b38c6a02060b3503c6ca6e3def6da93c86e30016c0ac40bff17db51e2e477d33 | Triage

Sharing

General

Target

Trojan.Win32.Fareit.VB.MTB-b38c6a02060b3503c6ca6e3def6da93c86e30016c0ac40bff17db51e2e477d33N
Size

468KB
Sample

240919-hqetpswcqc
MD5

9c711db8897cbab333f9942c4b8e4240
SHA1

4402480ea9ec820e9d45966cf768f3c9f88fd232
SHA256

b38c6a02060b3503c6ca6e3def6da93c86e30016c0ac40bff17db51e2e477d33
SHA512

82835cf0f44d1ecf5fbd95d75341c5811fff830a65a15075a580d91a4ea26fcd6fe3d11b1b3448f3ce0ce927708f934d1927aff934fb99618d9713864a3d1a80
SSDEEP

3072:WqonowLdm98UhbYCfR5xff5EChj+IpBnfHePV4sopB3/Y96q+lH:WqEo52UhhfXxffU0Enop5A96q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Trojan.Win32.Fareit.VB.MTB-b38c6a02060b3503c6ca6e3def6da93c86e30016c0ac40bff17db51e2e477d33N
- Size
  
  468KB
- MD5
  
  9c711db8897cbab333f9942c4b8e4240
- SHA1
  
  4402480ea9ec820e9d45966cf768f3c9f88fd232
- SHA256
  
  b38c6a02060b3503c6ca6e3def6da93c86e30016c0ac40bff17db51e2e477d33
- SHA512
  
  82835cf0f44d1ecf5fbd95d75341c5811fff830a65a15075a580d91a4ea26fcd6fe3d11b1b3448f3ce0ce927708f934d1927aff934fb99618d9713864a3d1a80
- SSDEEP
  
  3072:WqonowLdm98UhbYCfR5xff5EChj+IpBnfHePV4sopB3/Y96q+lH:WqEo52UhhfXxffU0Enop5A96q
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2