f655576465177916f3f010f439dbfd092ae31c0bbe851e6fa83b8bdb6716f16d | Triage

Sharing

General

Target

MindWork.AI.Studio_x64-setup.exe
Size

13.4MB
Sample

240801-f12ecaybkb
MD5

606c1c9df78ce39c0a05d3ec2a5aed63
SHA1

15e37834e6195ecc6976d0f647f66526b15d957e
SHA256

f655576465177916f3f010f439dbfd092ae31c0bbe851e6fa83b8bdb6716f16d
SHA512

97060a2ce59c67b51428d1c94bb432c3fe3a3408c8a808ef3db344641a07899b23722505fe62c0584d7aff1374964023e0999bb645276a9e90d3a2dfbbf7e931
SSDEEP

393216:hKc2/TitCdYNavGdtD7AsbnqoDrn/baFCr1xJ7HR:hWLikdUZdtDDz/Ggr1/HR

Score

10^/10

discovery

Malware Config

Targets

- Target
  
  MindWork.AI.Studio_x64-setup.exe
- Size
  
  13.4MB
- MD5
  
  606c1c9df78ce39c0a05d3ec2a5aed63
- SHA1
  
  15e37834e6195ecc6976d0f647f66526b15d957e
- SHA256
  
  f655576465177916f3f010f439dbfd092ae31c0bbe851e6fa83b8bdb6716f16d
- SHA512
  
  97060a2ce59c67b51428d1c94bb432c3fe3a3408c8a808ef3db344641a07899b23722505fe62c0584d7aff1374964023e0999bb645276a9e90d3a2dfbbf7e931
- SSDEEP
  
  393216:hKc2/TitCdYNavGdtD7AsbnqoDrn/baFCr1xJ7HR:hWLikdUZdtDDz/Ggr1/HR
Score

10^/10

discovery
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1
- Target
  
  MindWork AI Studio.exe
- Size
  
  9.7MB
- MD5
  
  9a6fcbbe06b4171f4a9a58d2c04d0d0e
- SHA1
  
  6b994999cf5b2051e9ae0125c47cdd38dbb304b9
- SHA256
  
  6b4df7b9c3c0249e39cdb7a09f0942af2789f2a11e76d0e93b9f9935ba60b7ef
- SHA512
  
  2d3c5e6d458e91dcee8ce4c3436cc0357731ce3eb91d5ff3135faf465fe64574f2eee84331c6987e85359e21d7506572e7d6d03ec5b217560316264032cb23b9
- SSDEEP
  
  98304:BbIfOCPZp4smBif84yxYVioGr49reEls3VQCfR:B8fOjBiE4Fj9SE/Cf
Score

6^/10

discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral2
- Target
  
  uninstall.exe
- Size
  
  74KB
- MD5
  
  5c06c94b194eea30ab7a357f1173488e
- SHA1
  
  c7df3fab5e03f972133e6a5c8bd8d5107f79f886
- SHA256
  
  5e5f94e8211738adebcf5f837c83217b67102bd4112b3ee9c79d6bc6a01dd099
- SHA512
  
  15ca1f9bcea4fbf815f75af50797940f30f733854be00ca460fa20914c694de41b25f9f0d7a0cf4446093579ea162447b50739ea1150465391e893f9ba96dd78
- SSDEEP
  
  1536:XmsAYBdTU9fEAIS2PEtuugdLeAyNxWaAepkr+Sxor3hSSXmfsjpn23w:WfY/TU9fE9PEtuuceAXa+szZXLIg
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3