4b13d2657da7701589cb9562622039d120c29f00115c2e93ebc7bd27be2e96b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fd906d3ac83693fd41e0464ae60650N.exe
Size

132KB
Sample

240821-t34jdasflq
MD5

b3fd906d3ac83693fd41e0464ae60650
SHA1

c80f17b3f6c10e30acc13a17e1980cdfd653ef26
SHA256

4b13d2657da7701589cb9562622039d120c29f00115c2e93ebc7bd27be2e96b4
SHA512

50e367f24bbd843ff58affd661d835660821bed474717afd1f837a55b83572d07946da3d4809ef2d2955db19b0fe4ea3bec4eaf8682f3b440c5b42fc4db7cdd9
SSDEEP

3072:3QIURTXJcchSVjgcfLJDMGED7Vi6ie4T7W:3smchmjXtDMGUhJ6u

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  b3fd906d3ac83693fd41e0464ae60650N.exe
- Size
  
  132KB
- MD5
  
  b3fd906d3ac83693fd41e0464ae60650
- SHA1
  
  c80f17b3f6c10e30acc13a17e1980cdfd653ef26
- SHA256
  
  4b13d2657da7701589cb9562622039d120c29f00115c2e93ebc7bd27be2e96b4
- SHA512
  
  50e367f24bbd843ff58affd661d835660821bed474717afd1f837a55b83572d07946da3d4809ef2d2955db19b0fe4ea3bec4eaf8682f3b440c5b42fc4db7cdd9
- SSDEEP
  
  3072:3QIURTXJcchSVjgcfLJDMGED7Vi6ie4T7W:3smchmjXtDMGUhJ6u
Score

8^/10

discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ShutdownAllow.dll
- Size
  
  3KB
- MD5
  
  db401847c04d665a6f83dcafdd6ac23d
- SHA1
  
  bdbdcf5baaedd62d8d3f471693ef99d1fea60d7a
- SHA256
  
  c6518731ae740494bdd87c53a43086be7f0ce125f728b2860a014235cd56134e
- SHA512
  
  c204bcd55d87cabfcdb79ca2230ae0e89425f2c7e67b46d3a04937440cdfbbe3d9cafa5e52a8ab5d4539a3af4710ce44624476fa42602edb23cb549aa77ecd71
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  24KB
- MD5
  
  eff1d9f80967c384e8d25c5a6369af1f
- SHA1
  
  1bad344a6f8a991e2017d79113e1e54f0dde32b8
- SHA256
  
  0537e86a8940e8c516330c1e646bf46cb62d79fc5a9add557c5050b40fa9f346
- SHA512
  
  cc824bcf581182c072df0e59c4d5af73fd5768215e18585e94d15617cda224763b62bd36a24510766e1bd651da05f024e6b6b9b0eaf3b6371f119c508a5a1e18
- SSDEEP
  
  384:uucP6dFG0upnGsV5Zrf/d5Yg7MJ9/fxCSULpiT3ioyAkVZ0Ac9khYLMkIX0+GTQZ:u96/5GV5xf/dFQfISNT3jyAOsS
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10