3ea777adc872e14c7715ed70f81f9576652993ded09de88e5b62e7a6312f2a1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EF_Commander_Free_24.08.zip
Size

2.7MB
Sample

240901-r27tastcpn
MD5

0c9e4d4c4297a15d7158eaf11523c60c
SHA1

5c41f398114578ec05632a373aa22a3d3ce7ebf7
SHA256

3ea777adc872e14c7715ed70f81f9576652993ded09de88e5b62e7a6312f2a1f
SHA512

6ae12c41b508e173bc07d8546b7d05f749a5404362ad8328aff22a4904c6f9e786d5dde0fc84de62d10e6e268b1271cc0317122e1409fcb41b231ec8a5c938f4
SSDEEP

49152:qxhR5X/h+MWrgcY2+5PJV2ujtwjKqQNtgQtPFmI7YMRvRGCEuuNvK3TVNHgFBMxr:+z5vxv2+5Xfjt3T2I7tRQPdeZxg/Mz0o

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  EF_Commander_Free_24.08.exe
- Size
  
  2.8MB
- MD5
  
  87df4be0cdceb3734c81281f8d9bd680
- SHA1
  
  8bdb43e7fa572351c63185bf2959313e784a990b
- SHA256
  
  cbeebd87ec7c9cfe3823d7aef52bca37a1ca29b805c7b2c8923fb5e48b16d488
- SHA512
  
  6053ea9e0ee349b2eb06e00c8e289620b634dc710529be8e7c36a0d3f287abdb164179fc1588289e70ce30a694a537f5aa8166d4eee5aff7210f025d183c2293
- SSDEEP
  
  49152:07Z5V/hOM+LioY2+RLJ1kQD9kNgg+XBQQvfJOu78MNFJGQouW9vK3Tz9H8dBUR5/:c5JlD2+R7hD93xcu7RNCxte3B8HYzWw/
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2