1bf03b0e61b5b32d2e83fa8316f5332454063ae81abf6c3dacb8c508732eddb3 | Triage

Sharing

General

Target

ec3c24359cc1070eaa113847b0bdaaa0N.exe
Size

3.5MB
Sample

240905-py935ssale
MD5

ec3c24359cc1070eaa113847b0bdaaa0
SHA1

6506ee7f87e27b7778ba29419f414873353c197d
SHA256

1bf03b0e61b5b32d2e83fa8316f5332454063ae81abf6c3dacb8c508732eddb3
SHA512

f4467d9f108ccfe9c138a81c49c7c54630bf97b05ef517c79c795b17a6aac4ce2943e499129bbfdf4b2717c88a481943a67ba7de0bb6bb9a0fd1d76dfce63b8b
SSDEEP

98304:bB46PZyZsSTtL5/xOHgfsl1vIzKnkJ5D9iJuF:bLhy68LqHgWgokfDIJuF

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ec3c24359cc1070eaa113847b0bdaaa0N.exe
- Size
  
  3.5MB
- MD5
  
  ec3c24359cc1070eaa113847b0bdaaa0
- SHA1
  
  6506ee7f87e27b7778ba29419f414873353c197d
- SHA256
  
  1bf03b0e61b5b32d2e83fa8316f5332454063ae81abf6c3dacb8c508732eddb3
- SHA512
  
  f4467d9f108ccfe9c138a81c49c7c54630bf97b05ef517c79c795b17a6aac4ce2943e499129bbfdf4b2717c88a481943a67ba7de0bb6bb9a0fd1d76dfce63b8b
- SSDEEP
  
  98304:bB46PZyZsSTtL5/xOHgfsl1vIzKnkJ5D9iJuF:bLhy68LqHgWgokfDIJuF
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $APPDATA/Estlcam/V12/Uninstall.exe
- Size
  
  74KB
- MD5
  
  56ca631ceb19ffc891ae137605b956ea
- SHA1
  
  fa8731296382aaed991a2ebdcd7f4c62ebb81a83
- SHA256
  
  48add90be9e7444d733d9694099856300dc9f54be5d3f02cc8b3121c8716357a
- SHA512
  
  4c2e5132e7805deae3687495eabc14aa32a97750021c13fffc6afc36df35de7faff54ff138e718d32d2e95236243acd2e6be741183b6dbf3ac6c5d711c66c843
- SSDEEP
  
  1536:n/T2X/jN2vxZz0DTHUpou0gbwdLeAyNsnk/y0xE+1W:nbG7N2kDTHUpou0hFeAHgy0PW
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  15KB
- MD5
  
  d74bb4447af48da081c7d9b499f3a023
- SHA1
  
  dadf6e140e6fd8e49a1851cc144bb022e0adb185
- SHA256
  
  5fd5d8aec97cffaad9b7df6371b348d436cf1401e86fab614dc4cb8575428e52
- SHA512
  
  9a15de5c6b08914f5e5bbc1c318fb0e84da28a316cf51ccddca8dfb64cd67b7ad06acac307b41d5086a0740055d327007ff890807d6853bb2e767179a3b3d758
- SSDEEP
  
  192:0hdGZ2E0hm+Gc7ROMzCPvXWROt086dXHGrEKcDDi0b5ZsgMgiCXyo1Fp01eLLuIt:0hdGZ2E0YWV2908oj21ILud8
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Estlcam12_CAM.exe
- Size
  
  3.1MB
- MD5
  
  c8dbc8ae459e12f03e20910bb8426bfc
- SHA1
  
  94ef13fb980557de734c0089d57718e2157763ad
- SHA256
  
  02e09a2f244b7eeea0b921bfb4edd1269906ff8f14d2eafa3e04de1ece715aef
- SHA512
  
  d57910e06983778c61d9789cce94eba53da9293bf1eddba17b29ec0240f8e195e4a53b8c3dcf65f3ae35d1db4ce78daeabb59420a13c2e297a7330f5d2d0835d
- SSDEEP
  
  49152:F1SSW3Yp1XPzuh7zYutUxA6w+4YeMGDsNFQ/9t:221XyhDKw+HeMxQ/
Score

1^/10
behavioral7 behavioral8
- Target
  
  Estlcam12_CNC.exe
- Size
  
  3.1MB
- MD5
  
  aaa50b0e4472c6e0494e7c2a3c3d96cc
- SHA1
  
  c54e89d564490b5ffc46e5717f1fae2588d9ac01
- SHA256
  
  d8ac16894df1c8c8907618c69a949ad6feafc01dc2286170b3cbc1f2bbb5f6a1
- SHA512
  
  13561ec4dab92bc580e88afe78fdc6ca99603f8a2c203ded40c260828d468abe6ad3ed6687ecb541bf63c3853d4f93316791d2dbde45b8aa0635204bba9f6396
- SSDEEP
  
  49152:I1SSWOYp1XPzuh7zYutUxA6w+4YpMGDsNFQ/9Y:lL1XyhDKw+HpMxQG
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10