581c25c2f7ff6233d3e0831702c7df97360bd6830989e2a48d99c24183c36050 | Triage

Resubmissions

22-07-2024 16:20

240722-ttb3rsxaql 7

22-07-2024 16:17

240722-trpwvawdlb 7

Sharing

General

Target

WP Checker + Uploader (2).zip
Size

12.2MB
Sample

240722-ttb3rsxaql
MD5

147e97e7c4dd1fb838986ec1e9be8ef8
SHA1

ddfa9912092ac7e64a13688f5e5c7298a68ec2e4
SHA256

581c25c2f7ff6233d3e0831702c7df97360bd6830989e2a48d99c24183c36050
SHA512

8b60ced56dd830484dff6b926d1685c215fc169a96cb329f517fcfcc33ad989e4b3c3348da9da93a17f0d7c19b04f002a948fe237fdb794d9c3a1fcde87b0729
SSDEEP

196608:dxutk4Y9nLt9kDNIJTlVMxlhU1FaprNhp1XUUhmkriKAdOZoF1:dxJ4sLt8qJTvMbhkIRzptri3481

Score

7^/10

Malware Config

Targets

- Target
  
  WP Checker + Uploader/WpAIO - Beta.exe
- Size
  
  11.8MB
- MD5
  
  8df7ce5574985f95fffad71cf779854a
- SHA1
  
  7c1efec62768f8de1c58d46000e799552b61c375
- SHA256
  
  1296f9a2027ca9ff3b627c93b9b9ddf411c1fae3ec3196bfb44f758cbbf78b60
- SHA512
  
  066baa3cfade17824b8ba234adad1517e8d06e6844737ec7219a2a1d53396159f11ea294248b0d4603f4824b7a482f1435552075abc362d347b0762d8e57de9e
- SSDEEP
  
  196608:QMLiWqdvwn3yOnOFFF9WHRBCCHqlJtrRtlVebcyPwgCf:QZWqYnDOFFTWxBzKbRRtgPwx
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1