a8664afe17ba2a3b2112b41eb89334f86b4f921b5937e775f74098eb9f2af80b | Triage

Sharing

General

Target

Quarantined Messages (3).zip
Size

2.6MB
Sample

240905-pxjjss1cpm
MD5

9bc609698dceb542d802164f11bf5686
SHA1

697c1b21ea4a5c8e37342234ffb8a08a6f813bd7
SHA256

a8664afe17ba2a3b2112b41eb89334f86b4f921b5937e775f74098eb9f2af80b
SHA512

92e40edc1fad26d353b8d6459633f9a26e8bf61cee34edff4f742d27c33a622275c0c3346e06ce3e85f3a8b5172f60df504ccdf1782d2f3bbd8969108e0333f8
SSDEEP

49152:MR7IIdOBagGxQDvEi6bbSe96kD6L9gS9Rn5J+XZhnYFaWURS78C19NrbOo6eVEA/:2hX6OSe97GLecRnbYnYFJURuN9N3LVJ/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  2.7MB
- MD5
  
  64114d2eeef70df310f2ea1fc34c232f
- SHA1
  
  3851fc1b1715a7052587bd430aa18b9aadad4b1b
- SHA256
  
  4e09d9006a6b4d57933df47e3b586859b8b790e8cade3869e8ed1eee8ca40ce1
- SHA512
  
  55a12e1627a1ee9a2680fbbca86813559caca3c6072d513658b685fefb435026db23a35dba1958ba6ec791f186072769d312b65dfd72ec242213d91c8ac7b767
- SSDEEP
  
  49152:FilF+Szj4hhTOAu6Z87PEhwGKJeEH5DgbbkvRJgZ:8l8I2OA/OcnKxH5MbkRqZ
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2