Overview

overview

10

Static

static

8

10c410851b...78.exe

windows7_x64

1

10c410851b...78.exe

windows10_x64

1

Bat-To-Exe...er-x64

linux_amd64

Bat-To-Exe...er-x64

linux_mipsel

Bat-To-Exe...er-x64

linux_mips

Bat-To-Exe...er-x86

linux_amd64

Bat-To-Exe...er-x86

linux_mipsel

Bat-To-Exe...er-x86

linux_mips

Bat-To-Exe...er.dmg

macos_amd64

1

Bat-To-Exe...64.exe

windows7_x64

3

Bat-To-Exe...64.exe

windows10_x64

1

Bat-To-Exe...86.exe

windows7_x64

3

Bat-To-Exe...86.exe

windows10_x64

1

25ac59efdf...c7.exe

windows7_x64

10

25ac59efdf...c7.exe

windows10_x64

8

3523671dc7...2a.exe

windows7_x64

8

3523671dc7...2a.exe

windows10_x64

8

4a32ef4d91...8a.exe

windows7_x64

8

4a32ef4d91...8a.exe

windows10_x64

8

6f081f8143...3b.exe

windows7_x64

8

6f081f8143...3b.exe

windows10_x64

8

79b2065107...61.exe

windows7_x64

8

79b2065107...61.exe

windows10_x64

8

baa54f7d1e...d8.exe

windows7_x64

8

baa54f7d1e...d8.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5618552104189952.zip

  • Size

    11.8MB

  • Sample

    211025-j7n95sggep

  • MD5

    d8544d4dfbc3915aa9649cee78e3f766

  • SHA1

    07be1c6ea2b0e7145edd911911ec6cc053de0ec2

  • SHA256

    aabe7544db1fafb380e21cc2d80c09b06c8d6b153d9badedeb5622add0d1cd97

  • SHA512

    8f420b1b29fb2708f2c2c598877b55f853d2fba9a30b77318c624ede188771c9e4a0be03cc0cabed93d6ecc8f1d17c3ae9a2cb102b84830bdb828b7644e111c7

Score
10/10
linuxmacospyinstallersuricataupx

Malware Config

Targets

    • Target

      10c410851b47490eea158797046a2be886dbf7f7da4f47a7fa4e8081af6f2f78

    • Size

      116KB

    • MD5

      9827b55d3943fc7e2afc7e83c4cbb29f

    • SHA1

      1748cb84b91b1cdf9421ffe392ba506aaf8e0ea2

    • SHA256

      10c410851b47490eea158797046a2be886dbf7f7da4f47a7fa4e8081af6f2f78

    • SHA512

      6a5448b443905a36d8334a46c9708b8ab3c9cfaf12b7e88126135affde7ebdd82d0f948c4328c386589489ba4adf3560dfb373c9b00176bd1f4d8010bf821851

    Score
    1/10
    behavioral1behavioral2

    • Target

      Bat-To-Exe-Converter-Downloader-master/Linux/downloader-x64

    • Size

      52KB

    • MD5

      5a3ca18a7c1d6d449d203d6b171237f1

    • SHA1

      840d3ceae42550baf0a975a29f7e620786d7db3e

    • SHA256

      50c4662159bc18f59f9c800cca3080f2968fe92a2588af7dcfdb522b1cbbf8fd

    • SHA512

      cb26fcd6d0ef6c4f270ab5d6117557a5a08cba86101ceb5fcaf47fe616bc6812cadef5151c3283882698d4d9396e358d38b9d8b276b394cc9400f8a22b626e95

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      Bat-To-Exe-Converter-Downloader-master/Linux/downloader-x86

    • Size

      52KB

    • MD5

      3a81a5a3bac88998a065a7b7cbe03ed6

    • SHA1

      eb1b536b12a6f806971b82b8775fb0fee9b77307

    • SHA256

      a281ff46491c6519b63ab52b149f73d094256c8dcdd488bfd2819bf90894ba22

    • SHA512

      fba32221fc9dc404069abdacb01e28235f53089154e3e3ccff6c9ca86e7e1b25ce6337fd5e75610ff4aeade386590bd78ddda8c8de3f2f888c7043634a96b37b

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      Bat-To-Exe-Converter-Downloader-master/Mac OS/downloader.dmg

    • Size

      484KB

    • MD5

      47617a9acaf378a0b38e90e41fea9d8f

    • SHA1

      deec0a301fbe578e465e692b2f48f7838f6a5b3e

    • SHA256

      fff6af5a98a184276bf609a8a371b605c681fce5507e96089eaa8fb010b22614

    • SHA512

      ccf286336910067f6c9b6a6ec5157b411030ada871c3c297486759914fa655b85719e1724ff2c93eaf87df275fd1d81cd369276316c925930342104f39280974

    Score
    1/10
    behavioral9

    • Target

      Bat-To-Exe-Converter-Downloader-master/Windows/downloader-x64.exe

    • Size

      144KB

    • MD5

      3fb68cba82af1b38920517e571f63615

    • SHA1

      2abc67be4363069e8aeab8f48be983c13254585e

    • SHA256

      a70d406ec7e67dbd65f97c6b109583071e09b81f1ef9ef97e2a1c21a00801207

    • SHA512

      b0d884439ff916297ccbbeb7ddf892fbbe242e853193bd7f857988d8e5ae6dc0156ffe6a8771ac0b90e40c9403191ca5f8179802a4104dfc2635ebd58ebef4cb

    Score
    3/10
    behavioral10behavioral11

    • Target

      Bat-To-Exe-Converter-Downloader-master/Windows/downloader-x86.exe

    • Size

      116KB

    • MD5

      9827b55d3943fc7e2afc7e83c4cbb29f

    • SHA1

      1748cb84b91b1cdf9421ffe392ba506aaf8e0ea2

    • SHA256

      10c410851b47490eea158797046a2be886dbf7f7da4f47a7fa4e8081af6f2f78

    • SHA512

      6a5448b443905a36d8334a46c9708b8ab3c9cfaf12b7e88126135affde7ebdd82d0f948c4328c386589489ba4adf3560dfb373c9b00176bd1f4d8010bf821851

    Score
    3/10
    behavioral12behavioral13

    • Target

      25ac59efdfd4db2857bd58ebb437dfe9c5d55edfbbbadaaaf27b0f631d3325c7

    • Size

      2.3MB

    • MD5

      102a230cc900e7fc9f1a58be6f976cb3

    • SHA1

      8e3facc711322eb7ebaa16e5c2e92696f1fc1ce8

    • SHA256

      25ac59efdfd4db2857bd58ebb437dfe9c5d55edfbbbadaaaf27b0f631d3325c7

    • SHA512

      925003fe0f6ff00824f42b00a26edf9805691037e09a212a6b5bf3a0e44a1072d457a1aa1fe19500a074fe92c46e08d86c985287af838492a6d1d2210928f0cf

    Score
    10/10
    pyinstallersuricata

    • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral14behavioral15

    • Target

      3523671dc78bc32e8caf574110eb09023588eb0a9edb91eb7f6afc7c762d332a

    • Size

      425KB

    • MD5

      c50f9125f9bb1a4e5a93e23b577ff25c

    • SHA1

      fa129772bf1201dac210fb1f54dbf949a02e4afd

    • SHA256

      3523671dc78bc32e8caf574110eb09023588eb0a9edb91eb7f6afc7c762d332a

    • SHA512

      2b6419057f66d4231acb25395596e36c3ebb1ba42e7bf7e723867dd9cdb4087bb3316ad2f35c9bcb2f3ac4b29197d516b88b7ead9b5cd062ab6afed9989c2ba1

    Score
    8/10

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral16behavioral17

    • Target

      4a32ef4d911a823aaeac64664a8f9e28890bbd20da689580802e23d571d0f68a

    • Size

      362KB

    • MD5

      d410cd964d3976d87860acc4f35a01c8

    • SHA1

      8bd1bced5b6abc8e6802f1ddee328898d7dbdf65

    • SHA256

      4a32ef4d911a823aaeac64664a8f9e28890bbd20da689580802e23d571d0f68a

    • SHA512

      394740c4ab964d3d6b667c54a54c8ae4411a4359a3ee2b68979486b38133c4e609e3554b01815aa9a27785d860adb3e50e84dc8dabf48a5150ac28e35bd13786

    Score
    8/10

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral18behavioral19

    • Target

      6f081f814358d615469a82cab0569fbf3c98a3e152bcfb2a9dd348b2d881b93b

    • Size

      3.9MB

    • MD5

      2eb84e2162837a70e8bdc6c24e8958c5

    • SHA1

      86a02a7b5a277df238fcea0af5c0294d8449c43e

    • SHA256

      6f081f814358d615469a82cab0569fbf3c98a3e152bcfb2a9dd348b2d881b93b

    • SHA512

      b49f6112cb55f947d88eb72bbdad1923f66589daafd218b49e9d0a4665b2aac4fae563f28f556d6b33bdbeba4542bfd87f9c45c968229892d08c54d8f2d06777

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral20behavioral21

    • Target

      79b2065107cb362001a2f8a8cd8e2e20678b2eb2c0372ef760495d9fff407361

    • Size

      851KB

    • MD5

      d711578ec74c9394de520aedae7effb5

    • SHA1

      42d8823cb39ace83f004c73971fd435b786b9f5b

    • SHA256

      79b2065107cb362001a2f8a8cd8e2e20678b2eb2c0372ef760495d9fff407361

    • SHA512

      af8f03c93f5beec894091d429cb0c6df33101eab96e6ef0fde527307206267de2644f479cef5c3e7354791bb12dd7418bfcdeaea9beb509c92a6bff195e2f06a

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral22behavioral23

    • Target

      baa54f7d1e5215ded677ed42ca7e5f0ab973313cd06f8ee36c77a55894f037d8

    • Size

      4.7MB

    • MD5

      a2186e2b43cdbc31011d6fa7b244b53a

    • SHA1

      ac08c1345868b644cea4572a2864a97b14705e2d

    • SHA256

      baa54f7d1e5215ded677ed42ca7e5f0ab973313cd06f8ee36c77a55894f037d8

    • SHA512

      61eaeec91997ff42c977862d6194956ff3090dc4148732c2f664fef776e82a5ed886e3e3fa35f0fba0c750a393addccf330fd1bd3421743783231dcecfe98bf0

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral24behavioral25

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

6
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks