0db433e95fedaa65bf599771a91a55ad495c78bc00e81201e937429fd98559aa | Triage

Sharing

General

Target

freedom.v0.94.3.zip
Size

507KB
Sample

240606-qcwjasfe44
MD5

2b49f6b23abf94845925fed00a57d515
SHA1

4d3212fc74d5fb13f83f4d990c47165e70e4dc65
SHA256

0db433e95fedaa65bf599771a91a55ad495c78bc00e81201e937429fd98559aa
SHA512

65b7d809096becf1ccab3e62f3cce6b41ebec651fc60a0928f3e7b9045da1d844bd059e1a18ed0863eb4b2bcdfa8ac8b201758a33a3cc4ef150c3025e15a9e1b
SSDEEP

12288:K+/IdPOH3roDLBiu/jf8xfAyAXHlhrt69xkQdVvuFlL158lNRCKApmil:B/IdPSoDL7/z8xfAy4rt5mmFlLDiNRfC

Score

6^/10

Malware Config

Targets

- Target
  
  freedom.dll
- Size
  
  740KB
- MD5
  
  f643e6ddd7afeed1c03ca69a8e71b66a
- SHA1
  
  a2c6655ead23c3c4dea9171c5aff4adfeb15ea47
- SHA256
  
  5733dc037491e1fbbd639131ee462afb69a8fe10680e72a240eed268878bdac4
- SHA512
  
  ad599fbeac0fdbd86ab6e2395c3d82a589e66bdfbef24870122580da4aaf534d610425da8cc82181b326b0fcb65972957c2e74430f6f950c1bc3cdc0da93671f
- SSDEEP
  
  12288:ab+Azqyc+GYIvPc/90guuCPzhDAQuoBmbW65dH580JAy0J7IRdwhS4O04htM1D5:ab5Wyc+GYmc0guuEtMQxmbW0dH580xY/
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  freedom_injector.exe
- Size
  
  133KB
- MD5
  
  675aada50d6e4750ed3a58247ba690bd
- SHA1
  
  9a928939667157818a702794eb2364cb0283797f
- SHA256
  
  c1407848dd80870ca689deffd0945abb5a486699cc8c09602388d58fe4c9f2b6
- SHA512
  
  0c47be384ad15de7d4a4560ad5f8e6a012df3552065b62f853955e4a98805bd3a50738b7d2c9933fcf560b56ea141ce0c108edb37e2054b3d4faac6dc67e0e0c
- SSDEEP
  
  3072:8eKrtSVowAs1c6AuSFU3vm/s+XpLN6JZ8uZZ/S:8NroKwDAuT3vCdpLYG
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4