39599008089755aa7cccb534b2c94ccb537f266018bb67ae3ed4b9f51c0a40b9 | Triage

Sharing

General

Target

itunes.bin
Size

5.6MB
Sample

200802-wx69d8j37e
MD5

6aa36f386a3e645f67cd6945374b8ea8
SHA1

17f6d3dedfd6afe56135d3a2e7ae3a7d120151ca
SHA256

39599008089755aa7cccb534b2c94ccb537f266018bb67ae3ed4b9f51c0a40b9
SHA512

87f59bb1a8d6887fa967d811e2db70c2bfb9bf9673347c6bada2d03f1e3371fbe05e7853a063a90df71627f9ea803d83c71c89b88859199f5a28e2c05e38d706

Score

8^/10

Malware Config

Targets

- Target
  
  itunes.bin
- Size
  
  5.6MB
- MD5
  
  6aa36f386a3e645f67cd6945374b8ea8
- SHA1
  
  17f6d3dedfd6afe56135d3a2e7ae3a7d120151ca
- SHA256
  
  39599008089755aa7cccb534b2c94ccb537f266018bb67ae3ed4b9f51c0a40b9
- SHA512
  
  87f59bb1a8d6887fa967d811e2db70c2bfb9bf9673347c6bada2d03f1e3371fbe05e7853a063a90df71627f9ea803d83c71c89b88859199f5a28e2c05e38d706
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Enumerates connected drives
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2