b42b75206b72fe24558f27d9c26f3f6234e904981526bc6e15228c3e37cad58a | Triage

Sharing

General

Target

b42b75206b72fe24558f27d9c26f3f6234e904981526bc6e15228c3e37cad58a.zip
Size

24.2MB
Sample

240521-rslvgaha89
MD5

045095239a5682c891f36f8994775406
SHA1

6a9f96835cb8e18bc48e903c92c7a19a2e72a98e
SHA256

b42b75206b72fe24558f27d9c26f3f6234e904981526bc6e15228c3e37cad58a
SHA512

ed32bf3d7740e68a4df606f630fe06170fec5c2eb631019af4b0a4d3491c56569f5fbcbe73b9c0485cb0cdc8b1348e27f20544f5d476d5f4e276a603b210b894
SSDEEP

393216:kktOfXrfP0mr3kMLLdnlvJMiZP4jx8qhzW8OTpN9aAkXvKLwVjoQQ71W4M:kaEXrprUMLLxsyP2xL6pZ0/K2oQYA4M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  NvCamera/NvCameraEnable.exe
- Size
  
  365KB
- MD5
  
  d2b5a824bbb8ac3d39666ccf901d0b24
- SHA1
  
  410bb0daa70ab851f6db025c7e0449dc240865b3
- SHA256
  
  0748d5ad55261f4bd10cea8c6c5c8deae1ea361c34a829f1ea3dafd340bbe32e
- SHA512
  
  25afd2cdd26ef3a3b19aaf77744bf1bd447e47f46815df306525209a2b1567bc9dd74da95f8215a505ff5a87f69a081306c4472919e6fbc5a59347ec50bc7d2c
- SSDEEP
  
  6144:pwJ02ip3sgixWYchKF7BrEniWtzMbSXWiG8AN2FJIXjbAOhn3Bu1Qzq:p+3GpixWYc0F7BrEiQzMbe2LnRGQu
Score

1^/10
behavioral1 behavioral2
- Target
  
  WININET.dll
- Size
  
  32.8MB
- MD5
  
  c83409c94dad2ad6431cbda008c9ee3c
- SHA1
  
  44c36d857685273141d5e69668451851e57afaa3
- SHA256
  
  4c9f8692fe005d5d7e2edcc05f0b01c36bf11f0ff580a47c77fd1101cdb92185
- SHA512
  
  f30b1099a145a786c95c25863382ac7bc2adeafe77bbe1c31f1d99a4fa7ac677faf950ad7c05d144bf2643869d314ab59ad81096adecae49a0c23bf12f8d1c43
- SSDEEP
  
  393216:4akdM4o3a9CcwTWBvFgYdiXUxDmTJqIWlj36Ul2nong9Wbk5ycDS/aKO47T/9r0c:NuCcwTp2P
Score

3^/10
behavioral3 behavioral4
- Target
  
  gameux.dll
- Size
  
  20KB
- MD5
  
  144ebe37b975f193ad7c665bfeb8bb0e
- SHA1
  
  15dfdb493f4b60476ff2794a56b2555ff3827d3a
- SHA256
  
  2e9521f5abeb8dbb1077e326c7391dd6a6a9a30fd71653a5a7f3ad72e997f8cc
- SHA512
  
  f0d480fd4c8b2b83e8376a1afe5701b3fcd3972330d09fad45eaced67d078d22b6f0129b341ef5fbfb2d256fa961f4d0401cb0d5ab4bdc46e35e6544adcf5e91
- SSDEEP
  
  192:a4d4oBRpxy6yI1PSqB3h0JQCeFDQ2CPPiL6/aKkavYjbEA3cUbBZXW4KWzQ:ll5xbyI1PnR4eCPKL6PkaWbckpW4KWz
Score

1^/10
behavioral5
- Target
  
  vcredist_x86.exe
- Size
  
  6.2MB
- MD5
  
  99e3d99d8ed70ac88f59e31757ed3d62
- SHA1
  
  18f81495bc5e6b293c69c28b0ac088a96debbab2
- SHA256
  
  bbc26aca42cd311a0e1ea1356852f061d863af047f1891ac9952ab7e7cb8e04f
- SHA512
  
  34ff42d09d1738df912823fcb8c16ab28927415f736f0a49779f9eddf0e2fe36682fa3d021414b4751532b0d385aa513290f6c44c48936500c9a58b332fc147c
- SSDEEP
  
  196608:sLRDnuBotjJh2emr8L/YIsG7MOgqHG64n:0RDOotj+eBLJ7XF2
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral6 behavioral7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7