b3c27c4c4db1ee499afb4de38367c45d4c1a00c3878fc3ba3061a44f5fbc27da | Triage

Resubmissions

21-07-2024 15:04

240721-sfz21atgld 8

17-06-2024 07:34

240617-jd8fxsvaqn 7

Sharing

General

Target

RewAdIs Launcheri v0.5.7z
Size

1.9MB
Sample

240617-jd8fxsvaqn
MD5

c9075fe0bf2a613729809e0f709ac9d4
SHA1

02483c3b660090260640c544ed2e4e84c2bcbeba
SHA256

b3c27c4c4db1ee499afb4de38367c45d4c1a00c3878fc3ba3061a44f5fbc27da
SHA512

b34484a8c241c71ac24ec1e6d41cbf87448797a7b8d8ea73d9d87438f51cf0edc313c726ea13a90812322d95bb2a12c45c7e7baee8bf2019b1e145a5c3417dbd
SSDEEP

49152:RNggqbXi6oGltowwuc3aYmQImqkLnEqety14/1rozJm:RWFoGYTqIEqC710zJm

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  RewAdIs Launcheri v0.5.7z
- Size
  
  1.9MB
- MD5
  
  c9075fe0bf2a613729809e0f709ac9d4
- SHA1
  
  02483c3b660090260640c544ed2e4e84c2bcbeba
- SHA256
  
  b3c27c4c4db1ee499afb4de38367c45d4c1a00c3878fc3ba3061a44f5fbc27da
- SHA512
  
  b34484a8c241c71ac24ec1e6d41cbf87448797a7b8d8ea73d9d87438f51cf0edc313c726ea13a90812322d95bb2a12c45c7e7baee8bf2019b1e145a5c3417dbd
- SSDEEP
  
  49152:RNggqbXi6oGltowwuc3aYmQImqkLnEqety14/1rozJm:RWFoGYTqIEqC710zJm
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1
- Target
  
  7z2401-x64.exe
- Size
  
  1.5MB
- MD5
  
  de644b4e1086f1315c422f359133543b
- SHA1
  
  54be86d121879b0e5d86604297c57a926d665fa8
- SHA256
  
  17a507cce4066c4be7db53d64d9a9e11dfecfd4f2411393690506e591b5895cd
- SHA512
  
  714d41254352d91834a4b648d613e9b4452b93b097b5781ec5bf3ec7c310a489d3a1c409b2f0a6946822b96f6943b579910d26a5f4324b320d485e856dbdcb1a
- SSDEEP
  
  49152:8yEuRNRgYQYk6tC0tkaNuiXatTQY7quUncuTVyvn65:8yEoL7tCzlqLcuBz5
Score

1^/10
behavioral2
- Target
  
  Beni oku.txt
- Size
  
  96B
- MD5
  
  11404cd38ee4d3c09f68dc272b79756c
- SHA1
  
  af14a99d926f18e60133e2fc93cfe7f24087f34b
- SHA256
  
  02a12b1140441109b60546afa8b48cef9e18781ee3040aadb057e479271473dc
- SHA512
  
  575f26c661f27c85606d4ce3086ebc8daeda88c458f1f77676111cff98975a36862a57a5f5bd8906bd0c2533d6c36f80237b09c564a772af41c68b67268eb6f3
Score

1^/10
behavioral3
- Target
  
  RewAdIs_Launcher_v05.exe
- Size
  
  1.2MB
- MD5
  
  053487a5f68d7bb1a8fb36d07edef428
- SHA1
  
  799a6e4be54ad869319011380df12b6368024f08
- SHA256
  
  6c957cd9581d6c18df39a3b458ff6ac4d8b388cb7b66fb97ba4d314334493029
- SHA512
  
  f07722d73238226d04dad7f54b99c2f28f045d08b39d0e6133bd84a8d7316b6a84c07a2dfd2f1953c91744a036ed96f7944d8d0b638a9e7a264761096e31f18a
- SSDEEP
  
  24576:1RaZROMOm8FN7TjsPnzt2heeRhQbJEOeamDZNuFf:fkxOm+7TjsPnztyDMmawu
Score

1^/10
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

behavioral3

behavioral4