3488f71a9391b12899e85719762bf1cdff090e1bb418bda606ef44febdab9a85 | Triage

Resubmissions

01/06/2024, 19:12

240601-xwgyksch58 10

01/06/2024, 18:47

240601-xfmtwsbe9y 3

Sharing

General

Target

Spooky’s_Jump_Scare_Mansion_Free_Download.zip
Size

9.0MB
Sample

240601-xwgyksch58
MD5

4620d158bd6c6a616dc911c5feedc639
SHA1

0705bf94b2545995c4ce80030f2dc00d606871cf
SHA256

3488f71a9391b12899e85719762bf1cdff090e1bb418bda606ef44febdab9a85
SHA512

cb1bccf861fd41e61749c94c9d4c737137c8af218687ab33bf4b0f805dddc38932826c069157f68c35b2afe88be7b11e1fdb563804c44c41bdd9843538c75229
SSDEEP

196608:xJ0K+UGfx7PCjDCNuc9DPs4AVT6CJikvqtLue:X0K+Ue7PCaNFwzJi1Ee

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  Spooky’s_Jump_Scare_Mansion_Free_Download.zip
- Size
  
  9.0MB
- MD5
  
  4620d158bd6c6a616dc911c5feedc639
- SHA1
  
  0705bf94b2545995c4ce80030f2dc00d606871cf
- SHA256
  
  3488f71a9391b12899e85719762bf1cdff090e1bb418bda606ef44febdab9a85
- SHA512
  
  cb1bccf861fd41e61749c94c9d4c737137c8af218687ab33bf4b0f805dddc38932826c069157f68c35b2afe88be7b11e1fdb563804c44c41bdd9843538c75229
- SSDEEP
  
  196608:xJ0K+UGfx7PCjDCNuc9DPs4AVT6CJikvqtLue:X0K+Ue7PCaNFwzJi1Ee
Score

1^/10
behavioral1 behavioral2
- Target
  
  password.jpg
- Size
  
  6KB
- MD5
  
  9137bcf92957626481428aac6bbe7336
- SHA1
  
  d5e6db7c9e3f26f0d7ae331660efa23afe09d70a
- SHA256
  
  ebff8f2801e7c9629406c4e8d475ba18367e2fd7f6c026ea3ab51a6c97e0699a
- SHA512
  
  15e7f43e9370c5a0da817bf4a0b60e68c1e6bfc62d4ed514a5976672bd895acc43b22d103f206e0851394738ef8a06f63da4ead52ec2bcd9b9747ffb980f5837
- SSDEEP
  
  96:5lIlZda31aKbxd2LImHXxNDlGfK0+VOv1HnqEh806RKlNlj:5lmaIm/a3xNDolRDhEK1
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  safe-archive.zip
- Size
  
  9.0MB
- MD5
  
  6953b3debdfc1cfd997d9dc66ff34b39
- SHA1
  
  a2847e3ddf7ac65bd25cf77430e604fd77d5713f
- SHA256
  
  1147d7f1cad54c179d234ee528dac75118a9a381f1ab99a64cc3f10483fe5e52
- SHA512
  
  3ee19e7f34de13b0c4ff0b930f6640b5b86df46609a652733815734af34183d8f95179ed5ee12862b1d18ee0c953d3744ca7ed87c2a16e1e7d58c6b49cff9930
- SSDEEP
  
  196608:CJ0K+UGfx7PCjDCNuc9DPs4AVT6CJikvqtLuB:S0K+Ue7PCaNFwzJi1EB
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6