f70fbd04ff0c397dbc5d1b407d1972700314a19ae46c36169a616bafb6fb3630 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Playboi Ca...r).mp4

windows7-x64

1

Playboi Ca...r).mp4

windows10-2004-x64

7

Sharing

General

Target

Playboi Carti - ALL RED (Official Visualizer).mp4
Size

49.6MB
Sample

240930-bsq67avcpa
MD5

661ebdd7fcc72f19867e4ff4f72f4c48
SHA1

aa7e42b05ce39ed6d3b183e7aa12ea639f1ba0d5
SHA256

f70fbd04ff0c397dbc5d1b407d1972700314a19ae46c36169a616bafb6fb3630
SHA512

701c229eee038c6b91c1bd3d832cce37ba9c6a2d942aab96cc9c804a990c3478342bea5ed60d65406698661765cea9f3852aef892213c3f0a039a08706caf531
SSDEEP

786432:FgltuZRUg2PJ40ELz/adTltk+/XWVlT/9VDcsmVUys6w2Pw4mhXyqtx9Gskhxh/U:FCEHMT7kbc/7sNN4aCqvOxh/L1S

Score

7^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

Playboi Carti - ALL RED (Official Visualizer).mp4

Resource

win7-20240903-en

windows7-x64

6 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Playboi Carti - ALL RED (Official Visualizer).mp4

Resource

win10v2004-20240802-en

discovery persistence privilege_escalation

windows10-2004-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Playboi Carti - ALL RED (Official Visualizer).mp4
- Size
  
  49.6MB
- MD5
  
  661ebdd7fcc72f19867e4ff4f72f4c48
- SHA1
  
  aa7e42b05ce39ed6d3b183e7aa12ea639f1ba0d5
- SHA256
  
  f70fbd04ff0c397dbc5d1b407d1972700314a19ae46c36169a616bafb6fb3630
- SHA512
  
  701c229eee038c6b91c1bd3d832cce37ba9c6a2d942aab96cc9c804a990c3478342bea5ed60d65406698661765cea9f3852aef892213c3f0a039a08706caf531
- SSDEEP
  
  786432:FgltuZRUg2PJ40ELz/adTltk+/XWVlT/9VDcsmVUys6w2Pw4mhXyqtx9Gskhxh/U:FCEHMT7kbc/7sNN4aCqvOxh/L1S
Score

7^/10

discovery persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy