b0ebec322ce578522d3187e902c962968e9af4805f0d3eefae549f99a9c7d391 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Tone2_KeyGen.exe
Size

541KB
Sample

241001-e6f5xsvdmf
MD5

23b8db6e59d1b5742d662c2e9aadf960
SHA1

c23959e602c0c5091a869d58f0e559e57482e233
SHA256

b0ebec322ce578522d3187e902c962968e9af4805f0d3eefae549f99a9c7d391
SHA512

a9ef60ed4393b410b665454371918aeb5f66d82a9444a301668e03c9d093ae29876d89e0818473c2e157ec6d61f8183c7b72f57f853e5de1896735ad15fc746e
SSDEEP

12288:XYkc9t2Sll/T/ohkU3xg63nsGDxIVhxdKxoSZvj:XYkcL5T/50nSxor

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Tone2_KeyGen.exe
- Size
  
  541KB
- MD5
  
  23b8db6e59d1b5742d662c2e9aadf960
- SHA1
  
  c23959e602c0c5091a869d58f0e559e57482e233
- SHA256
  
  b0ebec322ce578522d3187e902c962968e9af4805f0d3eefae549f99a9c7d391
- SHA512
  
  a9ef60ed4393b410b665454371918aeb5f66d82a9444a301668e03c9d093ae29876d89e0818473c2e157ec6d61f8183c7b72f57f853e5de1896735ad15fc746e
- SSDEEP
  
  12288:XYkc9t2Sll/T/ohkU3xg63nsGDxIVhxdKxoSZvj:XYkcL5T/50nSxor
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $TEMP/BASSMOD.dll
- Size
  
  33KB
- MD5
  
  e4ec57e8508c5c4040383ebe6d367928
- SHA1
  
  b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
- SHA256
  
  8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
- SHA512
  
  77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822
- SSDEEP
  
  768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMP/R2RGLD2KG.dll
- Size
  
  5KB
- MD5
  
  501ae6ccc10518430bd0d6e1ccea179f
- SHA1
  
  ed72512d15bdf16b0fce37235843cf6eae576743
- SHA256
  
  fa1b6a3dfb396a6f2925f2f8d5d89885c5cbb7e9108d04158262d9af25dcd71b
- SHA512
  
  735e972b9aa6e28f669192eaf8c4281ee76453fd17accd9be48c145e4bdb63231adfc6a8c489c7dd4e1e925d034177e986a6a25630987ad95714e74d6c2776e7
- SSDEEP
  
  48:iVhqxMNE2CPj4GDuXnVbwFTENgFOmrDX0Y0tIypFWPvyXsfn8UnkphVhwPcrX1CT:W/e2Cr4jbSG+0Ht1pFWXf8eAla
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $TEMP/keygen.exe
- Size
  
  492KB
- MD5
  
  15f2d430bc32b3e4d95f2d915f9f7d83
- SHA1
  
  f60f5a8f968f1b36d689aabeaff62d43f205d614
- SHA256
  
  a2204caa5d2f178a68ab0a803af9df1145c19ee66dccc72282e048482dbff7fa
- SHA512
  
  42dfebe4ea7016e862681db2f4231846dabe5c891eaa604ef1e32606c6014a9b7f14b5adb816b6283c85e0a26d3ec06be74c9110a27e5ff8b6f1a9826c57dfc4
- SSDEEP
  
  6144:pcmzikEPDonRgNgz1+hw6hNgPfHv9PAimIAOoEFz3pf47oZHGFnRQNCg5Z3E1TUA:pc/kEPDonR6Y436vRLFnCktEdUQd
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8