f267154176092698f6f06c6faf62af5fe1f1b6e77a432ccd454980d98e2bc9b5 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

Rick Astle...o).mp3

windows10-1703-x64

9

Resubmissions

06/08/2024, 00:34

240806-awrfpatdmq 9

06/08/2024, 00:01

240806-aa38cswgqc 9

Sharing

Copy URL Twitter E-mail

General

Target

Rick Astley - Never Gonna Give You Up (Official Music Video).mp3
Size

4.9MB
Sample

240806-aa38cswgqc
MD5

b2a318d1b86eb9abefaddc88272a561b
SHA1

104809e68c05037c84612a071d26c4deb29d6481
SHA256

f267154176092698f6f06c6faf62af5fe1f1b6e77a432ccd454980d98e2bc9b5
SHA512

2c3e1711f897b3ffbb4f4fdb83f91a28881a99114ccdabc76a6e76930a8cfadf8a0909d1e624f9523b8fd07c7892ebc316353394a2bab3d8f411c043646531cd
SSDEEP

98304:aqiAWJ44ezo+d3PhDvtMkA8pJEPjvTWbMT94G3Kks0eD9Ilaxj:aqXkYbO8pJE6ON3KkJenj

Score

9^/10

credential_access discovery execution persistence privilege_escalation stealer

Static task

static1

Behavioral task

behavioral1

Sample

Rick Astley - Never Gonna Give You Up (Official Music Video).mp3

Resource

win10-20240611-en

credential_access discovery execution persistence privilege_escalation stealer

windows10-1703-x64

30 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Rick Astley - Never Gonna Give You Up (Official Music Video).mp3
- Size
  
  4.9MB
- MD5
  
  b2a318d1b86eb9abefaddc88272a561b
- SHA1
  
  104809e68c05037c84612a071d26c4deb29d6481
- SHA256
  
  f267154176092698f6f06c6faf62af5fe1f1b6e77a432ccd454980d98e2bc9b5
- SHA512
  
  2c3e1711f897b3ffbb4f4fdb83f91a28881a99114ccdabc76a6e76930a8cfadf8a0909d1e624f9523b8fd07c7892ebc316353394a2bab3d8f411c043646531cd
- SSDEEP
  
  98304:aqiAWJ44ezo+d3PhDvtMkA8pJEPjvTWbMT94G3Kks0eD9Ilaxj:aqXkYbO8pJE6ON3KkJenj
Score

9^/10

credential_access discovery execution persistence privilege_escalation stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoveryexecutionpersistenceprivilege_escalationstealer

© 2018-2025

Terms | Privacy