Overview

overview

7

Static

static

1

TabularEdi...t8.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TabularEditor.3.Installer.x64.Net8.exe

  • Size

    41.8MB

  • Sample

    250218-kyqmaayrbj

  • MD5

    0a88da9b22e7b130313c6c828890a047

  • SHA1

    1ebafbb93872f0f2558162bcd2fbbb1703b666d2

  • SHA256

    8f5b7c34e176ec2a62b2e5a9de661dfc8b10fc2590bbbfab14ec9d06b147a0ac

  • SHA512

    2a0aa27a982edba4d1338e6e86fdcb6500ffdaafc541ab9717a82ccf015668f99f51ae9deb4d6d1c7a5295238ea1cd36d52f3b13aad97b48bb6c2db778dff0e6

  • SSDEEP

    786432:OJ1HSHwSmCW54uN7+qhF/A5rXtSXv6RjjOSjX6EmFOTpezsiFroGm57IyBl:OJ1HSHwSmdp+cY5rXtSX6jjOSjXxmFfa

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      TabularEditor.3.Installer.x64.Net8.exe

    • Size

      41.8MB

    • MD5

      0a88da9b22e7b130313c6c828890a047

    • SHA1

      1ebafbb93872f0f2558162bcd2fbbb1703b666d2

    • SHA256

      8f5b7c34e176ec2a62b2e5a9de661dfc8b10fc2590bbbfab14ec9d06b147a0ac

    • SHA512

      2a0aa27a982edba4d1338e6e86fdcb6500ffdaafc541ab9717a82ccf015668f99f51ae9deb4d6d1c7a5295238ea1cd36d52f3b13aad97b48bb6c2db778dff0e6

    • SSDEEP

      786432:OJ1HSHwSmCW54uN7+qhF/A5rXtSXv6RjjOSjX6EmFOTpezsiFroGm57IyBl:OJ1HSHwSmdp+cY5rXtSX6jjOSjXxmFfa

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks