0adbc26e72dc13177518e695af604e8047753ac64021c465a547d438515046cd | Triage

Sharing

General

Target

EclipseX-Key-WorkInk-Installer-363224.zip
Size

18.0MB
Sample

240918-zvkzystdkj
MD5

ad0dcec59883b83eb3efe8eca334e84c
SHA1

e165891c46cfff1ff513db2830d83efd451873c0
SHA256

0adbc26e72dc13177518e695af604e8047753ac64021c465a547d438515046cd
SHA512

c7e5de7e4a304b762a2ef235104970d0aa58d39b381d989d1698dd3271388b4c571e6d1a3a28e26580dbb6e43e648e4bf804a932dc76ce35ae3ad41b7bd78eb6
SSDEEP

393216:MjnfUt2AmVIcf5na4IyYhFZDhyhOQ3HXdA9L5jjZG:8n8ABVPBa4HYhFZDhp+2J5jM

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  EclipseX-Key-WorkInk-Installer-363224.zip
- Size
  
  18.0MB
- MD5
  
  ad0dcec59883b83eb3efe8eca334e84c
- SHA1
  
  e165891c46cfff1ff513db2830d83efd451873c0
- SHA256
  
  0adbc26e72dc13177518e695af604e8047753ac64021c465a547d438515046cd
- SHA512
  
  c7e5de7e4a304b762a2ef235104970d0aa58d39b381d989d1698dd3271388b4c571e6d1a3a28e26580dbb6e43e648e4bf804a932dc76ce35ae3ad41b7bd78eb6
- SSDEEP
  
  393216:MjnfUt2AmVIcf5na4IyYhFZDhyhOQ3HXdA9L5jjZG:8n8ABVPBa4HYhFZDhp+2J5jM
Score

1^/10
behavioral1
- Target
  
  Install_02026.exe
- Size
  
  67.3MB
- MD5
  
  413fd1eb6aa9f36e174122b514bfe4d1
- SHA1
  
  15e80eaecc128276cab451303944d7e13c375c7c
- SHA256
  
  eb0bc6733fc0aef4ac50d60ba355e8469e903cada2480e0d8deaa65a777d6748
- SHA512
  
  446831c76f7268e4d2ec522ca3c454254fb377602a25f164d18e3dcc2352e66c7cff94c1413cc7d579ba97c4a0654fa9cf146b45a55d9920217eafb772174984
- SSDEEP
  
  196608:LQFgLRKHqT3OgmAC6WtaqyF6tkcEERPUwxHB1cJ6TywN36X8psOaJDz6:LQFgvT3OoCcgtekPbxU2ywqJ51z6
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasiontrojan