ae28322e0824f19bdab5fd824142a22ea5f4a27d8f695a2ce0bf6b642b55f84e | Triage

Sharing

General

Target

ae28322e0824f19bdab5fd824142a22ea5f4a27d8f695a2ce0bf6b642b55f84eN
Size

402KB
Sample

241012-wpbbsatdjh
MD5

216bb057c08279fd5e6f1d63ebcfc870
SHA1

65b6ae32dde078ab2e3a97ee3a6215b18a707b51
SHA256

ae28322e0824f19bdab5fd824142a22ea5f4a27d8f695a2ce0bf6b642b55f84e
SHA512

0fde16ee45267052f532cf543687a7d1cc7c2ccdaa41f7b5afcf9008129afb69559c03cb23105722e87ae25f3b2394706c9d6e1fde4836e0cea1d5fe386be17a
SSDEEP

12288:4FiHUV3jIBLFlLHFP7rHkunuWPGX9CcEjm:4FiOjwFlzFP3TYQm

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  ae28322e0824f19bdab5fd824142a22ea5f4a27d8f695a2ce0bf6b642b55f84eN
- Size
  
  402KB
- MD5
  
  216bb057c08279fd5e6f1d63ebcfc870
- SHA1
  
  65b6ae32dde078ab2e3a97ee3a6215b18a707b51
- SHA256
  
  ae28322e0824f19bdab5fd824142a22ea5f4a27d8f695a2ce0bf6b642b55f84e
- SHA512
  
  0fde16ee45267052f532cf543687a7d1cc7c2ccdaa41f7b5afcf9008129afb69559c03cb23105722e87ae25f3b2394706c9d6e1fde4836e0cea1d5fe386be17a
- SSDEEP
  
  12288:4FiHUV3jIBLFlLHFP7rHkunuWPGX9CcEjm:4FiOjwFlzFP3TYQm
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  0116a50101c4107a138a588d1e46fca5
- SHA1
  
  b781dce23e828cf2b97306661c7dad250a6aaf77
- SHA256
  
  ab80cf45070d936f0745f5e39b22e6e07ba90aa179b5ec4469ef6e2cb1b9ef6b
- SHA512
  
  55de6aeaad05b01a25828553d3ea9f1b32a8b0c35c42dc6106bed244320e3421ec6a6f5359b15f9d18dd1e9692ca5572b2736d9d48cceb07b9443601d00a5988
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  DomaIQ.exe
- Size
  
  211KB
- MD5
  
  27d5e5a09fa180c3238ed33bc7cf993b
- SHA1
  
  355f72845fcf414001808a8491e8dee3b8863cfb
- SHA256
  
  235602a88f5602010bc33f5b05671bfad3e2599d96273fc2c361357507ad08bc
- SHA512
  
  036a7620212f83663ae0c7498501fdba1609bf68488b735ac30fd986ed6c9017c132d562798e9bbcc911945601ea17d64e00020331ba2ef68cd5251ec40ad04b
- SSDEEP
  
  6144:yX8M6vMCNntOkTsCtIwk3r2G7n58w4yw:dve7n3w
Score

3^/10
behavioral10 behavioral9
- Target
  
  DomaIQ10.exe
- Size
  
  210KB
- MD5
  
  182c1a6ddf2cb503409f040e06756903
- SHA1
  
  8c961dcef71aef8ef9c66fc8fd008ce09aec38bc
- SHA256
  
  b354a74ea0647db730d0b4a25bb9e9db224c7b72c6cef281c147a3c274362039
- SHA512
  
  ef3070233f5c578d7b0bbcf3566e046cdf24ffe792bf1428fc6d800e2fd0057cce9c74213500cfeca55016634275dbc32fec754b8abc527a63133978bc003a01
- SSDEEP
  
  6144:PADXRyd70TFUTNWAHW6eqIyKJVbqNTT6c43w:aMKjLw
Score

3^/10
behavioral11 behavioral12
- Target
  
  config.dll
- Size
  
  32B
- MD5
  
  99c24b9b5ff8e799f63a5cd83c45f22f
- SHA1
  
  27309942f049f86aa35abfe02e5aeb4b98092546
- SHA256
  
  121e0fe7dfcf0b30a94f69e5ce1fe6cacaae06eef5d8c0c1b4d1dbc053bacf74
- SHA512
  
  03700daca72551bb16253c731a7ece05128871baa45b36112b5d46c441e377cb2b26ed6e8f5d549abdf4cd3bb5d8d284ee65ea3ae25cefa1efb477f7a769f387
Score

1^/10
behavioral13 behavioral14
- Target
  
  routes.dll
- Size
  
  253B
- MD5
  
  0e89961cb0d97179cb73d72aae331b97
- SHA1
  
  337e2e5ce46ca83847dc7306ff39b7c38ae98997
- SHA256
  
  bdf9007a6d27ca4c9e28ea947c9eae58d53fd14a3a8d85615a7b471fbcd3ed51
- SHA512
  
  78f59688e38a771e2994feb449296a2a25abb2bb74c2ebf97d4c18ff252eeb01ada28c021aa8867bf746e1e5a56c51243508137e4bfb5d358b3fb61ba623e2bc
Score

1^/10
behavioral15 behavioral16
- Target
  
  setup__120.exe
- Size
  
  149KB
- MD5
  
  85d0375dcdf8e70faf770e9d8a1f743c
- SHA1
  
  2998a69aa56ba2929fa9395d9b0848a0df62c588
- SHA256
  
  7334727bd50f14d6c2c33796e0ad93a99695b4b1c3768d643de3838c482270b4
- SHA512
  
  48556412ae1f467ca04e88e2fb1d032c175cdcef55a5475686e47895e3931d50951ccac40075bd1ab60cad83cf5c42b7497a982ad51970cad12a4720df68fabc
- SSDEEP
  
  3072:a7D93ak3FOvHBmpEhIl7QtjmVydrcgdZWBtTa6ZvTFlynD7IS9ioe:6EvHBoKKVyhcgghZvBl8ASJe
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18