29e65b74b8ffaedfc0fc4e233684c89eaa4a2f36c4fe478a3d851991b32e5950 | Triage

Sharing

General

Target

Xfer_KeyGen.exe
Size

559KB
Sample

240521-t2cz2abg59
MD5

3502197687f3356bc50ab03329831d22
SHA1

a6ad8b22a2a45eda34c64d33e55236e3d3cf440e
SHA256

29e65b74b8ffaedfc0fc4e233684c89eaa4a2f36c4fe478a3d851991b32e5950
SHA512

adffec8a1940113c1a7545a8778fc77db1f9bf6f0a4f216f96bef5ea9197831e3821d4f5b822e08fcc15477a3650ab60dd88814008b85db56b27f5c624c0eb7d
SSDEEP

12288:XYkc9t2Sll/Sq9x4oWrSfzTw9wViWOfo1l9ds/7NPq7:XYkcL5Sq/4jurIGOfobvkNPq7

Score

7^/10

Malware Config

Targets

- Target
  
  Xfer_KeyGen.exe
- Size
  
  559KB
- MD5
  
  3502197687f3356bc50ab03329831d22
- SHA1
  
  a6ad8b22a2a45eda34c64d33e55236e3d3cf440e
- SHA256
  
  29e65b74b8ffaedfc0fc4e233684c89eaa4a2f36c4fe478a3d851991b32e5950
- SHA512
  
  adffec8a1940113c1a7545a8778fc77db1f9bf6f0a4f216f96bef5ea9197831e3821d4f5b822e08fcc15477a3650ab60dd88814008b85db56b27f5c624c0eb7d
- SSDEEP
  
  12288:XYkc9t2Sll/Sq9x4oWrSfzTw9wViWOfo1l9ds/7NPq7:XYkcL5Sq/4jurIGOfobvkNPq7
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $TEMP/BASSMOD.dll
- Size
  
  33KB
- MD5
  
  e4ec57e8508c5c4040383ebe6d367928
- SHA1
  
  b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
- SHA256
  
  8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
- SHA512
  
  77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822
- SSDEEP
  
  768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0
Score

1^/10
behavioral3 behavioral4
- Target
  
  $TEMP/R2RXFEKG.dll
- Size
  
  3KB
- MD5
  
  fb235a312dbde4daf45aa6d62923d2c4
- SHA1
  
  67580595f059640b974cd585b3deac25aba5928e
- SHA256
  
  fb2ef28d03f1bbc60cb564cc8d90b3469f3ad393d81020b4afe2501c1b60da9c
- SHA512
  
  14c7ba743221520753266119b4f91023321fdead7e3f941e4c6ede1b439886fcdfe7565eefd00d03f7c93686234ccd7369e150f2ad344d365ed0447c6aa6f898
Score

3^/10
behavioral5 behavioral6
- Target
  
  $TEMP/keygen.exe
- Size
  
  249KB
- MD5
  
  39940bef79a1d23adf86979d4d4cceed
- SHA1
  
  593f9ea0cd0c1c4ec35c92a4473ed05437fb22ce
- SHA256
  
  941267a1bd1328f21bbaf3a1ba5abe12196c3d57e4c49134c6764e7b143767d8
- SHA512
  
  12b8f61bb8c1c661d7d4c7aff5e2e3f2915cd1b3c923bf9b17dd3bcc8b3ffb4145aa86b284bedd2695c6e62117cc1257a896dfe3227961deac35e8e9836d12c3
- SSDEEP
  
  6144:pcmzikEPDonRgNgz1+hw6hNgPfHv9PAimIAOsE7c7:pc/kEPDonR6Y436vRH7c7
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8