11879aaf810fdacf73f694015e4b75ab1c68be8eb372b76f1c03d8b21d0dc1b7 | Triage

Sharing

General

Target

1v1.lol_Subz.rar
Size

257KB
Sample

240723-km2v6sxbrh
MD5

646c0bcce5a1cbba02e12555e4ba0c3f
SHA1

406d1e749f77b331c0c5cbc4977002c89704dd8b
SHA256

11879aaf810fdacf73f694015e4b75ab1c68be8eb372b76f1c03d8b21d0dc1b7
SHA512

16953b0c223f258e8d4e00628d3f018a665eab36708092cc8a5dfbdc5ec821de2d719f04489ff595459e9c50cb3dda66ab4bdb69eab570ef88c1205c12b52012
SSDEEP

6144:wi8zD7uZ30sTaWbUBHTWWapGp3RdVJaEgLU1XG:sH6Z30sTaWQBzEMzdVNgLU12

Score

6^/10

Malware Config

Targets

- Target
  
  1v1.lol_Subz.rar
- Size
  
  257KB
- MD5
  
  646c0bcce5a1cbba02e12555e4ba0c3f
- SHA1
  
  406d1e749f77b331c0c5cbc4977002c89704dd8b
- SHA256
  
  11879aaf810fdacf73f694015e4b75ab1c68be8eb372b76f1c03d8b21d0dc1b7
- SHA512
  
  16953b0c223f258e8d4e00628d3f018a665eab36708092cc8a5dfbdc5ec821de2d719f04489ff595459e9c50cb3dda66ab4bdb69eab570ef88c1205c12b52012
- SSDEEP
  
  6144:wi8zD7uZ30sTaWbUBHTWWapGp3RdVJaEgLU1XG:sH6Z30sTaWQBzEMzdVNgLU12
Score

6^/10
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  subz 1v1.lol/1v1.lol.dll
- Size
  
  534KB
- MD5
  
  adc0f36cd8f487777b0b8cb3655898e3
- SHA1
  
  53ee41917ca35864c53118686f7b1b739c808248
- SHA256
  
  1d6e0247dfe3ed6a2b772394bfb432caa3c571a1405febf84580c484b06520cb
- SHA512
  
  083176a94835bd469542510d848cad64ce0583b7421f69c7eb9d5797d36fd9c523015745683963061bb9446138ecc64523d7bb21a0540a7fde00df0a94fd2e3a
- SSDEEP
  
  12288:aVHDyIjIMYCuk17b4fvLFWUn1ZuPuktwED+3:oeaIMMkFMfv8Un1Z93
Score

1^/10
behavioral3 behavioral4
- Target
  
  subz 1v1.lol/subz.exe
- Size
  
  26KB
- MD5
  
  865badf073378140dab7511b0dee0afc
- SHA1
  
  2ca65cda56aab2753204606d21d8432101bdc97f
- SHA256
  
  b8f42e6dcd16829517d25a55184fe6edfdcf47307242650a3f69af70e03eb080
- SHA512
  
  3c856db4b91f9e65f74862d3495a9f29b1977cb34afb48d0e613a9822c7bfd0b47e29aecf2cc901f8c6c7c1d1814b8b7d37e00e3de20781d1a84b85a75f8cd49
- SSDEEP
  
  384:befEpBwVQhGtxOZrX9qKRypUPa9BejCqttp2uYxSI8Vn9UKeQ3DDmd5G:C+QgXZi9Iuu2uYxS5UKl3nmd5
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6