c183a223158f94047bb5e6e332ee7b3af74516d8d3c9831c6c6efa75843995e1 | Triage

Resubmissions

05-02-2025 22:11

250205-134ygawmaj 10

04-02-2025 03:17

250204-dtf4qavlgj 7

Sharing

General

Target

paint.net.5.1.2.install.anycpu.web.exe
Size

1.2MB
Sample

250204-dtf4qavlgj
MD5

9605c02b8bb135e3ffa6a20d7aa8b9e6
SHA1

435fcf847cc70da75f0a9e2fac07567b6871a02e
SHA256

c183a223158f94047bb5e6e332ee7b3af74516d8d3c9831c6c6efa75843995e1
SHA512

a75c3267d7d5fb77c6b4fd3acf401478ea1c70e9cd6c6df76bb5d7c20de43508545668ed0c704576deebe9abcaebbb9c2fdc5de860600688519729ddc55bda72
SSDEEP

24576:RQ0VuvoyQOLhTaEaweB7qJJT6F18o83b39VqeL:RQ0VYDfhTwOJTSW3Z9

Score

7^/10

Malware Config

Targets

- Target
  
  paint.net.5.1.2.install.anycpu.web.exe
- Size
  
  1.2MB
- MD5
  
  9605c02b8bb135e3ffa6a20d7aa8b9e6
- SHA1
  
  435fcf847cc70da75f0a9e2fac07567b6871a02e
- SHA256
  
  c183a223158f94047bb5e6e332ee7b3af74516d8d3c9831c6c6efa75843995e1
- SHA512
  
  a75c3267d7d5fb77c6b4fd3acf401478ea1c70e9cd6c6df76bb5d7c20de43508545668ed0c704576deebe9abcaebbb9c2fdc5de860600688519729ddc55bda72
- SSDEEP
  
  24576:RQ0VuvoyQOLhTaEaweB7qJJT6F18o83b39VqeL:RQ0VYDfhTwOJTSW3Z9
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1