5d79a45ff16d4f1dd622512bbd3b15bdb2586f1d496e108c3b75d84329195f9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GenP 3.4.14.0 - Release Edition - Hotfix.zip
Size

801KB
Sample

240805-kearqa1ekn
MD5

95a6799e1740f4ae3aaa7790297dfd1f
SHA1

81d8a0b8a3ccb0c93df2f086643fdaa1a9f40c93
SHA256

5d79a45ff16d4f1dd622512bbd3b15bdb2586f1d496e108c3b75d84329195f9b
SHA512

d8eca710648f5212ff2f33016642e83b597c59f3bfc9df122a45f39bc79f83b275834013c81e59fbfaa5770bfdee1ce04bdef6e579f657843a9bd82646dc1912
SSDEEP

12288:zMWAAZgaW6qSRkMWOwjLNWORMDPfAJ3kJXT3A7n1wFTBuCV4sXoGmT0xDO1vDndS:rZpW6UMaxWOi43kJXTQpwvJqFvDnd68u

Score

5^/10

discovery execution

Malware Config

Targets

- Target
  
  GenP 3.4.14.0 - Release Edition - Hotfix.zip
- Size
  
  801KB
- MD5
  
  95a6799e1740f4ae3aaa7790297dfd1f
- SHA1
  
  81d8a0b8a3ccb0c93df2f086643fdaa1a9f40c93
- SHA256
  
  5d79a45ff16d4f1dd622512bbd3b15bdb2586f1d496e108c3b75d84329195f9b
- SHA512
  
  d8eca710648f5212ff2f33016642e83b597c59f3bfc9df122a45f39bc79f83b275834013c81e59fbfaa5770bfdee1ce04bdef6e579f657843a9bd82646dc1912
- SSDEEP
  
  12288:zMWAAZgaW6qSRkMWOwjLNWORMDPfAJ3kJXT3A7n1wFTBuCV4sXoGmT0xDO1vDndS:rZpW6UMaxWOi43kJXTQpwvJqFvDnd68u
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  GenP-3.4.14.0.exe
- Size
  
  1.1MB
- MD5
  
  b96713a17862524497df280b06f62114
- SHA1
  
  dd29da880b0f1fa5ea48171522e1c8729270ae8e
- SHA256
  
  e1655efbf8b3b0a2e7fc982816f67aabfe554a8b6ad0a158e085aeac3121a51a
- SHA512
  
  91e82c338d954f845b576c51be9fcbf59d07fe8b894c16fd00fdf38642dae2b87ce1d9e422d43a1ba22341c10aa90f7f746a85d42fee8b2d7473440c1e2956df
- SSDEEP
  
  24576:KrORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9Tvayx8mfm1A:K2EYTb8atv1orq+pEiSDTj1VyvBayxpu
Score

1^/10
behavioral3 behavioral4
- Target
  
  NSudoLG.exe
- Size
  
  156KB
- MD5
  
  7aacfd85b8dff0aa6867bede82cfd147
- SHA1
  
  e783f6d4b754ea8424699203b8831bdc9cbdd4e6
- SHA256
  
  871e4f28fe39bcad8d295ae46e148be458778c0195ed660b7db18eb595d00bd8
- SHA512
  
  59cce358c125368dc5735a28960ddb7ee49835ca19f44255a7ae858ddd8a2db68c72c3f6818eca3678d989041043876e339f9fafe1d81d26001286494a8014f0
- SSDEEP
  
  3072:uwEUNZLRS8gLI7qwnKE6Cv/89RvD7c5Q9a88QuA6337p:/NBRS8AzdC3Qvr9aDQuA6b
Score

1^/10
behavioral5 behavioral6
- Target
  
  README.txt
- Size
  
  303B
- MD5
  
  95bb3dad2c389f6ca152917e5037b1ad
- SHA1
  
  9ca18daaec4f2b2716fa41333cfd6f273e324f29
- SHA256
  
  c9fbef2693d445ad6eaeb1c6425b42dd7c9ca975ed56df2edde2e3a449692b8d
- SHA512
  
  a609587ae973b2e1636365989e76d324c349a066ce8e6953bf7c570d1074d0a579a8dcd1eeb84ac2fd6d85dffbdc5e61265dfd90d3d594fa554d5a8e5fc1f6ba
Score

1^/10
behavioral7 behavioral8
- Target
  
  SOURCE/GenP-3.4.14.0.au3
- Size
  
  59KB
- MD5
  
  36514262c88f0ecd4da3bb76c88cd1ae
- SHA1
  
  fa1d1cb216da82efe11db410c7d621af11f164a3
- SHA256
  
  4b9c8fc44aff0c03211749970e841e9fceacd7bfde73397c864ad3006e891c3c
- SHA512
  
  031271ddcf46fcc0de95a904ecdf380f3105b0380c03294085618bb4e3c2fd2da45d91fed6b687635e424140eeeeeb5149a4edbe35c77ffa9876efcc00b939cc
- SSDEEP
  
  1536:+dtU9jEZcXMumCgMbKFLoGPb9sYWugo9y2FmA71:0FLHPb9sYWugo9dmA71
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  SOURCE/ICONS/Logo.ico
- Size
  
  156KB
- MD5
  
  c383035a57c2e7a39803f71096011ca6
- SHA1
  
  28eb06af5b03de330423e40275cfc251ee324d6f
- SHA256
  
  71de01801146e8dbe1ea5771a80b5f8e39693a58ad12987022dde335b9d7ca86
- SHA512
  
  62f3243857cd4a03f094209da3990c2bbe4f92ae2a4d945f2715cc0d95daf0bc6b821bc0a1e06ddcd86cbf409d9ef2f530116b1e155d2e2f98a5d855342e4796
- SSDEEP
  
  3072:bXKRZnDsdyWfB4uZfJybGkbr81fCMGfKCnQY/LWEwIqoqE7U4ubpLEO6uim:bXSZnx8muZ04FPEO9VkHy
Score

3^/10
behavioral11 behavioral12
- Target
  
  config.ini
- Size
  
  7KB
- MD5
  
  9a44d54a1da214f9913ec1b121679457
- SHA1
  
  de7dcda198a93c27e12f9055f365db4ff1117759
- SHA256
  
  9610590a5645e3492c55feac88c2e020df0a5b4b3d8893f5e7e36ec0cc6c0c4e
- SHA512
  
  78f486b3265e6c4f39018812f22851f1c6295bd2bead13a3b5b1623bc9f8886301a172b0211eedf9c60bf048f81fd5f49b78e96707754bc43faaf4bb57c8a355
- SSDEEP
  
  192:GNS3DaLPvcgBPcJvcgBvF0VBotrjTZv2ctKpm8hJ3bK:GNSTaLPvcgVevcgoIl2ctKpm8hJLK
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14