130bd12cad8dd12f693ba7bab1507b02a6fe30d91b6cb61fdeb7203b1bb8c7ea | Triage

Resubmissions

13/06/2024, 11:15

240613-ncjhmazgqk 8

13/06/2024, 11:11

240613-narffswdrb 1

13/06/2024, 11:09

240613-m9gjvszfpn 8

Sharing

Copy URL Twitter E-mail

General

Target

MM2 DUPLICATOR.zip
Size

22.2MB
Sample

240613-ncjhmazgqk
MD5

3a1dd427df8410ed1f423313281904c9
SHA1

edb9c1a547eb36c6e69e3a56ef32c1537400d1e9
SHA256

130bd12cad8dd12f693ba7bab1507b02a6fe30d91b6cb61fdeb7203b1bb8c7ea
SHA512

edc15c9a45d8c2fe9a242d385422975aa533f6e159a4ee10667f1c5de274583887c4411018f246f9a9c29a24cbb0c3ab7b699717a0899a949c987c2bb7299b2f
SSDEEP

393216:FtLfl56jpxHUyhWKKmVsdM+b78hCec313RO0TWZS8b4WucEWY48uk:FpNouQWKMPvecFKR4Wucyvuk

Score

8^/10

execution

Malware Config

Targets

- Target
  
  MM2 DUPLICATOR.exe
- Size
  
  66.5MB
- MD5
  
  de4239701e2752924f4cd708058e1270
- SHA1
  
  cc22264e5e8b44baee16dc557fac85ccd05d420f
- SHA256
  
  9db39c31fee60756e0b08ad1576b699350173eb2476d0c0e06e77e7b02931491
- SHA512
  
  67d3b8b6182b73a8e4aa393feaa50c577e1d82b0df4609f00317bfc331784a35a0a30234e80b6924af520c4a402adac9abaa2836c70c9d6c8bb1e7d6c9180f5a
- SSDEEP
  
  393216:3HlGwix6bVYeCovVXbiAi95SLc59c25vBFkIeG:3HlTixeYstEH59VfuIeG
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2