5b995c9ce649081c7168192e1ffdc530b3f7437d8814499d7169b548f019fc699546aa948f0a1c6645b9bce011f8f36d077f13c2561ee4a43e
SSDEEP

786432:KPHWHQPy/YHd36kucu8MrAoX+BFPdE0A9hC9OsHSUejej5siFGxUEOOEDolF6:6WHs36kuzPrnoED6OsHSUejG5siFuUMW

Score

7^/10

execution persistence pyinstaller

Malware Config

Targets

- Target
  
  TangoGen/TangoGenV1.2.EXE
- Size
  
  43.6MB
- MD5
  
  35e4b9c2f0d48ffed12b8344db2802c2
- SHA1
  
  3aceabc15da4ab3194c25e2d2bfdabaab94062eb
- SHA256
  
  b136849f9ecb2a9fd16bdac33f7ace3f9be6e3286e6c73fb7cb8f09b2cb2ad0f
- SHA512
  
  28fd7b2716276b5423bcfcb157ec00ff08f70a3620a29a66401f5540a896d583e8046e921f59b09a5b999f9430ada859c1df82984770923f7ed31134856d8e48
- SSDEEP
  
  786432:IUXkFxHQ/yaOOcljqeqpxbjJlD2Ad5+i9smYHCdXQsh4TFJciB36BFHUNfGuWP+O:I+kTAzclu5JF2Adl9smYbs6V3uHEf1IN
Score

7^/10

persistence pyinstaller
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1
- Target
  
  TangoGen/assets.dll
- Size
  
  5.1MB
- MD5
  
  773b3b72481fd8ef9b62b5ef0fe8040a
- SHA1
  
  a42cbc7aab88689e834c158b24af8722586cf1b4
- SHA256
  
  7f93fef11819a9f4b8edd342a1c2d3dbab25698ed75f9713ee1167fa2f852331
- SHA512
  
  db7d29100060afc909cbf20bcd6d9c02fc0b29d8ee32606e2d6cf18270484f2b46853cda0b495a85cc7a2e3ae4536030a25216f101dceabf2f972e3375208c38
- SSDEEP
  
  768:+UI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUI7yUIn:3
Score

3^/10

execution
behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencepyinstaller

behavioral2

behavioral3