ee6726eb2078eba295b02a12a41a11989e39332ca215e7f82df07b1656446e25 | Triage

Sharing

General

Target

Twister IceFun.iso
Size

17.2MB
Sample

240615-h71gqswbnp
MD5

4aa81a8a4c8527562835ae3f088f3866
SHA1

e88365eacdbf20b465d5a0f87687d32f2c0f6c3c
SHA256

ee6726eb2078eba295b02a12a41a11989e39332ca215e7f82df07b1656446e25
SHA512

27866ba8d0e92bf697fb51af4b62d4be213679fae2fa06eed802cba1f0c355d5c75492fd1eff9f5cd2e53f2ad59da9c607e72eae9afd2aca43217df1511723bb
SSDEEP

393216:A1q9k/HOXhza7DpQCO8QgiyDVlknckoxkMmcERC7:st/H8hza7DpQOlkckoMcERY

Score

7^/10

Malware Config

Targets

- Target
  
  Twister IceFun/Autorun.exe
- Size
  
  4.0MB
- MD5
  
  763a177e47b5dd1fcd2ea110ce104514
- SHA1
  
  42e9681ea0b6d8a65d6176cd7f850517e2567c49
- SHA256
  
  e4395ede12cbc68d08c722493a7275c2ba994a86787a764054b89ba47eac728d
- SHA512
  
  c9ec9d041f8a0496e6b88c48c11f05d5c16727a1efaba693ad1a0d2db8b020a24f7e44b775e1310fe2b8d70ac7735688a7732b355a502e30aba77c7640b06b25
- SSDEEP
  
  98304:a8M1LcgGt1nju99W66siH8wBjABdKGqEOddOhX:+Lct3q9kuiH8wdALVSOhX
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Twister IceFun/swf/flashplayer_13_sa.exe
- Size
  
  9.9MB
- MD5
  
  ee097b095fe9098fb05acb318fa117b0
- SHA1
  
  a423567d6932a5886eefa671c0ac9b28c04d2f3f
- SHA256
  
  1fb9a37f6da7f7482b188579717b7308d008a341e7c8e527b52f8665d96a8ead
- SHA512
  
  3c38d68e058b2f59004914ec8fa41eed96db61a9d6dc243e8e3ae1d895f79171145a44efbd18933a9475b85716eb691f2da1eaf34d3caa2bf8f343d7d46d1286
- SSDEEP
  
  196608:lv5Qapru7Dy8D3A7GOGqZcivKbnQgiyIAVlkW8+DxXjKry0s6O3:lhza7DpQCO8QgiyDVlkncko3
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4