c59b51d15b5965f27db4c5bbd21793ad6b492c8c751836ba8bd43829d791146e | Triage

Sharing

General

Target

nmap-7.95-setup.exe
Size

32.4MB
Sample

240903-pbyftsxdpb
MD5

bd457e3fb19a7f127a23369e70ee84fc
SHA1

09bf57bff436520af6b8842f7ea9f48e655ffffe
SHA256

c59b51d15b5965f27db4c5bbd21793ad6b492c8c751836ba8bd43829d791146e
SHA512

d55d51be6a12aaa87906102876aeec54bfe40f8daa5cde110de8c21b7135ad6d581caa7c84278cf02ad84efa13c16090b2336b90956ef983085c4da1e578fc35
SSDEEP

786432:acaE6hpVWJ+hdOjlklPSKBd2fpNG9QTG1VI:acP6pUk3OjlkrAbSO

Score

4^/10

discovery

Malware Config

Targets

- Target
  
  nmap-7.95-setup.exe
- Size
  
  32.4MB
- MD5
  
  bd457e3fb19a7f127a23369e70ee84fc
- SHA1
  
  09bf57bff436520af6b8842f7ea9f48e655ffffe
- SHA256
  
  c59b51d15b5965f27db4c5bbd21793ad6b492c8c751836ba8bd43829d791146e
- SHA512
  
  d55d51be6a12aaa87906102876aeec54bfe40f8daa5cde110de8c21b7135ad6d581caa7c84278cf02ad84efa13c16090b2336b90956ef983085c4da1e578fc35
- SSDEEP
  
  786432:acaE6hpVWJ+hdOjlklPSKBd2fpNG9QTG1VI:acP6pUk3OjlkrAbSO
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  ece25721125d55aa26cdfe019c871476
- SHA1
  
  b87685ae482553823bf95e73e790de48dc0c11ba
- SHA256
  
  c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf
- SHA512
  
  4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480
- SSDEEP
  
  384:EXsC43tPegZ3eBaRwCPOYY7nNYXC06/Yosa:EXJTgZ3eBTCmrnNA5p
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/npcap-1.79.exe
- Size
  
  1.1MB
- MD5
  
  a4d7e47df742f62080bf845d606045b4
- SHA1
  
  723743dc9fa4a190452a7ffc971adfaac91606fa
- SHA256
  
  a95577ebbc67fc45b319e2ef3a55f4e9b211fe82ed4cb9d8be6b1a9e2425ce53
- SHA512
  
  8582b51b5fea23de43803fa925d13f1eb6d91b708be133be745d7d6155082cd131c9b62dc6a08b77f419a239efe6eb55a98f02f5783c7cd46e284ec3241fc2ee
- SSDEEP
  
  24576:q7INqm36s9R26Vhund3idw1/fayC9nHgeFhPuKX+dXlVp0WgB4:v13TR2ChAdLpfaVgUuZXlVpk4
Score

4^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  22KB
- MD5
  
  170c17ac80215d0a377b42557252ae10
- SHA1
  
  4cbab6cc189d02170dd3ba7c25aa492031679411
- SHA256
  
  61ea114d9d0cd1e884535095aa3527a6c28df55a4ecee733c8c398f50b84cc3d
- SHA512
  
  0fd65cad0fcaa98083c2021de3d6429e79978658809c62ae9e4ed630c016915ced36aa52f2f692986c3b600c92325e79fd6d757634e8e02d5e582ff03679163f
- SSDEEP
  
  384:E0C43tPegZ3eBaRwCPOYY7nNYXCA/YosaWqZmZsHLA+KhHgt:EBTgZ3eBTCmrnNAEQ1hKhHgt
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/NPFInstall.exe
- Size
  
  251KB
- MD5
  
  23af43847b2c8529ec7171d4a378e001
- SHA1
  
  06f1e0aeec9043bff7032bd4a79d0c4f0c33ceba
- SHA256
  
  5b1a62010bc7f9a58721d067919d6cedb0e8e414261e729e202e79334a791492
- SHA512
  
  2fb8117943c752956b4520e465766252e21d114c722d324fdd6f8e54e35871af765f910fec2c323dd1ac89e5dbe45b04ed72c090876ab1c3ba072b5ec305eddd
- SSDEEP
  
  3072:oeAvCTO25maSEPJJ1SxLtfJ5OGydgzwpXzcbU0ZFoecBkB3K9GyNyOLbTOa1sf3g:oTCS+bM3MEU0Tjcb9rNyhrN/2
Score

4^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  12KB
- MD5
  
  d1a3f71186e20741b2bb0cc33ca79609
- SHA1
  
  b04761c0b7bc46e864a776514e4476eb372ef73c
- SHA256
  
  49b0450567c281494620193d0f3598bad8a474ae9910fedb161855f09a8ec1f0
- SHA512
  
  7eb904e4d2a6d87bccbe3e3f6562e53940195303a8024d2b0dad142a7a546b7a7a9287966e6d696246349008966349b6b56a3ce47978dedf49205bcfeb962b16
- SSDEEP
  
  192:Qa8pU6GVdndRqSzNJw7YUXmZscF8Bd1LAeVBZHlA6u/:upZGVdndRqSzNqZmZsHLAOhk
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  19KB
- MD5
  
  f020a8d9ede1fb2af3651ad6e0ac9cb1
- SHA1
  
  341f9345d669432b2a51d107cbd101e8b82e37b1
- SHA256
  
  7efe73a8d32ed1b01727ad4579e9eec49c9309f2cb7bf03c8afa80d70242d1c0
- SHA512
  
  408fa5a797d3ff4b917bb4107771687004ba507a33cb5944b1cc3155e0372cb3e04a147f73852b9134f138ff709af3b0fb493cd8fa816c59e9f3d9b5649c68c4
- SSDEEP
  
  384:u8+Qlt70Fj/lQRY/9VjjgLmqZmZsHLAMThHdjnG:uSqFjm6YLP17ThHdC
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  14KB
- MD5
  
  f9e61a25016dcb49867477c1e71a704e
- SHA1
  
  c01dc1fa7475e4812d158d6c00533410c597b5d9
- SHA256
  
  274e53dc8c5ddc273a6f5683b71b882ef8917029e2eaf6c8dbee0c62d999225d
- SHA512
  
  b4a6289ef9e761e29dd5362fecb1707c97d7cb3e160f4180036a96f2f904b2c64a075b5bf0fea4a3bb94dea97f3cfa0d057d3d6865c68da65fdcb9c3070c33d8
- SSDEEP
  
  192:JDkDr/HA5v6G2IElFernNQZGdHskJw7YUXmZscF8Bd1LOtNBZHld3Mu:aDrvAxnJGernNQZGdHVqZmZsHLOtLhHH
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  NPFInstall.exe
- Size
  
  251KB
- MD5
  
  23af43847b2c8529ec7171d4a378e001
- SHA1
  
  06f1e0aeec9043bff7032bd4a79d0c4f0c33ceba
- SHA256
  
  5b1a62010bc7f9a58721d067919d6cedb0e8e414261e729e202e79334a791492
- SHA512
  
  2fb8117943c752956b4520e465766252e21d114c722d324fdd6f8e54e35871af765f910fec2c323dd1ac89e5dbe45b04ed72c090876ab1c3ba072b5ec305eddd
- SSDEEP
  
  3072:oeAvCTO25maSEPJJ1SxLtfJ5OGydgzwpXzcbU0ZFoecBkB3K9GyNyOLbTOa1sf3g:oTCS+bM3MEU0Tjcb9rNyhrN/2
Score

4^/10

discovery
behavioral17 behavioral18
- Target
  
  x64/NPFInstall.exe
- Size
  
  300KB
- MD5
  
  c01beb6c3526554ec9dfad40502317f2
- SHA1
  
  89f468496bd7e6d993a032f918c5baabb21c11be
- SHA256
  
  5d54a5e7230baf2b80689ee49d263612a6011bc46ec52843e7b4297e9656d32d
- SHA512
  
  a7fdb3d69cc2b12c9795c8f5e34f64014273e471dc0639ff4693f18e3d5ea758f38f58a5dfc4d1800511ce3e130a7454fd371579e31dbba049770fb74b889339
- SSDEEP
  
  6144:s7sjTspITygzeDpTkkUyyC5KEmg37kpFwQOj8Vm:9jc2byDpTkdyT5fTrkpmQlVm
Score

4^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/vc_redist.x86.exe
- Size
  
  13.2MB
- MD5
  
  9882a328c8414274555845fa6b542d1e
- SHA1
  
  ab4a97610b127d68c45311deabfbcd8aa7066f4b
- SHA256
  
  510fc8c2112e2bc544fb29a72191eabcc68d3a5a7468d35d7694493bc8593a79
- SHA512
  
  c08d1aa7e6e6215a0cee2793592b65668066c8c984b26675d2b8c09bc7fee21411cb3c0a905eaee7a48e7a47535fa777de21eeb07c78bca7bf3d7bb17192acf2
- SSDEEP
  
  196608:oRjgvJ2flpQcIIS/Rj7BWl+aV8t8z72BxBwBgO42BE6+2DQlMp1sHW5ZDmCCM0Xr:IgRIlptVYmfr7yBG/4pXMHsHW76CsGE
Score

4^/10

discovery
behavioral21 behavioral22
- Target
  
  Uninstall.exe
- Size
  
  92KB
- MD5
  
  1968be0f71ead6d980c29890592c0252
- SHA1
  
  8f53bf28355346f084aeeb7047bf25b31650b9ab
- SHA256
  
  f4bc09a48636266f6aca12d9dbaa45611eece9ab5c37bf3db4c7a78fcb81ddc3
- SHA512
  
  0996b8955ada0daf569c5080ca9b5608b341896b3d88082d3b2585e6d753ada9fa84c7a71c0873733565136d76341985af5e6023c31c2b41739bf6b691d24c5b
- SSDEEP
  
  1536:HokYTf8XUCb0N1Jzz0D+HUpEu6gdLeAyNsF+BG4TM7P+xofxNs:HhYDI5Q+D+HUpEu6ceAlPa8s
Score

4^/10

discovery
behavioral23 behavioral24
- Target
  
  libcrypto-3.dll
- Size
  
  3.9MB
- MD5
  
  27c8a62563e3f34f3466d3cbf4b8fe74
- SHA1
  
  23a2585b4afa8e77d365fb1bcf8c96d7273b9742
- SHA256
  
  3927d87e03ad83e22a40fdcb680707a28eb04314af51f228130d8396dabb3de4
- SHA512
  
  c24f2725a05b209895e4de7b548fc7782d5695bcadc6b79a742c9860efa4691f4cb0b997bb1035b379c64de9d5476e6425e1e76e0b6d73faee635e7fc87207d1
- SSDEEP
  
  49152:isLkNoGACh3LyT2CmS/qI9a9NPLZExveczlh+7lk1CPwDvt3uFADCNOnuyWIk72y:KNoGWK5S/q7HDCh+Zk1CPwDvt3uFADCH
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  libssh2.dll
- Size
  
  203KB
- MD5
  
  7df1365a2e0b9009ea133314e2ecf6cc
- SHA1
  
  2ab90223e54d34458c1f19dec190cd839a966da9
- SHA256
  
  a74ef9d16c70d74e82eb5a42126dc0a2f6af5dc6002f5226cfe736db3da9994e
- SHA512
  
  f092de168f888e657d851d1826906bfa7895f9878a964f72312a7a1c7adf0f2930dc460935893ca8d2f77f56e53d32ab6a8bf2caed42a2b90a798b7259e92440
- SSDEEP
  
  6144:/VUeSaXnc4lcuWAd+F6febPf9WqBqNb5AWZGRQ:We9Xnc4iAd+F0eL9BIFX
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  libssl-3.dll
- Size
  
  661KB
- MD5
  
  24f02f8bd55813c87a4952e60e87edf1
- SHA1
  
  c19834e2d64dd44d84d58c73d88b454fd6ccb385
- SHA256
  
  70b3b431d10ca9dea42b5b5aca85a97c39c91e0e2e3b5763514c1608a5f980b3
- SHA512
  
  04922a3a80d551cfada9fcb765966eeca0741bfff3469a551d538580b64a70d8f1a6a94abada3762a79cd6fd2222eb38c9e491a74fc19937bbd8ab309770f7ad
- SSDEEP
  
  12288:xJtxLelXQVWwwdrQxxNa4t98FH9UHlSMYtfJ6u2GfeCchyV:xDxL46Gr+0tfJ6u2GfeCchyV
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  ncat.exe
- Size
  
  355KB
- MD5
  
  4f6b1c5a41f7e9d183a7dd3ace65812e
- SHA1
  
  c08a5e5c59f39522939284ee8743ff55967da76a
- SHA256
  
  a3071223a56a18c9fb913696487f69d1ea2633176412446d4b7eecc82d33c262
- SHA512
  
  25c7a3f16b001144cc8fdc5c9014cdfe33352bd76c116c3e1b7e3238668ae0b284fc641b96aee92d07dc9a25fa9b016e441db96c07f2426e09b0ec9b8d2443cf
- SSDEEP
  
  6144:ptY7W0+Pb/+japAtAGZ8+cQm+hSD5I55HinqrphrBEU3VEBIPZ/5owu8zsX4ROVq:ptF00/+japAtAGq+RSFO4n4NBEU3V7PJ
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32