2013b56b5467dc1b75a5215f646cde52a1e4ef0e240dc444a03d6218547c43f4 | Triage

Sharing

General

Target

KRNL.zip
Size

437KB
Sample

240820-sjfsjaydqa
MD5

9681fa5102efea210f2b29a3672fbf0a
SHA1

06b4dd69b86785aaf6e1de7c18fd70fe34aff88d
SHA256

2013b56b5467dc1b75a5215f646cde52a1e4ef0e240dc444a03d6218547c43f4
SHA512

c803f3cf2f714990d12dcd4073ed4d618e439b173899b67f05674b18c5e54ba7dda0006cfaa30a42e62725b3d0a0e96bdcf2a688532d792d25d3e8d8289cca26
SSDEEP

12288:BdiLyGHlKPcQIOLYBaEfuD1oqt6ZVfZ6I6GWv8xx/6ntr:Bd+JTjOLYGb0PhZW8x/6ntr

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Launcher.bat
- Size
  
  380B
- MD5
  
  59006f1c4bee2e1ece0350d6da741e4c
- SHA1
  
  ea285b10921c34cd7ffd767f99fb9b0569a1494b
- SHA256
  
  26219efc32fd06f04d5dbf5ad71d331432a3c09516856d1d37ba47f297dc9230
- SHA512
  
  b415ea6bc570912ad00b3c74daf99d5fb5fb69b496d7284344f426fde493b439f83a020081b054da6eb41f9f999aac3523b2c24e8c19b80e90832add6812ee05
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  compiler.exe
- Size
  
  203KB
- MD5
  
  c4d4020d4b16129bfe88e1ed1d0b2df4
- SHA1
  
  66a000f4c8e2d2821f194a838a4dedc0a2a35c31
- SHA256
  
  0d0e6faa470103aacdafe1b965daa0e79531f5dd446866384ac336e9a9ed9712
- SHA512
  
  1417e969634c018165c8dbf04163998d0f98abf125ff844b32d4263b030ae91a775deb39a2de4b623d859f7c9353119919e4dd4211976bfd7294818f79b2d4b7
- SSDEEP
  
  3072:Anvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+J:Ava5TMRXs0IKiBDbZt4Ggn77+ez3r8
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  lua51.dll
- Size
  
  389KB
- MD5
  
  182e4302992f93bcab1f0f2200be31d9
- SHA1
  
  20774bd408400a650991d804837403a158e0938a
- SHA256
  
  1762dab5f8939c05e15d7f599b9815876899f43a6e28457f38ec0b5d0e452fa7
- SHA512
  
  a8db3fc2f4cd18f15b1c34c02df5f090100207095e066b088033146b6bf88f45c69425e3da2b390d1b0a7a754a6794b079ddfbc85796f26964ca511f8c23e10b
- SSDEEP
  
  12288:XiZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABP:Xe19pm7pCuCt6+w
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6