2aadd362cc57f8de2cd44508a018bfa5fc8b32a111b839c23a1391ba04242c7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tria.zip
Size

68KB
Sample

241014-nat7caydjq
MD5

86536133a2f8d72613fcd56980175dd3
SHA1

dc944c82892faa2f986b3f899e110ec9f8d9b15d
SHA256

2aadd362cc57f8de2cd44508a018bfa5fc8b32a111b839c23a1391ba04242c7b
SHA512

f7ec79e02cc434051fa9e0d76ebdc00850c71738532610127606f87c6d4d2ab801802559f82838e8a0af6bb46657df48d7d49cf43abd6ad7e05cf19dc3d93548
SSDEEP

1536:mOaS/6qyeZ0WOrdySklNWXostdFd1GwgxsTkQdm:mOZ/LXeGWbFjGfqIQc

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  Opt1cal/opticall.deps.json
- Size
  
  416B
- MD5
  
  ce578fcc17fd21415e00685568c92f52
- SHA1
  
  3a95d99011a8590c9abfd4a160c43f49b7e1a9f4
- SHA256
  
  a8c81695b0eb97b6dc364d59524cef449bb331e64eca97dfd9425c862a154549
- SHA512
  
  5633c741bd0c2de24d087e452f30c49486745f752569fb20e8834c6faaf608d20c53ba01f061c91265e4e55cdc668c50c250cf80353b5e40b4fc7f57aa46df07
Score

3^/10

discovery
behavioral1
- Target
  
  Opt1cal/opticall.dll
- Size
  
  11KB
- MD5
  
  78baf231a3d85d091102602b8f1aae93
- SHA1
  
  166c61522a0a4e49326ed6de1ba0cd9275666c43
- SHA256
  
  36c8d43b5ea3369a8f20c1cb3fa700fd67e23f0f755d6b5fc16033f90b894360
- SHA512
  
  17f3a1cf62be690d50e89a90f4683f64c357aa46a70f020f711a947c34a02b7f1fafbf35d5ef792c6587e2c7f0e7ec50c0e860541c793f031f97e4ffa70f6d72
- SSDEEP
  
  192:FnLmD5j1NtUBeF9D+2snV9f65PBZ9k5sEJ5G6LSP:FLmD5j1NtUBeHOf65PBr7gS
Score

1^/10
behavioral2
- Target
  
  Opt1cal/opticall.exe
- Size
  
  135KB
- MD5
  
  a4d5b6e62c6680258975955d62f22934
- SHA1
  
  dec6491fa13f244c4d72fb72a9bd511fd7984fc3
- SHA256
  
  bbd6c1bd5eac67e9d5d210ec4e2f686336c43bc4176b491b80e3fb692c21572a
- SHA512
  
  6997b90015a032859a643323503c3d77404569e4f8153fea3e9f2f95d8ff40e69d605849f36996381acadc91651a1e299ea7f9ce7723cdabdbe5df28362856c4
- SSDEEP
  
  3072:WjK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfOKhBuH:WjK4TDUqgpqWDLZ5H+xuZ04thA
Score

7^/10

execution
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral3
- Target
  
  Opt1cal/opticall.runtimeconfig.json
- Size
  
  268B
- MD5
  
  9fcdf880f73e74cf6347f8194b9f3509
- SHA1
  
  ab571c7ed4920129c89c7e083f3c9f22597198bc
- SHA256
  
  162d81f468bec570ec15e527433f4de5d5729ffe338ab79b22671f38760d34bd
- SHA512
  
  23ea2a78914aeec443bded1e6dddb1fce61f0445c53e0428e97353dcc25e9ee80a98603069de336d57c1d12b00eb14ad59847137387df330a3925bd763f4fde1
Score

3^/10
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4