49bc0bf3759bac6322ad584c9cc87f41bb17820dede17a78724283aa40742d87 | Triage

Sharing

General

Target

[2] Asteroid 24.4.5.zip
Size

4.1MB
Sample

240526-vvfm1sef34
MD5

a3c2ea4dac3842fb00f4e96c68c973e9
SHA1

1e8c94d2a4060e9dda3963f9496500a18f000435
SHA256

49bc0bf3759bac6322ad584c9cc87f41bb17820dede17a78724283aa40742d87
SHA512

0b3341cf3a00d8b9a164474b8b60c3956eac96fa2c8377dbbadf0afe25dd2d227317dbb2b16ffd9a36ba32d212a30d0e1eadd5a4925cf0b89bd89dfd852ed321
SSDEEP

98304:z6K6wTN/D6uhH+qJ/11yiH6Tf710pNLwbYD2FTDgTCVtreRUczMcCI/g6:zwGRDFV+I/1h4710pNLwb9nVtr3cCQ

Score

8^/10

Malware Config

Targets

- Target
  
  AsteroidPC.dll
- Size
  
  5.2MB
- MD5
  
  1892a8ba09e7d8b57e4475712678c5b9
- SHA1
  
  322e257374b4b14651437dd917196b0a2af5457c
- SHA256
  
  0c0ed1f047e71deb540b338ff50e548a4992e27f0a4508a63f72bb68cb2efaa1
- SHA512
  
  46a4020369ac9304ff40569afed53c9a560d4f47f654408c55f8af942ef8e27d07234f083d600db66ac81c792baffe6df1e5bacf2b746340139e2e30a26f1b82
- SSDEEP
  
  98304:G/+ORjEgPeQaSntN8oeXmO/qN9nVSarrPABDAwq1FbL:sNRggPeQaSntNBmmO/qTnkarrPABDAwc
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2
- Target
  
  Injectors/processhacker-2.39-setup.exe
- Size
  
  2.2MB
- MD5
  
  54daad58cce5003bee58b28a4f465f49
- SHA1
  
  162b08b0b11827cc024e6b2eed5887ec86339baa
- SHA256
  
  28042dd4a92a0033b8f1d419b9e989c5b8e32d1d2d881f5c8251d58ce35b9063
- SHA512
  
  8330de722c8800ff64c6b9ea16a4ff7416915cd883e128650c47e5cb446dd3aaa2a9ba5c4ecda781d243be7fb437b054bbcf942ea714479e6cc3cef932390829
- SSDEEP
  
  49152:l9hfV/U5NkLXXzGZjt6kFTCVP6hWE0wvmk/eE+FrAl+NGsOSE6IX8pq:Dh9/ULkjKxtTGP6VZd2rAcvOSE6Nq
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4