1d85c77ca084345fb0746d17b71c2da66cbd7b87c8c385b05ca205525d058dd8 | Triage

Sharing

General

Target

d4c8a3819b2059058dd8a62885f70d40N
Size

3.0MB
Sample

240912-ge685stfmk
MD5

d4c8a3819b2059058dd8a62885f70d40
SHA1

72f02df2f8165189721bd2a10bb5b614c9b265b4
SHA256

1d85c77ca084345fb0746d17b71c2da66cbd7b87c8c385b05ca205525d058dd8
SHA512

c42c229b59de9de3fe4b05476213f9ab4b479f3ab2e91d78c11c506fe1cfce8c17633bd56bdbdff1ebe15a976935601aa769eef9da220abd9a0fa8f7a33034e1
SSDEEP

98304:Xgk4gyY1nreB41lPyO37TLN1aavvKScI1iBXwJ8:XgkXyYpyB43PLvAXU8

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  d4c8a3819b2059058dd8a62885f70d40N
- Size
  
  3.0MB
- MD5
  
  d4c8a3819b2059058dd8a62885f70d40
- SHA1
  
  72f02df2f8165189721bd2a10bb5b614c9b265b4
- SHA256
  
  1d85c77ca084345fb0746d17b71c2da66cbd7b87c8c385b05ca205525d058dd8
- SHA512
  
  c42c229b59de9de3fe4b05476213f9ab4b479f3ab2e91d78c11c506fe1cfce8c17633bd56bdbdff1ebe15a976935601aa769eef9da220abd9a0fa8f7a33034e1
- SSDEEP
  
  98304:Xgk4gyY1nreB41lPyO37TLN1aavvKScI1iBXwJ8:XgkXyYpyB43PLvAXU8
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  "aminstall.dll"
- Size
  
  76KB
- MD5
  
  b91f126675ef39f4ee46f877e230d255
- SHA1
  
  2411fed6cbaf6cd80fbd374fa0af18a1280ec9b8
- SHA256
  
  803606254069701d1e5e05cc7a5e98292145c42549d224e323be17b24d80c441
- SHA512
  
  05e352cbb2f770a3a17021b9beb08877d14ab333c928b8bf0f393c5bd6a738fac4453e7661e5ad3340e886f3461a2050191a0284b1de8f761b2d6974703bb58c
- SSDEEP
  
  768:MNV5rhiqaZ1V7V5yytiCLqmfTKeqvi8NT7jypjGZ1wZgH1Y10BlnkE52zGnApuxo:Mf5hgVXyy1luTXyVMwW1NkEQGnAp1cO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  "solitaire.exe"
- Size
  
  1.3MB
- MD5
  
  f098578c429b097f00fae63b3cef8af1
- SHA1
  
  555e13c9821da2659934a029c9c02cf6b2c6e78a
- SHA256
  
  ecdd18c577a93209a6ee89f8162af7df8427eaeeda314143a699281ace3dd545
- SHA512
  
  cb657a9e97e3dd7cc3d9e32dc1429db32f37c0727c94432eb1d8eab03f4e3b8e063d99873d2531a4559f999c05d324ce6825d81eb1ab0fcc556ce24af79e7b84
- SSDEEP
  
  24576:e1Nmo09OGPrCXPVPQIMTh8Yp5z1sgvXPpHMUs84uYxtrvGX3uY0m8W:eKoFqeNPQI48Kf7fRHXR+r6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  4c7d97d0786ff08b20d0e8315b5fc3cb
- SHA1
  
  bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
- SHA256
  
  75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
- SHA512
  
  f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
- SSDEEP
  
  192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  388c408cff35a38d04e3cda18f63af07
- SHA1
  
  9c2aa2ed8b526ace4267acbcf5648b2601019ac4
- SHA256
  
  4f945ad53b7aa8ed516b2f58c2ed9f15c13bbdf0e489d71c7347b80583cee5fd
- SHA512
  
  542292d61ff209f6c98c62ebad549024611a7d42fb951f8cc211b886f0d202d5e0da3b754c84c8a00043c748ed527351fc524357412cf88875e6bf729cbba46f
- SSDEEP
  
  96:MFJsQxcnqakqeStS6+NMKQwECv0nGhFZxTxZ05hU/61:C9xcnqakCN+N9n0na1K5y61
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  9KB
- MD5
  
  e085476805e8f5ef1c7ed635c5309017
- SHA1
  
  609e79fdc29d6dee40cc5dd333094db5f9f63eec
- SHA256
  
  4eb689e2db8d683afcfffe6dee1985fbd458d2770093547331d563acece80c67
- SHA512
  
  082932aea8d993de8ca1eeb60f7bb4e56cc7eab4a683c59822b2c544223febab5915bb2b7c2e2dad79472bbd8ad400770dd7c1f112cef24d18ebd0f1ad63fe9f
- SSDEEP
  
  96:DomrrPB3x4gJcp7/qzt1SGr3DEkJjUFezthPhwrWNHRW5j5/Y0+YAZIhtyPEM75C:nnTEjwT3XgFshpwrlR5/7AZlTpVHlmV
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Uninstall.exe
- Size
  
  66KB
- MD5
  
  86545cc1d7a3fb9fbb64c892a680b52e
- SHA1
  
  886126e346fff55cd4f5fed002808bc8a686d8ff
- SHA256
  
  4467f1b1c277eb2019e67372b6ef4cfb3dfbae812f82c3fd111f11a92a9c8ba2
- SHA512
  
  778691da163c66ff516c633668d1a861af7dd7bb02701d31d0885ea0e009a6744f724df59c0524ef04c2faaac55091d5e0de68acb79ad8489a3d4922d1dd84db
- SSDEEP
  
  1536:XKe0DnjRrJav2FnUIRr2vMYBJvqAELVigvHhn1bi+v/5Qmdm:XGD11a8YBJSAI0Q1bmOm
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  4c7d97d0786ff08b20d0e8315b5fc3cb
- SHA1
  
  bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
- SHA256
  
  75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
- SHA512
  
  f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
- SSDEEP
  
  192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  fmod.dll
- Size
  
  157KB
- MD5
  
  53f2a550bb1b7333f44112ab18482c33
- SHA1
  
  cc1330cb0afc9fcf62588b89c66a92803408506e
- SHA256
  
  d4b8a9555e5073fb87624b56ca21451047d4763458a328e765fa93d0d80f8aad
- SHA512
  
  eaa72d9b78833678f9b9ea2f2e604994711ee5f221817dbfb82d1990bcfc264e9979a0cf499794dcee3e5b2af53f1c7b5bbc61c4b3c29095b9c8d2832bf779c7
- SSDEEP
  
  1536:m6gnQQ6WgWV2Mxh4MoU6bId5xlYxUDzQUDMd8ZEVIhiBQe6A0j/MVfEGuZL5yfso:mfQcpYMxGSY3qTZbZeHpE1vVWZbxF1
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18