Overview

overview

8

Static

static

3

SharkHack.exe

windows7-x64

1

SharkHack.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SharkHack.zip

  • Size

    1.7MB

  • Sample

    250129-vjtqhasnap

  • MD5

    6ade40d9d9805a11402501aa354d632f

  • SHA1

    93a4bf8f11770a7091a6dcb4f596a8ef3c2be643

  • SHA256

    d53b6d663d23aacbe6be6e076d7c2f0f8ed0fd3ed65d8321046a1e991d47cef6

  • SHA512

    743d4e7135573273ae5f9e879c6b8591c802df77f561346ebd657aac25f9acbe6f23e2f730d2774c2aa861cdf49f7561b39f99f9227141f7d3517dec6dbc12fb

  • SSDEEP

    49152:3e5o6hkC25br+fwKohO+TtcG5fQC8pZmxQFf8XrPp:u5IC25bcP+RoJFfA

Score
8/10
steamdiscoverypersistencephishing

Malware Config

Targets

    • Target

      SharkHack.exe

    • Size

      3.9MB

    • MD5

      de1829af1a22bbf3e19e47a95429801f

    • SHA1

      42984734b1532e8ebd99da16026ed225d1020b19

    • SHA256

      24de9f578a10c496dbed85d9e01a1bae955f317e93717988e39e9049ce4896c2

    • SHA512

      a6eb8339b52b7bda0a135de7b0030a70be1ac2d1e5b0ec344ef27b73ccfc7a51f79be43882554d816164451097d6d111d1ead1b3e827085de7e8fd68d812a098

    • SSDEEP

      49152:NpCiES6ppkaPArTMPWTVqbDI4BmYN+Jq9KIUg0nbdcYn6EBSOwOWd:NyuDoQ4Bm0i5JBnPWd

    Score
    8/10
    steamdiscoverypersistencephishing

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks