6da18413f34c0348cc26ec3ade6515223aba6ac2a87f9414e056aad54334ff60 | Triage

Sharing

General

Target

6da18413f34c0348cc26ec3ade6515223aba6ac2a87f9414e056aad54334ff60
Size

1.9MB
Sample

240901-by6h3axcrp
MD5

1c15235bb6e7ead2d1958af888adbd64
SHA1

7a6dc724763169467e81225a6ddb56a41a82854c
SHA256

6da18413f34c0348cc26ec3ade6515223aba6ac2a87f9414e056aad54334ff60
SHA512

1bd9774e82bb352868d276c7d6d59ee8bb79df2491226307873750c37067e67ccb768447322910865125964976f991ab9583cd419389ee7114b5ba7414d8cbc3
SSDEEP

12288:GbPjxk4nd9cPZ4mPF7Wg8XYcDpvHRqRNl3JYGJ0gSq:GbbO4nXW4mPF7Wg8HDVxk+GJ0vq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6da18413f34c0348cc26ec3ade6515223aba6ac2a87f9414e056aad54334ff60
- Size
  
  1.9MB
- MD5
  
  1c15235bb6e7ead2d1958af888adbd64
- SHA1
  
  7a6dc724763169467e81225a6ddb56a41a82854c
- SHA256
  
  6da18413f34c0348cc26ec3ade6515223aba6ac2a87f9414e056aad54334ff60
- SHA512
  
  1bd9774e82bb352868d276c7d6d59ee8bb79df2491226307873750c37067e67ccb768447322910865125964976f991ab9583cd419389ee7114b5ba7414d8cbc3
- SSDEEP
  
  12288:GbPjxk4nd9cPZ4mPF7Wg8XYcDpvHRqRNl3JYGJ0gSq:GbbO4nXW4mPF7Wg8HDVxk+GJ0vq
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptionsEx.dll
- Size
  
  119KB
- MD5
  
  b8c7fda6ec3c8a8ead7d7eccae0b17f7
- SHA1
  
  bb1444aa3300e9ab4a7a10c7913ae5e4320b953d
- SHA256
  
  b03cedb899c8737fabb3efb1d02bb8330ee73ce667aa406a5e52a10aff180db7
- SHA512
  
  52d3ce369418c9fbc7645e8ab272199dd836ebf13fe5019694f01f1686e0708853188b5a2ba8241739620dce98765bdb4fee488189d40c37222a0230b79e6e91
- SSDEEP
  
  1536:yU+yEIWirTd+OY4M8D1fb8Li7c3bSC2RVNCSivZYrgr+9MmHZ+WIwvtu1/5bCl:b+y5TlhR8DL2d14MMmHZvtq/5bw
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SkinnedControls.dll
- Size
  
  78KB
- MD5
  
  e99ccb5d7c703f4f2c646dc5ab7729b9
- SHA1
  
  3822691b5db44138a8a77d913bc5bee9d6fe1e08
- SHA256
  
  6b12c941a9154f3cede11e7ea9e2395e36df27549551cf0f4597cfce26057340
- SHA512
  
  1e1ab42193d35524917c4c658e63e6eb1d36a10c88c13fc683e1c85205d2d2005e71ecb41666bb7ed2f4d04815afc56c9ecafa2a3328b4635d8390668498f0d9
- SSDEEP
  
  1536:y38sX68bf6cVytaRB06/Lka4qZ5YU9uJ:TElVMUB0A4u5YQu
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsisFirewall.dll
- Size
  
  8KB
- MD5
  
  f5bf81a102de52a4add21b8a367e54e0
- SHA1
  
  cf1e76ffe4a3ecd4dad453112afd33624f16751c
- SHA256
  
  53be5716ad80945cb99681d5dbda60492f5dfb206fbfdb776b769b3eeb18d2c2
- SHA512
  
  6e280a75f706474ad31b2ce770fa34f54cb598528fac4477c466200a608b79c0f9b84011545595d9ba94331ad08e2f51bd42de91f92379db27686a28ba351256
- SSDEEP
  
  96:8SMPv+eLDUDp+weLv2lstU+0IgNB2Aa20kdArfOwJKbFrMiRsuHdRYL:wnxLDUwp6sgN2RDrzJMMmsuYL
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/registry.dll
- Size
  
  24KB
- MD5
  
  2b7007ed0262ca02ef69d8990815cbeb
- SHA1
  
  2eabe4f755213666dbbbde024a5235ddde02b47f
- SHA256
  
  0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
- SHA512
  
  aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
- SSDEEP
  
  384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $TEMP/$_7_
- Size
  
  299KB
- MD5
  
  f8e263bba2fa46f1dbe38a4fedc0dd7a
- SHA1
  
  cfd04a8ee1b84dcb4dfd0be78fc89a502ebb3c9a
- SHA256
  
  ca74e4b8abee81004cb6269eca92af4729e7c83b51315d5ac8ae4cd05c352537
- SHA512
  
  2dd588981b6c00e2ea536ca0c62e3b651e9f4219b623f138b8d0738de4e2ab90a041e9d5b2d2389ac0bcbd9b7d50613ec4302c2961976527acbe3e93b0bfc390
- SSDEEP
  
  6144:9i5tWbZWPh96XYcDpvYy917SSzb0zRPAWln3J3oGWg0:0Wg8XYcDpvHRqRNl3JYGJ0
Score

3^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16