1ff9294afabf3cb4b61670abd50e253a0ee878e533293bde60b2a1ced34e5869 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Output_CR_KeyGen.exe
Size

749KB
Sample

240807-s886datenc
MD5

4f68d134394ba001f944d7274af3d380
SHA1

9736a8a08de260ae03df023675c3cf39c759f2fc
SHA256

1ff9294afabf3cb4b61670abd50e253a0ee878e533293bde60b2a1ced34e5869
SHA512

86bdbc54c80c400ad43961ef274865ad497b9e2368839fb88b84da5c3348c2f72d796cd678ad717e4f08f688284f5c627cd91ea68b2de7b6f4a0f63c2b4aa904
SSDEEP

12288:XYkc9t2Sll/vXr9fIUfMJfaoJzBG1Y8aW4O/Z18yEJK+AigMJlt0FOBH4:XYkcL5vjMJXZBG1n/Z18yEJK+wMJlwa4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Output_CR_KeyGen.exe
- Size
  
  749KB
- MD5
  
  4f68d134394ba001f944d7274af3d380
- SHA1
  
  9736a8a08de260ae03df023675c3cf39c759f2fc
- SHA256
  
  1ff9294afabf3cb4b61670abd50e253a0ee878e533293bde60b2a1ced34e5869
- SHA512
  
  86bdbc54c80c400ad43961ef274865ad497b9e2368839fb88b84da5c3348c2f72d796cd678ad717e4f08f688284f5c627cd91ea68b2de7b6f4a0f63c2b4aa904
- SSDEEP
  
  12288:XYkc9t2Sll/vXr9fIUfMJfaoJzBG1Y8aW4O/Z18yEJK+AigMJlt0FOBH4:XYkcL5vjMJXZBG1n/Z18yEJK+wMJlwa4
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $TEMP/BASSMOD.dll
- Size
  
  33KB
- MD5
  
  e4ec57e8508c5c4040383ebe6d367928
- SHA1
  
  b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
- SHA256
  
  8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
- SHA512
  
  77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822
- SSDEEP
  
  768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMP/R2RJUCE.dll
- Size
  
  242KB
- MD5
  
  90a452c84f7f2b5ca5a61bccaaa17e92
- SHA1
  
  3fb5829be5db5af55ee4043f0dce7f9253d800dd
- SHA256
  
  674a6eafb277261cd6959a4145329ab8b612fe5948fc8daf064192498fa65f92
- SHA512
  
  41304120d3b2d0489fa82c13abce47fca967c6415e28c05382c0c567a167ff400f7d58b843afdfcc33227d4caa8fbb32af38fa7175fd066631fe1bb82615975b
- SSDEEP
  
  3072:BsUYsLox8+vwJMcr7HKKQnpkrsvPmp55kIlzjjrfFO75Ag0Fuev/TBfoxzV7i94:n0x8fO0KD2AvPmbeQNcAOe3TBgDtDc
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $TEMP/keygen.exe
- Size
  
  491KB
- MD5
  
  b7a0d2a3cc5f085ecf92aa825b7ffe10
- SHA1
  
  a1bc7ec71149911f1805d0120b1be59e70c9912c
- SHA256
  
  c4c81270316396493d689feda96cff009d483803a43969d89734191972e8b4bf
- SHA512
  
  0b9cd151c23444a5d5d68197773a5abaee8b6ca831b448e98167b53054d5612896e79d1b6f509a196a62ddb5e8c0a51c4ba9fa36ca0a16d2f4163aac3b7c470e
- SSDEEP
  
  6144:bcmzikEPDonRgNgz1+hw6hNgPfHv9PAimIAO5Rv0oWrc+:bc/kEPDonR6Y436vRN0oWH
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8