c18e046caa74cde4eafb00a085ca3fc71cca1fa64dadce301f2a4c5e850a7006 | Triage

Sharing

General

Target

Release.zip
Size

320KB
Sample

250331-stsj3ssxcz
MD5

74e89e8a5c550e8a59ad4d25c30cf6f3
SHA1

4c16a8972a7bb6f2047617f9ae2018e85aa43707
SHA256

c18e046caa74cde4eafb00a085ca3fc71cca1fa64dadce301f2a4c5e850a7006
SHA512

2f932b97be913f9c39b07abbe224d0754c61e2cba1858a091928943480b00481af662fadb82dd394c27665fd025388bf0c826e116ca2ce5b1dd400bb7bbff87f
SSDEEP

6144:h0OgsIiaJeGH8P9sFUD0Mc2DNFGyZSDwinas2E7MZZl/rPn5wuG4+65jMH4B:prokGAR4iHCtaa4vrT7fN

Score

6^/10

discovery execution persistence privilege_escalation

Malware Config

Targets

- Target
  
  Release.zip
- Size
  
  320KB
- MD5
  
  74e89e8a5c550e8a59ad4d25c30cf6f3
- SHA1
  
  4c16a8972a7bb6f2047617f9ae2018e85aa43707
- SHA256
  
  c18e046caa74cde4eafb00a085ca3fc71cca1fa64dadce301f2a4c5e850a7006
- SHA512
  
  2f932b97be913f9c39b07abbe224d0754c61e2cba1858a091928943480b00481af662fadb82dd394c27665fd025388bf0c826e116ca2ce5b1dd400bb7bbff87f
- SSDEEP
  
  6144:h0OgsIiaJeGH8P9sFUD0Mc2DNFGyZSDwinas2E7MZZl/rPn5wuG4+65jMH4B:prokGAR4iHCtaa4vrT7fN
Score

1^/10
behavioral1
- Target
  
  Fingerprint.ps1
- Size
  
  830B
- MD5
  
  682818c78d15343af03386b20f30b97d
- SHA1
  
  28b8a4d89e3099cce2f3018d256a205aae247f31
- SHA256
  
  cb5330658cea3d09748596d959b48370a40d6c89b48052f1402316c3c997ca9d
- SHA512
  
  74479cc49787281d8ba063c15292b98d85ce722663bfaa7c80e55faa39d374cbafe31d2a1c97d6c0b28d8234dfee9e19a512d20de60ebb051ea025fae360f446
Score

3^/10

execution
behavioral2
- Target
  
  TITAN Spoofer.exe
- Size
  
  753KB
- MD5
  
  aa088716be4170c4b9b1bab7dbaae40d
- SHA1
  
  28f4242dd702feb68189f19f11917cc034ca5b4e
- SHA256
  
  78d8fd6dabbdfe8a2cf86bafcbcd3957fed7b45e5c3b74943443ea4b6f4cdfc8
- SHA512
  
  0ea26f50558e36347ffe16d2e4391cac90cf32c8d568dd9c6d69aaf6b0c86b04e10b0a38f35268d60a207dc428d9d59d6adc96974d7b86b4a83b5008885d451a
- SSDEEP
  
  12288:kTyXmyzxcv/heevzIe5mLDdP9wBgoEJ0GkZVoP+T41jBM2NQn+:fXmyOvZeeb35mLJ1w
Score

6^/10

discovery persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral3
- Target
  
  TITAN.dll
- Size
  
  208KB
- MD5
  
  43d4bfeb27e96b185987235f6faeea8d
- SHA1
  
  5c99c01458168f82eb6eacd9eedc752d2ba2e6fa
- SHA256
  
  81ba98d3a205cf0ea1b567bcb57fe5bf88d2748a291e87806e400f26acfbc9bd
- SHA512
  
  f754a345082589576a2e1a71b974bbcbc72ebff3e985f1866297292b854a6761dba47a6e851ff246412df71dcbfd7ddd7aa8a9c40f3758980af3048536745dad
- SSDEEP
  
  3072:LsV7jTFY/pYRfY4gT3zDu0PRpXaKEtTv1cDTkPC+K3u7p0:LsV3TFY/pYe443XtPXOTNCwPCv3u7p0
Score

1^/10
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

discoverypersistenceprivilege_escalation

behavioral4