b7baaac80c8ab02781bd0430188a3aba3ac4903be471f833542f79b9098f0744 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BanditsInjector_[unknowncheats.me]_.zip
Size

332KB
Sample

240807-pm6atasbpd
MD5

7f7b26b37c8b14c00cb24fc3726dd28a
SHA1

1c066acd17172e4af73eec2d2efb0356ea7b8d8f
SHA256

b7baaac80c8ab02781bd0430188a3aba3ac4903be471f833542f79b9098f0744
SHA512

10392b927b2e4de49a029037c1f606570eef5405c9d0af3f18817f86c2f9cdee5357598ad62018d5a2465990bf2bf0b439ca8fd4528f63d6e2cf03c533d5d0ed
SSDEEP

6144:rmrmI2KEnAdOkl5bPWpmVvAIfLSCww9KR905hb6MQZFFI5pIln6S37NX:yZNjWQvAIuNw9KR905UFifIl6y7N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  BanditsInjector/BanditsInjector.exe
- Size
  
  575KB
- MD5
  
  9f98afc423ec2749dc54a1a440a911db
- SHA1
  
  a77097d7a1e340b57ca126f849df6135b50effd4
- SHA256
  
  f73da9018087556b8841f1d3ca0787c384cbbd0f45384e86ad3a8e13f5e93b7a
- SHA512
  
  cb79aad46ecb7f2c723aba18619264fe00b050e1a12b515fa7aee82eb666f36328e7eeac7c4d25b2ec04f4ba4e1cde3ac544be634edd306c69c15468ceea0626
- SSDEEP
  
  6144:yPKPdaBb/4F88AztFI0NMpkkoYohIAl0hPZEncAOEJb/WyIxAwt5pfYNoNoSIga/:FaxA8b/I0FEot+PZE9O2bJIC0fDNN
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1