Overview

overview

7

Static

static

3

My Program/Afdbr.ico

windows10-2004-x64

3

My Program/Afdbr.ico

windows11-21h2-x64

3

My Program...cy.exe

windows10-2004-x64

1

My Program...cy.exe

windows11-21h2-x64

1

My Program...AR.exe

windows10-2004-x64

5

My Program...AR.exe

windows11-21h2-x64

6

My Program...00.exe

windows10-2004-x64

7

My Program...00.exe

windows11-21h2-x64

7

Resubmissions

02-12-2024 18:47

241202-xe9x2asqan 7

02-12-2024 18:43

241202-xc8l7aspbq 5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rocketlegacy.zip

  • Size

    9.9MB

  • Sample

    241202-xe9x2asqan

  • MD5

    6606e132f968e8716170f5488d179bf5

  • SHA1

    600bf30ab4493304e30a15a0cd38cc34291b380f

  • SHA256

    9371a656feffb9e8e4fe70ce3fa01352af3035b5afaddbe4332442fc1dbb8ff0

  • SHA512

    d0294c4b5d0848df0ca7ec16a2cb8f126395ff165ef56ea7f2baaeb397f5874add7977356cd7a9de270f316a2c2a1bdc2d1a48f64d1b08b6f7f53f5a4027da7e

  • SSDEEP

    196608:z60MEYvVQEpDLOfnfjB8ySXQu+ZNcwi5CKM6iDf6PoG9QZ7j:5OLpPOf7QAu4cMKM6iT6Pz98j

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      My Program/Afdbr.ico

    • Size

      58KB

    • MD5

      c3e792e2a4a47b43442da2247f2bfd6b

    • SHA1

      5892ab4c46ccbda17ac87d5a02c4139547ffb883

    • SHA256

      e841606c74f0b7215e97a094b4499bcdeffd6b585260bbc14e4338f6997476e3

    • SHA512

      dccb1532464938f0eefa584b32bdac5a1e798ebf3ba16ab4d310a1ff88da656f06edccc991cd5d8b8595eb7c600bc206b98d4fc621910785711d5a329c2c202f

    • SSDEEP

      384:jG/1I2nf0vipJ9CRJepGiDG2KhAl+MWuTs05YsvblVQrRGycOozd4mgQj:jG9BMaH9CRJeH1sAcluN5pDmM+mXj

    Score
    3/10
    behavioral1behavioral2

    • Target

      My Program/RockerLegacy.exe

    • Size

      3.8MB

    • MD5

      46c17c999744470b689331f41eab7df1

    • SHA1

      b8a63127df6a87d333061c622220d6d70ed80f7c

    • SHA256

      c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a

    • SHA512

      4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6

    • SSDEEP

      98304:6NRBOBfKgQIm9EOTqw8vjh9Ac9nUNupK4hVvcF+yHrAr:sR/gmeOqv7Ac9F0kB

    Score
    1/10
    behavioral3behavioral4

    • Target

      My Program/RockerLegacy/WinRAR.exe

    • Size

      3.1MB

    • MD5

      53cf9bacc49c034e9e947d75ffab9224

    • SHA1

      7db940c68d5d351e4948f26425cd9aee09b49b3f

    • SHA256

      3b214fd9774c6d96332e50a501c5e467671b8b504070bbb17e497083b7e282c3

    • SHA512

      44c9154b1fdbcf27ab7faee6be5b563a18b2baead3e68b3ea788c6c76cf582f52f3f87bd447a4f6e25ec7d4690761332211659d754fb4e0630c22a372e470bda

    • SSDEEP

      49152:olh7WxDi+U/pcCz7PZTZlzdOZlUkJLF1Uac+3+fESa6HYlGBzNwui0hBdH3XK:oMgZeD+hBBquTBpnK

    Score
    6/10
    persistenceprivilege_escalationdiscovery

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral5behavioral6

    • Target

      My Program/unins000.exe

    • Size

      3.2MB

    • MD5

      aff219649afa568ae2a283fe31b403f4

    • SHA1

      44b4e832270c613d565f64a5a55487e58c7d8160

    • SHA256

      528dd55855335341bb396c2ee75a8b41e6896c96578055d051d0301673f3907a

    • SHA512

      1ac746eec2033f46ae6fd05b5c9c1812bae76dd9de23a5428ee1ba37c894be2e7c2353ac7bcea185546c29a8d6d9c9be2cc192dbe4f3b5c503dc7b6f05cf3028

    • SSDEEP

      49152:qdJYVM+9JtzZWnoS2VC23aun8+f5KuG2OY9IG9ivyv2cLx1RQ93336j:8JYVM+LtVt3P/KuG2ONG9iqLRQ9333q

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks