7e3a6b914dc1f307b4183e9ea01d97deac47507db7880162d321ad6dcde040dc

Sharing

Copy URL

Twitter E-mail

General

Target

TARISMiniLoader_official.wg.intl.exe
Size

10.9MB
Sample

240806-zz4yma1anq
MD5

1f1b1dc52e850b393dbc409490a56034
SHA1

4c18ac0b8ed9da80aeea380b1e12a7879b50dc90
SHA256

7e3a6b914dc1f307b4183e9ea01d97deac47507db7880162d321ad6dcde040dc
SHA512

fd73f28e9d21d390da1674223a09faba9f0a062b505babda6794f0d2a3e9a949716d3b864a83469da9456b655c35739557d8bafe76917c97ee3cdc2559d31fa1
SSDEEP

196608:bN0wMWwg4j7oDIPVJhwLWugo5Js3ogdsp1mGkpLPvl3gjvtdYyeq2WWg:bNFleOuV/Sgogde1xkpLl34zYJWWg

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  TARISMiniLoader_official.wg.intl.exe
- Size
  
  10.9MB
- MD5
  
  1f1b1dc52e850b393dbc409490a56034
- SHA1
  
  4c18ac0b8ed9da80aeea380b1e12a7879b50dc90
- SHA256
  
  7e3a6b914dc1f307b4183e9ea01d97deac47507db7880162d321ad6dcde040dc
- SHA512
  
  fd73f28e9d21d390da1674223a09faba9f0a062b505babda6794f0d2a3e9a949716d3b864a83469da9456b655c35739557d8bafe76917c97ee3cdc2559d31fa1
- SSDEEP
  
  196608:bN0wMWwg4j7oDIPVJhwLWugo5Js3ogdsp1mGkpLPvl3gjvtdYyeq2WWg:bNFleOuV/Sgogde1xkpLl34zYJWWg
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  LogConfig.ini
- Size
  
  113B
- MD5
  
  1e8cf5946a37d9a084be613554260815
- SHA1
  
  94b5aee19918d59c83785ac27de9c7c076f12091
- SHA256
  
  e8a59173f505dbedf4dd37eec210e5e539a243e46f521a8ba8d2ec13fd99d29f
- SHA512
  
  abe7ebaf55dbccb4fc8c1a39c36427f381568642dde0855208244133cae23dbca7a8776c3b67303673413ed6047574e22e349697bfb22fe5f9395bcf86f8a2cb
Score

1^/10
behavioral3 behavioral4
- Target
  
  Minidown.xml
- Size
  
  2KB
- MD5
  
  51aca0bc86eab4ecdffa12d0db3e1554
- SHA1
  
  971520211bf39d0b6ed71614a435ab614b12d9ec
- SHA256
  
  8a71375485726ef98079c7938d43f00510b123ace748f582ff41e395d9026103
- SHA512
  
  0e1e2a4b5e6fad44fad23849b743e6a1a4866eecb2829549c1862260e2045831670010643865a6e8c4bd5c2b916e2c8a3ef8194861a88433b7c8f5134f5f2e34
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  TARISMiniloader.exe
- Size
  
  5.0MB
- MD5
  
  9b59a55e0679c08f1e9ca28b73c985a4
- SHA1
  
  fd47ab582862fef832878c1bbd620e149b508e64
- SHA256
  
  e02b9be6b2c09d032df7f565051f116cf9f234d9f799579cfc280c49a7e67474
- SHA512
  
  e377430cb9a8ef45d76196c9dcce3ef59cac11a48d11cee1124a63e57298400970310ba4f8a68b9c20623f7a6888b06c0e30709e3f2bb0666a20756a65e770bf
- SSDEEP
  
  98304:NIMFsQgSgejBIC5d9A2bgVagfnls1OQ4OiiiDrbu6vyQFqJ0DDc:N7qC54XZ/lsAiiDrbulQF8+w
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8
- Target
  
  bugreport.ini
- Size
  
  738B
- MD5
  
  27ec1e105337c0ad4bddb8f2a9551f6c
- SHA1
  
  c77d348eb0130390f39915d0b680cab3f4d5329c
- SHA256
  
  ed60ca6895464814f9e5bc132f41645630cc785fae9fc7da6362b5690b3a97cd
- SHA512
  
  5ac5ed78fee4e8cd2ff96915cb0f7dd4d39367fa38e89f0058a66cc70af8ef84f5550e48e12343257b0cc9611074acabc865339d948bdfef2cba6c42137bda05
Score

1^/10
behavioral10 behavioral9
- Target
  
  error_code.json
- Size
  
  346KB
- MD5
  
  3e69d25e4de00840b4ef97f890d1687f
- SHA1
  
  2b24116474e432bc5aba9789a4b22e6dd8511561
- SHA256
  
  ba2d92cc27b62969fc7e016bfe5535b03a45c9f32c78efb2e1018d590ae6bc60
- SHA512
  
  cf1d0935c68bd42747d8434a0ceea00c6f1eb10b70698673b3a6637331208e7e139451c506a18bf64d6b7c94ad72b27ca88992e81f44c8358636d1771969fbf6
- SSDEEP
  
  6144:900nuL5Spvu14yxwkXtSGQBocvKTgCvOpwMGHa7EN28:900nuL5SpvFrBf2
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  icon.ico
- Size
  
  347KB
- MD5
  
  92f781c68076a0df4c70bdeea56987b4
- SHA1
  
  6da228cc5d574eb7c85cba30cdc61a997bbb75bd
- SHA256
  
  fa3b712738365bfb7dd2b6f9abccfbded43d7e32b6a722942ab17139d26e9399
- SHA512
  
  1b2a0430d3316033859a4ce8d808021b04edf72699356c4c98eb58a570dedc408f2b613c4cd5469a7b6b855584d64f3df9b79d1ceeee4ddd7324026cfadf83ee
- SSDEEP
  
  6144:XXDvN07JbDfsr7fQkB7Ay4fXPjO3NHYFPoFHbYHNemMaGj3oySJqE:XzcH0gixyid4etbYzMlj3wh
Score

3^/10
behavioral13 behavioral14
- Target
  
  install_script.dat
- Size
  
  2KB
- MD5
  
  4b825d933e87a697a663f3e30fcb31cb
- SHA1
  
  e5ae7d7435af7db6d874c0ed49a75264902802dd
- SHA256
  
  afb0049fd6ddd8a90aa44dffdddd9acea89d6a59134f2e3c8774f2767c9684c0
- SHA512
  
  78cef4927b7b217bc70c9ff92a242733b9daa8f9f7ee51f4395bf7609bb665e30b3009e3ca9b0d35392ac0228d497fcd4ac2f4e6a3e9f33ceae8e3a0570b4d72
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  res.zip
- Size
  
  5.1MB
- MD5
  
  d6de9e4584e6992354920b3c84b12cf0
- SHA1
  
  459d0b4608e854a9247ca397dd7c30d2a5522d7c
- SHA256
  
  8740a4eda45d56ff6e10873c1b1ebf82551839dd7906073c787f64fd78714457
- SHA512
  
  f583702d414848c8fe1f7e0e2c8dd246d5c3feaeaeacdf57ed563ffa58d93032c7553b4a4d48765319fb75ecedae23d0c1c40866aaa49aeb6ec26148dd0fef56
- SSDEEP
  
  98304:M++lSK3PJ4ePSNhqRtSD36XHi4uK5B69x2e6yABS6GPrVj0z5XBq/b:M+wpTBMD36PdB69x26aGP+pQb
Score

1^/10
behavioral17 behavioral18
- Target
  
  [email protected]
- Size
  
  291B
- MD5
  
  c5f995f1e909ba4064f680bef95908ae
- SHA1
  
  96a82e7cfb236b8b20160bde87bb4f1de7ebcab0
- SHA256
  
  fb0b13bde571c73ec675ee652de7dbf201266c47689d73f171835655be7f46f7
- SHA512
  
  cb6f4518486a60fc4b60d39a20fc10102f8e0ac2c4e2febe1928ad14c217444c2664ab4ec01300617d8efa4dfc0e39285f3f4b7a6d0d1d9830696e4f20cbf65f
Score

3^/10
behavioral19 behavioral20
- Target
  
  browse_pressed.png
- Size
  
  162B
- MD5
  
  7b1ee5a3b5565a1b22bac0ccab3c1d33
- SHA1
  
  5bfa966646a0b77b7bbcef38a0330aea8b116d49
- SHA256
  
  b3f1ef8566639dcc829dd68b4153beb16775be845f90f5c0a854f3402e722cd8
- SHA512
  
  0c2832a0452115086b0f8d12fa47a22fccae566ec4ef4d0c80ebaa1517f1a316cfcbc010e42fc0b6b99fbf2678430e28e449f4e8351128eccf03b6aa994ced88
Score

3^/10
behavioral21 behavioral22
- Target
  
  [email protected]
- Size
  
  291B
- MD5
  
  df9b4643671172e2d1aa9717ca0d1953
- SHA1
  
  5315d3d2e6689d46fabb6d307423590ec23282c7
- SHA256
  
  e2c5c44d412da57a140c06d90449549d521117059020bc1f9f26474168d4b625
- SHA512
  
  c173e0334482b0177f699e94e9bcdff2aa051545f72c4417ae47759be7fdbf299d5445b259d172fa88332aecc305f6c711b967bdf030941be2b205c547e2158e
Score

3^/10
behavioral23 behavioral24
- Target
  
  browse_t_disabled.png
- Size
  
  163B
- MD5
  
  576e7badc04c63250a50a3b9d5ace447
- SHA1
  
  51c2498608b086db412edf738578d031f8e73205
- SHA256
  
  c5dc8e63603df15fc940fec91074cbd3b030747a71a861d69f327f4e6343da98
- SHA512
  
  4a39186c7ae7e55146461fa57ef8a01fc2141b93d268fc4adfdf3602ce07d59d8659bf308e9e08a5a5618f6b66ffa265daad591fcaa2981307f92fea45510dad
Score

3^/10
behavioral25 behavioral26
- Target
  
  [email protected]
- Size
  
  293B
- MD5
  
  cff9a709a1db5ddd36b1c48e571eb21e
- SHA1
  
  2f3f0e963ece2634e4725751a12f2829a4a31bea
- SHA256
  
  0178a52d199fc4dd44e1cad5ad29be34af70a34700fe292ad1cb38d4405da857
- SHA512
  
  51b710eb245d2db70068fd4ddd388e732b792e4704a3d9ce6d4c57f98856aebec561fcd27ec5a04d772967671b5b2905144703a5be2085b136ff8e2f6897a7a2
Score

3^/10
behavioral27 behavioral28
- Target
  
  browse_t_hover.png
- Size
  
  163B
- MD5
  
  a5c99fedbbba6c0fa683824ed1153f0b
- SHA1
  
  bcf37ba14936f86b2d3de7ebbc509b9e562d3302
- SHA256
  
  3341278edfff8edf6da2ce60188680efa66225336829daf196218ba9b54b7627
- SHA512
  
  ca0147bbbe0f8f9eac29dbf8d9460572d67fd3c7000b287f5a38ec43eeac0f27af25ce48b0e63193e05a99b340b27fccd473ed575273a9668e102a5b462975b3
Score

3^/10
behavioral29 behavioral30
- Target
  
  [email protected]
- Size
  
  293B
- MD5
  
  85cffdf7fb51211512f986eb91374f7c
- SHA1
  
  77da2523fd0b599e95f17340d01f6d0d1f2628b2
- SHA256
  
  b2f4be8a38cab8bc5f786869a221d87cd6a8100b3d78f33f3760841c9e01b7eb
- SHA512
  
  ac95f29f84c6870e5c677ca0b5ceea08f5ee5d8a325af9c03bc2b172dc31b51fc898bc8718601ecdd8c238ca4eb0c9d5db0aedf9c005d99bbafd3201b7d63f22
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates connected drives

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32