7274b5bb3853e8feafc6a61abb5a5aefda8f0399aafdc1298e9059348f6948c5 | Triage

Resubmissions

14-08-2024 04:47

240814-fej8ya1hlq 8

14-08-2024 04:44

240814-fcs33a1hjl 3

14-08-2024 04:41

240814-fa7hns1gqp 6

14-08-2024 04:15

240814-et9ayawgla 8

Sharing

General

Target

RDR2_Arthur_Morgan_Default.webp
Size

64KB
Sample

240814-fa7hns1gqp
MD5

c4f033aaa8f7ff4e1b7f74d02602e1ba
SHA1

57b4033b49a3466ac1b3cc2adb5c28675a6494d4
SHA256

7274b5bb3853e8feafc6a61abb5a5aefda8f0399aafdc1298e9059348f6948c5
SHA512

5d911784a7ee77f1787097937553ffc9bac801ef5dd85aa8f98d2f95b136419e9b3dad6ec339b22fa781beb68889d31852db74faf9ace7bfb5128f5e7ae565e1
SSDEEP

1536:ASYmfr/42TLtAocpPDNt5t0fIZNU+ZqE4I:AxYBTMy+sEj

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  RDR2_Arthur_Morgan_Default.webp
- Size
  
  64KB
- MD5
  
  c4f033aaa8f7ff4e1b7f74d02602e1ba
- SHA1
  
  57b4033b49a3466ac1b3cc2adb5c28675a6494d4
- SHA256
  
  7274b5bb3853e8feafc6a61abb5a5aefda8f0399aafdc1298e9059348f6948c5
- SHA512
  
  5d911784a7ee77f1787097937553ffc9bac801ef5dd85aa8f98d2f95b136419e9b3dad6ec339b22fa781beb68889d31852db74faf9ace7bfb5128f5e7ae565e1
- SSDEEP
  
  1536:ASYmfr/42TLtAocpPDNt5t0fIZNU+ZqE4I:AxYBTMy+sEj
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence