064d9d0f246fd45d622363c453199557a66a3c51b26fd7ae3b00f4717966cda8 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

omega.exe

windows7-x64

8

omega.exe

windows10-2004-x64

1

omega.exe

ubuntu-18.04-amd64

omega.exe

debian-9-armhf

omega.exe

debian-9-mips

omega.exe

debian-9-mipsel

Sharing

General

Target

omega.exe
Size

61KB
Sample

240702-ntcreavbql
MD5

2bc763ee4dd00825e9c0cf0e32152f44
SHA1

c287009dd95b1c5fb69bea287f4a29bb05bfe0cf
SHA256

064d9d0f246fd45d622363c453199557a66a3c51b26fd7ae3b00f4717966cda8
SHA512

a15de5cbc6028a864fcb6917840790a6b6b639a43afee24face4d76ecc0c8d372c287253b33711b40341ed3905895189117ac971ef58d49e0f8094d61d1b144c
SSDEEP

384:NDy+MDAnWCRJTHeTqyQElisrmI0o9PRhYEZY+eUfE5q6TXtowrBEAaVyXM4fBXb8:7MDQHyQ07oBg6rtbBE3VyXNBL83PV9

Score

8^/10

discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

omega.exe

Resource

win7-20240221-en

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

omega.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

omega.exe

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

omega.exe

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

omega.exe

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

omega.exe

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  omega.exe
- Size
  
  61KB
- MD5
  
  2bc763ee4dd00825e9c0cf0e32152f44
- SHA1
  
  c287009dd95b1c5fb69bea287f4a29bb05bfe0cf
- SHA256
  
  064d9d0f246fd45d622363c453199557a66a3c51b26fd7ae3b00f4717966cda8
- SHA512
  
  a15de5cbc6028a864fcb6917840790a6b6b639a43afee24face4d76ecc0c8d372c287253b33711b40341ed3905895189117ac971ef58d49e0f8094d61d1b144c
- SSDEEP
  
  384:NDy+MDAnWCRJTHeTqyQElisrmI0o9PRhYEZY+eUfE5q6TXtowrBEAaVyXM4fBXb8:7MDQHyQ07oBg6rtbBE3VyXNBL83PV9
Score

8^/10

discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5 behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2024

Terms | Privacy