83a3ba96f671b477e204d9c81a9979c55c14e9151f581b222986bdb468fe44a8 | Triage

Resubmissions

07/08/2024, 20:51

240807-zm4r4axdpc 1

07/08/2024, 20:49

240807-zl6v3atflr 3

07/08/2024, 20:43

240807-zhyehsxcrf 8

Sharing

Copy URL Twitter E-mail

General

Target

Vantage_v11.zip
Size

53KB
Sample

240807-zhyehsxcrf
MD5

91225133a68a5361f49d41c8ea3ced54
SHA1

743f40f2883797bfe17da80f2616adf9202a4982
SHA256

83a3ba96f671b477e204d9c81a9979c55c14e9151f581b222986bdb468fe44a8
SHA512

b46078a5a21783d533fbdf77f2f180fadcfbd3c7884b43777e74507a347ae3387dce3376e429ace8b62ca4266ac4bfa33b60e1279b7fa35b1342a4b8585b393f
SSDEEP

1536:bi6M+x5fSmCQe+wbOmbXbr7z2uygA37Pmxh12:1M+x5SmYymPfzlxY7PU2

Score

8^/10

defense_evasion discovery persistence

Malware Config

Targets

- Target
  
  Vantage_v11.zip
- Size
  
  53KB
- MD5
  
  91225133a68a5361f49d41c8ea3ced54
- SHA1
  
  743f40f2883797bfe17da80f2616adf9202a4982
- SHA256
  
  83a3ba96f671b477e204d9c81a9979c55c14e9151f581b222986bdb468fe44a8
- SHA512
  
  b46078a5a21783d533fbdf77f2f180fadcfbd3c7884b43777e74507a347ae3387dce3376e429ace8b62ca4266ac4bfa33b60e1279b7fa35b1342a4b8585b393f
- SSDEEP
  
  1536:bi6M+x5fSmCQe+wbOmbXbr7z2uygA37Pmxh12:1M+x5SmYymPfzlxY7PU2
Score

8^/10

defense_evasion discovery persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1
- Target
  
  Vantage/Vantage.py
- Size
  
  118KB
- MD5
  
  b81eee11cef99f69e3727705e3c10014
- SHA1
  
  4297851aa0586832bbb2a7655acdf554d54e84de
- SHA256
  
  78945b6966b50bcc64d185bf79d0f9fca6746461c5764db1af7e29a80af844c4
- SHA512
  
  32114bf740aecf355f0392ae9e9fd844a20da3b2fb0efbb479aca2f142019d08f59f7c2cd2e12f36ddb588c17805243cb910012712d66035b47bcf823b09d10b
- SSDEEP
  
  3072:JLt4oi5FI/7LIKpTUNgX4cOQ4Q4Apg4ocpeyN5SJwTTVs6PShB3CEPXHcQ:J3i3uppgu3JpeyDSKVsbEQ
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence

behavioral2