0f22ef6939d498d1bb66d999204f99dd15574f4116cd8825d0e821f75390f0a2 | Triage

Sharing

General

Target

user.tar
Size

16KB
Sample

250106-tfn56ssqep
MD5

45bc1b86894077e7bb8ff4ea4378e176
SHA1

de89cd5ef7a622203316bbcc77a81e4f3bbc9602
SHA256

0f22ef6939d498d1bb66d999204f99dd15574f4116cd8825d0e821f75390f0a2
SHA512

779fb66af6c124f9891a29dc90fccc345f2db5d4aa9a0cbbbc895c9ecfb3b7f6b6bd9e93968448388b2cdeb1564fdde7b9f9ebd97e6d77e8b924717d88d9b607
SSDEEP

24:SMNpUMFY7+UgGACNqmACk2ggPGjL1zLMvRsO:SIpU9vgXCNmCkTgPRv

Score

8^/10

steam discovery phishing

Malware Config

Targets

- Target
  
  user.tar
- Size
  
  16KB
- MD5
  
  45bc1b86894077e7bb8ff4ea4378e176
- SHA1
  
  de89cd5ef7a622203316bbcc77a81e4f3bbc9602
- SHA256
  
  0f22ef6939d498d1bb66d999204f99dd15574f4116cd8825d0e821f75390f0a2
- SHA512
  
  779fb66af6c124f9891a29dc90fccc345f2db5d4aa9a0cbbbc895c9ecfb3b7f6b6bd9e93968448388b2cdeb1564fdde7b9f9ebd97e6d77e8b924717d88d9b607
- SSDEEP
  
  24:SMNpUMFY7+UgGACNqmACk2ggPGjL1zLMvRsO:SIpU9vgXCNmCkTgPRv
Score

8^/10

steam discovery phishing
- Downloads MZ/PE file
- Detected potential entity reuse from brand STEAM.
  phishing steam
behavioral1
- Target
  
  home/user/.config/weston.ini
- Size
  
  1KB
- MD5
  
  c5fe807b7cac1ef36c6e72409d13c6c0
- SHA1
  
  633a1d061a33eb3671fde5d1e2f3abe60f29f257
- SHA256
  
  0ff9a6d6bcf2092571224390e59a97b5ba21ea739736043209b16ebf816510f5
- SHA512
  
  709d6c24c7cb4e81edc0217fa8f98105fbaa3c628e9219cd372c0ba1ae0f97651e6b6e8c81186851cfb07bcd7d8b20f6d03395e3b4931574e42f5bf1d8eb033b
Score

1^/10
behavioral2
- Target
  
  home/user/.gitconfig
- Size
  
  52B
- MD5
  
  469aa816010c9c8639a9176f625189af
- SHA1
  
  2f1050adf64f33298ff0ce423eb86d4728441b21
- SHA256
  
  7955cb2de90dd9efc6df9fdbf5f5d10c114f4135a9a6b52db1003be749e32f7a
- SHA512
  
  c331a2a21695186c1ebd2c9facdc5fa856bedc757a50936b72577e76147373747d26bacfce0e165f089e182cc227ada737a0b42e51d9bdec16fb5f8ca795b091
Score

3^/10
behavioral3
- Target
  
  home/user/.mikmodrc
- Size
  
  8KB
- MD5
  
  6b1a94a9d4f6027f545f368fe4bbbab8
- SHA1
  
  f1cfffbe11d3b79620f870d4b3c23c88fed96fff
- SHA256
  
  e19bdbae6c0451996d643db9830f08f8fa690c4d56a9f070e87e8fb461fd39a9
- SHA512
  
  c4fed08f7869c1e629addeeb6d74676cdff7df6b5245c8c23e84e5e2d6d3cd53d7cf4898576f452f2e8f2c83cb4e897c7e7ad81b476838de9f9af3cda3a1f7d3
- SSDEEP
  
  3::
Score

3^/10
behavioral4
- Target
  
  home/user/.profile
- Size
  
  524B
- MD5
  
  3e8b4cc7cea7674370239b609471236f
- SHA1
  
  49e9fa65b4617fbc17f4fbf2adf8e21358194f50
- SHA256
  
  2af880f7a1daa0786c8d070da4c41844e38db4b18abce9b0f23008cc0b12c428
- SHA512
  
  579e97979c9443b655029d5db787a68a6a23f072f0bc951afb2dc3fa74327a25ddcbca08842e990f8183327b488b243931b44b8a5b4c1b891fcc825bcdd5a6f2
Score

3^/10
behavioral5
- Target
  
  home/user/.scummvmrc
- Size
  
  312B
- MD5
  
  8b12b848f1cc13d4eb4c4cb4e59dfd46
- SHA1
  
  4a979f82080face1bb915884c0d8873553e95108
- SHA256
  
  6287e17fe5efcb191aec8a2578e685d0a1040a0ab53bd1f02c7f49cc6c8fced7
- SHA512
  
  468e0f3a43de5ce2ae9eb7b942b632097417c404e97020c0b04a187a25074e26f387d86d20fa99745ecb54e8196c3b54d6188cde92a7b286ba4446d880b8ba98
Score

3^/10
behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

steamdiscoveryphishing

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6