8952219532a57fc5c0e7cf26d17519dc700c642e204f09f0bd4a2806760379c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Dеushасk (1).rar
Size

9.0MB
Sample

240928-r2gbca1brj
MD5

0b45a08dc7b1470c34179b80ce5fd6e8
SHA1

fb91227051be749817773c0a43966f05de66af4f
SHA256

8952219532a57fc5c0e7cf26d17519dc700c642e204f09f0bd4a2806760379c3
SHA512

78f7c590a640d339834bae5b9e7da80fddc5e895b8faa0cfdaf5dadc69d0b7a3c5a68ecac743473ca217cdc216e6c7bbba5bed62942e8b270674c6b0a7047882
SSDEEP

196608:FKj+0bejU+5koK8atWBb0s9frSJdT2gYw8b3KuyEgACMtBvDWNDjxjF0ukk:F++06jU+5kocWVzfmJEwY3vgADBvIjq0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Deushack.exe
- Size
  
  30.1MB
- MD5
  
  c1e69734163765fda325daccd1739a98
- SHA1
  
  3eca28110d3a3066b4b8eb6c4bf3a9db34d5c06c
- SHA256
  
  9ea04c533440e357e0502fb2de65317e40f09d597873ef5eb3066810dee1fa40
- SHA512
  
  d5982364a289023c4dec4ddac283a277048dea73b614287c2a16d3efb462b81f92daa88afc8ac7659b84808af2ecde215323b738beac791839b506a14723c895
- SSDEEP
  
  393216:RQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mgd96l+ZArYsFRlO:R3on1HvSzxAMNdFZArYs2
Score

7^/10

discovery
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  MaterialSkin.dll
- Size
  
  574KB
- MD5
  
  dae45e51f8763bd0369a221480db0ee1
- SHA1
  
  e52bdbd4e13081a014d03bffaec7d3f0969c8822
- SHA256
  
  b9879df15e82c52e9166c71f7b177c57bd4c8289821a65a9d3f5228b3f606b4e
- SHA512
  
  660fc090dafd639c57601290be1783a77fc96729bde628a2fb846f2c0a9c8f504f0984c9f6c4b0c4797d29c224320c8fbda0bb09188a10a3170a9e681d91a977
- SSDEEP
  
  12288:rkkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNWB:rkZX9uWfm2Yysm2YyhZX9uW
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2