b5a74b2693a84d419701fa2272b437b194e2ebbd17837def5235b1aa7106c543 | Triage

Resubmissions

05/08/2024, 22:57

240805-2xmbxaveng 8

05/08/2024, 22:54

240805-2vyxxs1ejl 8

05/08/2024, 22:48

240805-2rbcfs1cqm 8

Sharing

General

Target

Octane.exe
Size

55KB
Sample

240805-2vyxxs1ejl
MD5

8aaa50737f6b341c4eab5c4974af917b
SHA1

c9d0261adf707026daa7c04000db07fe071f876a
SHA256

b5a74b2693a84d419701fa2272b437b194e2ebbd17837def5235b1aa7106c543
SHA512

a7a3b4c55a85c62a67719077633e5a60ad797168b7a09af938b5f0bf10b0a00689a5a73eb9048c11d508646c33deed95775f4e93e4f08d020f1b10c87feb5f9b
SSDEEP

768:FFqtcoRmBvd0SVFip0FBtiwyRWu+0HVc6K:6GoR2LhtifROMVcl

Score

8^/10

discovery evasion execution

Malware Config

Targets

- Target
  
  Octane.exe
- Size
  
  55KB
- MD5
  
  8aaa50737f6b341c4eab5c4974af917b
- SHA1
  
  c9d0261adf707026daa7c04000db07fe071f876a
- SHA256
  
  b5a74b2693a84d419701fa2272b437b194e2ebbd17837def5235b1aa7106c543
- SHA512
  
  a7a3b4c55a85c62a67719077633e5a60ad797168b7a09af938b5f0bf10b0a00689a5a73eb9048c11d508646c33deed95775f4e93e4f08d020f1b10c87feb5f9b
- SSDEEP
  
  768:FFqtcoRmBvd0SVFip0FBtiwyRWu+0HVc6K:6GoR2LhtifROMVcl
Score

8^/10

discovery evasion execution
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecution