1d08b33d67ae41585ddbf7c172844e7e6ea5c8191a7738e0e8c6a831f6cb5b52 | Triage

Sharing

General

Target

52c45417346ec66003be870876e5aed0N.exe
Size

4.7MB
Sample

240803-fpq48stgrm
MD5

52c45417346ec66003be870876e5aed0
SHA1

f72d0a83302b2da65c00312586362b5395e01b44
SHA256

1d08b33d67ae41585ddbf7c172844e7e6ea5c8191a7738e0e8c6a831f6cb5b52
SHA512

66ec9f7a7a0573fbf100078322fd135b39b85e76bdb1b089a6676b84e0a2965d50cd646d871689b6bb49d5378ef57c45a56802a5a068eca9a73ae422d613a2cb
SSDEEP

98304:EGTeSgqHKekEq+J+4iE+3pp7rmPL0GPkLGknVTHkhicE8MtAkcXqhWmL78oGdYRy:ESeQK5d+XxcSkn9HkhicErtAkB5QdYRy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  52c45417346ec66003be870876e5aed0N.exe
- Size
  
  4.7MB
- MD5
  
  52c45417346ec66003be870876e5aed0
- SHA1
  
  f72d0a83302b2da65c00312586362b5395e01b44
- SHA256
  
  1d08b33d67ae41585ddbf7c172844e7e6ea5c8191a7738e0e8c6a831f6cb5b52
- SHA512
  
  66ec9f7a7a0573fbf100078322fd135b39b85e76bdb1b089a6676b84e0a2965d50cd646d871689b6bb49d5378ef57c45a56802a5a068eca9a73ae422d613a2cb
- SSDEEP
  
  98304:EGTeSgqHKekEq+J+4iE+3pp7rmPL0GPkLGknVTHkhicE8MtAkcXqhWmL78oGdYRy:ESeQK5d+XxcSkn9HkhicErtAkB5QdYRy
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  444e1109d960c307df0ca2b33a24731b
- SHA1
  
  55e3b57d06128911ed4af44858d199d9b1945edc
- SHA256
  
  b3ba181120cd5b57e2cd5435bbd64c3257f7525ade359f89554e93f466692125
- SHA512
  
  9efdb45ee0eae73c24d3f01ff799160090f2b1f0f28ee8da3af52992fec220bf905070ce5a6cc1b5657642440ad29c22bc6889cd3ee1f674a908a935dcf4c2a8
- SSDEEP
  
  384:fKlm7i+c3QW6ckPhyDEaLny2bbBBIXwZ:Cqi8BcyhEhLfbbTI
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  get.cmd
- Size
  
  49B
- MD5
  
  a8f88d66815ba23a14e13f2c653d2dd1
- SHA1
  
  a98f019b5b974ab740f0d1e43d28d19e50f4a32a
- SHA256
  
  60e62f52391683a2df8d7077f849676af0eb9e43a1a03998da00f7a1892c7fad
- SHA512
  
  8ab12ba70a940e911d7b8387ed73f7543492ab193ad9f16306c57ea4eb97c49ae46f637cc5eb446ca2d0383f34ab7761f31c802d5614e137ee6fd2cacde430bc
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  ls.cmd
- Size
  
  41B
- MD5
  
  057ab6a96043bd2276acd98eada420d3
- SHA1
  
  bbc20baa472f0294a931a3c55b6f8930a29dcd1f
- SHA256
  
  283d1d9eb8fdf6db8fe6024c3d324cf2a240c02754219406d585af1b7919612a
- SHA512
  
  d7972e27243610acd92be4283c935f240731ce82bd166198dbe8ee611b20150a2c39f28e50f0c172388a089ec80333dceacb2bfa3966f20d06c455fc502931c2
Score

1^/10
behavioral7 behavioral8
- Target
  
  split.cmd
- Size
  
  44B
- MD5
  
  53b755fe9ebc9d7cb81d4e4f95d52dcf
- SHA1
  
  7d4a026c529ef0225c35336bf41678c4fefca017
- SHA256
  
  d6faae4049133768820e55714ef4bc7907b331d65dca8c95e5ebfb957a8c7d31
- SHA512
  
  48fe1dc91edf31bb440f97474febd757fd0d078b642d08036e5b022a4e58c7d1526624ffa46d21aa2d85ffd311f96472008b1e7c4f242c2715dd8b50bdc6b460
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  uninst.exe
- Size
  
  57KB
- MD5
  
  dc3cfff7c7e83cb04970882158856c40
- SHA1
  
  589a2b20c0995f79f7a3d58adfe58ae9de9e8f89
- SHA256
  
  fdc085c4dc228fd0edb1c510190b6ada7cdc3b9abcd85d1f35d0de8650ddde68
- SHA512
  
  8984375674245bb91f54f2926d00544cf155f218bd0e9fe6a2218f22f0a050f3a992436f16c69b66effa6e2c718a77cc64aeda343cf3d077d926fc6d06acac5f
- SSDEEP
  
  768:nb4s6pIH65JbQRY63LVCIvFAUKWO95EnNz0D3VFS6sWkJYJRn1zgsA8ahRn3d19S:bjLaMv3xnCwNz0DxkJE+jhRZQEw54md
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  zAnsi.exe
- Size
  
  40KB
- MD5
  
  66d01e51b788f75ff075399805a376f6
- SHA1
  
  de8ee8fc6369ff51207e4ad69e2484d58c5ef764
- SHA256
  
  269a95766d7a8d35397cd7bb91cf01d65ea57f58be901fbe06e1d7ad76686f64
- SHA512
  
  89ec2692b62a529001eab182963e7a51ba9f6158361e15bd8d84795f6095a538631a9f74db201799a5ee99865481bbf1ed369b4093ee807ee06333c00c3b879c
- SSDEEP
  
  768:4CbqwQlSVwZglyFZ8Lk6SS39eUee/kX/ddjmRi+4VSrqtyQTf8x:/bqwQlSRlCOYhUexd9mKYQT0x
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  zBck.exe
- Size
  
  507KB
- MD5
  
  aa02597ffc2587e97598ecc937b3c65b
- SHA1
  
  092457a25ff5ab11e5cf7ff0c895424bc3c73255
- SHA256
  
  37527606cd98f6c7e2882af3c4091280e43e41ca9e44c7ed1521766c6f2a791c
- SHA512
  
  73cf4d7d9d0de6822d5425d3230d28de164c8eb444528e09c24c45b5405ea1e6d8a3007d5de6f3e5f84a341e5a8acb989543fbb19f7678730b564eaae93b6b74
- SSDEEP
  
  12288:OzOw90/222g1RtO937Et5PvkRSzWArk3OqXhS9:o/a/2S1RArEbvwSCLOqx
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  zBeg.exe
- Size
  
  92KB
- MD5
  
  bab63f96cfc3bf913cc27fcbf2a9040d
- SHA1
  
  3fd6b8056fdec43a0aa6d0924685b0c334f89a3f
- SHA256
  
  0fc4323ea5be8edd5058e5a9b93793f9f47bf95ccc206210cd954ece8a821c44
- SHA512
  
  a4f72c03c45ce72b507341e8441f4b289c948bfeb4a2c5375376cc98935811aaeb2d18822abbc315e0007af1f25fbeae31c1b78ecdf7b0fac0ef8b375936b7fe
- SSDEEP
  
  1536:5+q54UQG3y5x9f5CSYCzWW25DFgeN5WXr7u5kL8LnsBrO5qP9:h4UHC5kSpzT256eN5WXr7u5e8LneO29
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  zBoxbackup.exe
- Size
  
  577KB
- MD5
  
  c907e02de12f28201c9c278800db121a
- SHA1
  
  552e4969380ca593d6b3a9d77a36f6dc5a9ec850
- SHA256
  
  a57abfcb95d00c9ce3c9ee940c40cd89d4ea3a7af13f3c2d88eec3bb403803f0
- SHA512
  
  5263e624900225965371a74fe08e1ecdfa309c5474817496b712ce5fe78248e078b2cbaec6d070544e6b8deff7e2c09c91ba69d93d3f30462c5d9b9baf464e50
- SSDEEP
  
  12288:Q16qmo/EFI7ZRtuPIw4QvIicjFXMxBdRvFnktpu:Q6c/BlQX4QgjFcj9S
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  zByteSwap.exe
- Size
  
  364KB
- MD5
  
  a8aec272d8487a05a47ce83bf0612a15
- SHA1
  
  fd9e93c8247d44339797760dca1cce44da12289f
- SHA256
  
  044160a1422cf6c684e950ec7c83c1f236051147116909e66d2b307d4e3dbe39
- SHA512
  
  b67d0bc0b25b73cf1ded36c4b38deb28f95b700cfd430d8f567fc49388b06f5758c399b6b7295b8c482b89c6f671aff8d7751be2939b0e3a0195e1e553098492
- SSDEEP
  
  6144:1dImNDt7sdnJnGCXgsKIR4kZeZXyKFgUVWP9pQCCxXOpI62nQBNh/xl:EmN57sDnG41dEZXx6AWP9vpIDQXh//
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  zClock.exe
- Size
  
  366KB
- MD5
  
  03a2515120cafb0c6ef5ef4e0f8180a1
- SHA1
  
  6c6db7399a598d0122835ed09e3d2000d39e1b92
- SHA256
  
  0fec32fb7b0274a194c60c65f18c2b3251aeb64932b2d93b692ed6cc8faa292e
- SHA512
  
  507148ea7a9d12134b0424d3848519dca0a474909533925623bbeb8c05663a2c3fc8431d89212ebe13438b7da74695a3ac4377e3d70ef38c07f9522390e2d57a
- SSDEEP
  
  6144:x5/SXR9owdBU9GncSR3bmqExIjROQsA6eT2qc0UpvmXnnLf9UkKf9rl:H/SXR9oCBoGtN3sA63HvynLWkoJ
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  zComp.exe
- Size
  
  380KB
- MD5
  
  f7b9b063a504e4866e62be9742ece548
- SHA1
  
  3f6923dcad298a087c926d53394e51827706249d
- SHA256
  
  1573ef421a4a07771377ffe6e031e93f4bb46fa4731689abbd253023a77a112a
- SHA512
  
  ed883718edcd4713804b3b9d65dc635b4a89066e2341ab83db43f159322d377344f11e714209249aff2ca419c5492d75d7cc1375edfdaec0083afd422b17326f
- SSDEEP
  
  6144:UdVtU4d68vEw4528oKDsv9h4kpav/0JmA2/5KdF6TicFGwcbO1G3gc1iqUZhwwE/:8U268vEw4528oKDs1Jeg2QkicP1Gwc4
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  zDelTree.exe
- Size
  
  43KB
- MD5
  
  469fa9c3a78d4bd0f23ef06bcaeb342a
- SHA1
  
  990e02c1fe831a6534920e6ff01500a252dc8ee9
- SHA256
  
  af6cfdcaed021a3110754421ae741088d2e0f62ea55af10634503286d00734cd
- SHA512
  
  e348140fc05ab80aac1e3ee663ce23df0ca516d08ce13c2416c01bf3fceeb1799483dd42bd1fb31656e1e107bf0b909061c1eec5836778370294b7908512fd06
- SSDEEP
  
  768:VC1qfQXxyXwVb9UDW5s1d6IpaP99d1et2VutQCzn8ndRsrUtzMlxwlPX8x:E1qfQhyY9USGrb+bcQ28ndBwulPsx
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  zDir.exe
- Size
  
  44KB
- MD5
  
  daf8fa4864ecb52738d097f5febc1b0a
- SHA1
  
  6e25297f8e67756104fc9da6a71d7a39f5ee3228
- SHA256
  
  da1a91f28955c73e1bedd7df50320cd108ced29ac3b69dde3829d251ab34fa36
- SHA512
  
  825dc6b30f7a626df135b8db3f72b01497382198a490522a6a04454d286952c89e5bf979548b1b59ccfba887e604d022e17377dc1006c34081f9593b4cb9d80c
- SSDEEP
  
  768:OyEq5WcQaIeWwsKvNAiiCZPV9YVF7hnG9OCbKjdAqrAtLOTsl:ZEq0cQaIeFOiixP7WbKjodOT0
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  zDirSync.exe
- Size
  
  553KB
- MD5
  
  dd39ac4fc115ed766f5a8c389bb0581d
- SHA1
  
  94051654cd058727776fd57be485f336c6bad930
- SHA256
  
  5fa4a63d1d0fb1f0ab6d5669a9e778887f184d3246c369d19731873e3b0bf72f
- SHA512
  
  137fe56c77a2d6904c04630fe631347e84047dc84d772fc6dfbd11febe2465b79b049cbfc4b36784ce56c54b133f26ad31c081c75f8fc51a16f6c774ad4a65bc
- SSDEEP
  
  12288:4DXhQUllsmyKj97GQRdGJ1GC6a83qwPns5RY+qP:WX6ZmyKtRm1AaWHPns7/q
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32