c1ce85233af641b7c1cf831a3d95639bf439caa72386d01ad77797e0317e1d2d | Triage

Resubmissions

24/08/2024, 21:20

240824-z61jsazfne 7

24/08/2024, 21:16

240824-z4evaszeje 7

Sharing

Copy URL Twitter E-mail

General

Target

Pterodactyl-Desktop.exe
Size

56.1MB
Sample

240824-z4evaszeje
MD5

a1daa3cda2c7f5af0a1886e4e8f8f55d
SHA1

af1a5a793a24d032123897b8460a96368ef1f09b
SHA256

c1ce85233af641b7c1cf831a3d95639bf439caa72386d01ad77797e0317e1d2d
SHA512

1029b065709107602c97f857dc1c202c15f071621ba61742d5020acb9fce3b6b33e53057a8b616ab920caee49a2cb649cc190777976e4432b7043442132ed2be
SSDEEP

1572864:PxF1s9gfxr8oeidjJHqL+ruicJJQY+iPEt:PxF1s+r8eJruicE5WEt

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Pterodactyl-Desktop.exe
- Size
  
  56.1MB
- MD5
  
  a1daa3cda2c7f5af0a1886e4e8f8f55d
- SHA1
  
  af1a5a793a24d032123897b8460a96368ef1f09b
- SHA256
  
  c1ce85233af641b7c1cf831a3d95639bf439caa72386d01ad77797e0317e1d2d
- SHA512
  
  1029b065709107602c97f857dc1c202c15f071621ba61742d5020acb9fce3b6b33e53057a8b616ab920caee49a2cb649cc190777976e4432b7043442132ed2be
- SSDEEP
  
  1572864:PxF1s9gfxr8oeidjJHqL+ruicJJQY+iPEt:PxF1s+r8eJruicE5WEt
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2