627f9bc0549fc366b502b7802e74270664a7518171544fe3ab963df5bfd54992 | Triage

Resubmissions

27/05/2024, 01:35

240527-bz66zsce93 6

Sharing

Copy URL Twitter E-mail

General

Target

InstallWavePadAudioEditor.exe
Size

3.0MB
Sample

240527-bz66zsce93
MD5

4a9b1094994fe6967b290c0ae91c56fc
SHA1

7850f3916b6ddf906950adc584ffe062bc201997
SHA256

627f9bc0549fc366b502b7802e74270664a7518171544fe3ab963df5bfd54992
SHA512

1cf7092430d941afc0c6f328a682c75c78c0ef1ce586a757fd0d1f31550a270fabe873ad60ab6b11f4788cf9d2c22ab0c4080e2d080df83abb7619362add2413
SSDEEP

49152:DK3EbWsbnwoH8GDQPfJoiISRnFlbgSTQAgINXWY+E6a6Jg5QL/djLD+xPK0nAL:DK3EbW+wVTRoIFWSDN/D6q5UdjX+xs

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  InstallWavePadAudioEditor.exe
- Size
  
  3.0MB
- MD5
  
  4a9b1094994fe6967b290c0ae91c56fc
- SHA1
  
  7850f3916b6ddf906950adc584ffe062bc201997
- SHA256
  
  627f9bc0549fc366b502b7802e74270664a7518171544fe3ab963df5bfd54992
- SHA512
  
  1cf7092430d941afc0c6f328a682c75c78c0ef1ce586a757fd0d1f31550a270fabe873ad60ab6b11f4788cf9d2c22ab0c4080e2d080df83abb7619362add2413
- SSDEEP
  
  49152:DK3EbWsbnwoH8GDQPfJoiISRnFlbgSTQAgINXWY+E6a6Jg5QL/djLD+xPK0nAL:DK3EbW+wVTRoIFWSDN/D6q5UdjX+xs
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2