4ded7f148a12c9134661f74d9de3962af2649d7000c5a0ba65d4b26462a030c7 | Triage

Sharing

General

Target

Desktop.7z
Size

59KB
Sample

240817-t2n3asvgkd
MD5

d560ab1df35ac1fb8fe07d09fee8716c
SHA1

3c5c92970891c27188ab256b96a5865bd4752ce8
SHA256

4ded7f148a12c9134661f74d9de3962af2649d7000c5a0ba65d4b26462a030c7
SHA512

15de7066308e02bcf2ee09832a86ab0bb422389acce311f4793cf0ead14338addc9fcef8a5690d21c1968c030381651cb7aa9e79f3db2fdafdb5fad854e9be1c
SSDEEP

1536:x689OeyU7fimROBEUNJda9jNj+2HOyBRsWgYVBHre:xJOfUjTROBEwwNC2u0HBhe

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  bauchbeinepo.exe
- Size
  
  250KB
- MD5
  
  a4cb34b308433dee79296704ee059199
- SHA1
  
  4daee93d350f9972127786ec44499cc247d11997
- SHA256
  
  0b50fe70c1c36610388028cdbe442875146961c66b80ab32a928b60727844129
- SHA512
  
  6dde86bc95df8190aa3cc0678ee382a9762175e700745a9c3c48cdd22a073ece7ab02dbbf4dc45b1920a8599900e405b59fced2664f4af8fdc4336eb149c7879
- SSDEEP
  
  6144:nnwbl9wVeyDx578c4uxHWb/CWkIQo50GaDTt8zcjj133FWlNJhoD:nwb/wBDx57v4u1Wb/CWkIp5DaDTt8zKx
Score

7^/10

discovery persistence privilege_escalation
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  iqvw64e.sys
- Size
  
  33KB
- MD5
  
  1898ceda3247213c084f43637ef163b3
- SHA1
  
  d04e5db5b6c848a29732bfd52029001f23c3da75
- SHA256
  
  4429f32db1cc70567919d7d47b844a91cf1329a6cd116f582305f3b7b60cd60b
- SHA512
  
  84c3ccc657f83725b24a20f83b87577603f580993920cc42d6da58648c6888d950fd19fbb8b404ce51a3eab674066c5cefe275763fbdb32e1ae1ba98097ab377
- SSDEEP
  
  384:gxdNvW7C8naMYCjizSO/YWwhtSgvNR0m1us7pfBMRKr+PLDRfvgXifBMRg6PWNTj:gHNwmJ/7UtSwR317uPPlvgXiu/6Tbf
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

behavioral3

behavioral4