cb863074fab6f6c85b2c413a3139cd847c5c5ed55ba468aab262b0153aa53463 | Triage

Sharing

General

Target

CrosshairX-SteamRIP.com.rar
Size

180.4MB
Sample

241119-w31htszhlq
MD5

ad9641e6ec9d58436e67a52793a90dc1
SHA1

c1bedb9938b5207a0f491088f760cb0ecf57a8d6
SHA256

cb863074fab6f6c85b2c413a3139cd847c5c5ed55ba468aab262b0153aa53463
SHA512

791f6f6b04f481b2b73ec6236ead87def5c17923676d708f099eb699290b3b27d7c742c0c107b5ffb47484ac0dddeae2724fad85b1ee7d4287707ac763c94326
SSDEEP

3145728:ztdoUbuPhv7rSnrr+zEnmBTa6SjNy5fb4s1yqCHxeVqvlvm7PyJgbNw+LtbINmv:YPRnSnrwEmBGjNy5fbqxet7PpfLtssv

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  CrosshairX-SteamRIP.com.rar
- Size
  
  180.4MB
- MD5
  
  ad9641e6ec9d58436e67a52793a90dc1
- SHA1
  
  c1bedb9938b5207a0f491088f760cb0ecf57a8d6
- SHA256
  
  cb863074fab6f6c85b2c413a3139cd847c5c5ed55ba468aab262b0153aa53463
- SHA512
  
  791f6f6b04f481b2b73ec6236ead87def5c17923676d708f099eb699290b3b27d7c742c0c107b5ffb47484ac0dddeae2724fad85b1ee7d4287707ac763c94326
- SSDEEP
  
  3145728:ztdoUbuPhv7rSnrr+zEnmBTa6SjNy5fb4s1yqCHxeVqvlvm7PyJgbNw+LtbINmv:YPRnSnrwEmBGjNy5fbqxet7PpfLtssv
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1