Resubmissions
26-09-2022 21:20
220926-z66e2acab9 8General
-
Target
Amazon___Dicord_Gen_By_ShadowOxygen.rar
-
Size
7.1MB
-
Sample
220926-z66e2acab9
-
MD5
219041f378ad512a44b2922409c02b3a
-
SHA1
d31211d066b1aba5d56940941e0323ab419aea1b
-
SHA256
2e93eec9d4641c99970e8301a6954845eb99b30e059d8b02452b57524245e81c
-
SHA512
2dc77e4d3ff59e7fd7009c5f80976415069da89a2d8017d7de6a6e1b09a4a74a62c883dddf78a15fe3c53f4968e9d61a203ebee6975809d829bc181fd9e4e237
-
SSDEEP
98304:1o9YsV8WCDA+LVz05NhCe/mq8lJFSXJnza7FR1a8eJto9hn+oOQaTK+MUzbWE9p:1o99eV4NhzZsFSVzaM+9hn+oOH5zv
Malware Config
Targets
-
-
Target
Amazon___Dicord_Gen_By_ShadowOxygen.rar
-
Size
7.1MB
-
MD5
219041f378ad512a44b2922409c02b3a
-
SHA1
d31211d066b1aba5d56940941e0323ab419aea1b
-
SHA256
2e93eec9d4641c99970e8301a6954845eb99b30e059d8b02452b57524245e81c
-
SHA512
2dc77e4d3ff59e7fd7009c5f80976415069da89a2d8017d7de6a6e1b09a4a74a62c883dddf78a15fe3c53f4968e9d61a203ebee6975809d829bc181fd9e4e237
-
SSDEEP
98304:1o9YsV8WCDA+LVz05NhCe/mq8lJFSXJnza7FR1a8eJto9hn+oOQaTK+MUzbWE9p:1o99eV4NhzZsFSVzaM+9hn+oOH5zv
Score3/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/.gitattributes
-
Size
232B
-
MD5
23e2b08ac4bff5f9ee89924f6c6eace1
-
SHA1
26166bf7a5e7016a1a1b610b64639f18eca5709f
-
SHA256
a2aeea8320805941cba5d36fdaba09c87d11d754ffbd251879f8c3416cd3bc76
-
SHA512
9f53ad244fa6e74d62fbc7e6db80b9fa7e90aaba3fedf1062ed72e6ea77a25713b1067d7d8bb1d915e8febaa755310ca0127ded9557b8146966f46c6a97f89f8
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/Extreme.Net.dll
-
Size
120KB
-
MD5
4bd4346716370386491d6ebc4438b69d
-
SHA1
7ba0238a2d9c44d0d17d8ad4b32c011b77d23624
-
SHA256
155e446000555c8edac8304cef99c2cd54e8267981f1482d14a69c66575e6551
-
SHA512
930d20a9e260f3d56a4621e884786999fc51cae9d63372d5bd88edb928dc384f97e3ba33fe5dde9eb0e09f558554950210c6d21d7f32606f79c976988c09aedf
-
SSDEEP
3072:XRcoVeEY6IxYiXGaRwD0YKCGjNXqMG4ih3lbpr:XuoVeEYgOnS
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/LICENSE
-
Size
18KB
-
MD5
d558c829ad318da6d9f04ca53dc90ab1
-
SHA1
a6c71e37bf1e0f373311ffba511e631c9543f849
-
SHA256
c39215a584968bff6d59a042e987678cccc72a32f3fb8cb98c558f331ab55a02
-
SHA512
0a7f8d64cf14d4da484bd8906c4b857e36572ee73bcbbf3f288396ffd80711bba42d47fecd284916933070b466ab3ef0f275a84a32e0328dac962d111b45a76c
-
SSDEEP
384:oUUCXCz3hGhUwi5rpL676yV12rPd34ZomzM2FR+dWc:oUhXCzxGmFWixMFzMd3
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/README!.txt
-
Size
448B
-
MD5
8776540b31a6f870e53a7cbdc550a4c3
-
SHA1
dadd6853cddfd708f1a3cdfa17ea85cc886e7c49
-
SHA256
a6f1abdf7071462f92b84aafb1bb7caeaed244e70ec06363248a5cbbd2d197b5
-
SHA512
2a791190a9fe607742c6438f6b3bdd9185cb5be2f82be10533df81e141ae0d3c8847664ad430b5e15b2530eef192da8e3d7e53be894085029d6bf6350df3af21
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/ShadowGen.exe
-
Size
185KB
-
MD5
4d1e4fa195d69be6010f3ff8fe722e29
-
SHA1
a2f8d3ba16d0e5e8fd70223f356b51d785d30ef2
-
SHA256
f40f85bb04bc7dfc404d87135b1da834ad4a8e48f9d46b074549f025265ca831
-
SHA512
dc10377aa989a77d34e1557ccf868ffd8a3e91165c04e245212f4f1ecd1290cd0c5760c23260b64d3d82d4a0e283c0954295562f31f51d14ca011f633ba39962
-
SSDEEP
1536:64l4ePuf942zytUK9rS7RhhBBIMBBuixi16o0fDjH3CIyHCD:64l4ahtoIMg0nH3C5CD
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/Virus Total/desktop.ini
-
Size
44B
-
MD5
c279803b27f13369aa54fc9b84b72468
-
SHA1
01d430e118952d9e077fdcd7ff13084d375995dc
-
SHA256
d80758a34364cab9de42ff6ed57bcc753a0936ddddf9952c5b4fb9ff0d7966c9
-
SHA512
2ba7cfe2fd561a0cc4fdc39ab7e6fe9ea9aee8618afe31030a0a79af06542b83ef66ec4817c646f027e1733263cb46a9a9b6432f01f6a938fa29080a59e44678
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/Virus Total/scan.txt
-
Size
109B
-
MD5
2e99fbaf1ad4f921ebe1ba0adb710c25
-
SHA1
6335db361e4666581ca3fd9d594ab1827dba734c
-
SHA256
f2f02c614c4a88b423ad0a404f7f5e7c1d33c5445e75f3d6f651ae6e791cdd57
-
SHA512
ac7ccfcc0fd077218cfc8130d587ef03f2e2ca539b052e1f8c224f46a000884b1da1c7daa43600f767b8f3c4da545e0a3832f75caa771022281dbf75ef1ea175
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/WebDriver.dll
-
Size
1.7MB
-
MD5
9283cfa187616d4db0e41bdab6083d88
-
SHA1
066b9bcbaade014d100e8077124ee6152b233615
-
SHA256
0ee619b1786cf5971c0f9c6ee1859497aecba93a4953cf92fea998e8eefadf3c
-
SHA512
e3f4e406d3fc8518c0b204046b648e23c9008067ed4f4855a023f1c7a38a4309e637f3230e39bfdfec245631b4f8678b772cf32b563ff33f59881048a107a090
-
SSDEEP
24576:EO0SpsS9mElcC2WJkXOs5jhOsYfrUVfZzDNOBGHHMYDz7DuKilhZ6Q4zoQS:BVHlcWk+yjhOssmlBHMYn7DuLZ6Q4zo
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/Xceed.Wpf.Toolkit.dll
-
Size
1.1MB
-
MD5
c3d181ab31e5bec15d266f50c8bfa4d8
-
SHA1
e46b04fe9e1620945881404fcdc73588e84f2dd9
-
SHA256
d78d3c61c4665c703976f5f697187669a5ef888ab1c00ebaabc0bcf409e833ae
-
SHA512
11b0dd0ba7292b5aceceb8f55a388571663f2820c55582e39f7e2727ff4e7ea0e3b51e24ae37c858326f3d1b3ce2ff272703c904dafc11b766ecfbdaaca59572
-
SSDEEP
24576:8N2IhPdiQMKl4fz6eY3vsKQbBlvplvraO3ySG8XxDaZVEbbG6C4:SPdiQMKl4fz6d3vsKIlvplvBfLNaZVEL
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/Ionic.Zip.dll
-
Size
480KB
-
MD5
f6933bf7cee0fd6c80cdf207ff15a523
-
SHA1
039eeb1169e1defe387c7d4ca4021bce9d11786d
-
SHA256
17bb0c9be45289a2be56a5f5a68ec9891d7792b886e0054bc86d57fe84d01c89
-
SHA512
88675512daa41e17ce4daf6ca764ccb17cd9633a7c2b7545875089cae60f6918909a947f3b1692d16ec5fa209e18e84bc0ff3594f72c3e677a6cca9f3a70b8d6
-
SSDEEP
6144:OhagC/Mq25o9sXGtSV41OJDsTDDVUMle6ZjxLV/kHu4Bht79I9:iagxWS4msNUCe65fkHdBf9
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/LICENCE.dat
-
Size
75KB
-
MD5
43a46b3d4965c8e4fda4b5161c2dad5c
-
SHA1
54a0f7b3445cad938c630dcefe7acaa6adb4b4d5
-
SHA256
301ce5c90623271d88aa32eb0e3c3c988c26f08246981065df2e303f7ffb60a3
-
SHA512
b1a491fbffddc2426572c095bdaff6e8890a23bccd8c12b56e4289fa2987c86a2f615fc3fa902c775f4b1c8dd74b030f4bb57eb9d0c7b2ba51d4c48fa7530884
-
SSDEEP
1536:OYSwesLlp+wbcYzwqqv3WbNif12gZ5xDZpDmtNQL6fV3b/u:O6eEl8wtJcWRw2gZHirQmVu
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/Launcher.exe
-
Size
53KB
-
MD5
c6d4c881112022eb30725978ecd7c6ec
-
SHA1
ba4f96dc374195d873b3eebdb28b633d9a1c5bf5
-
SHA256
0d87b9b141a592711c52e7409ec64de3ab296cddc890be761d9af57cea381b32
-
SHA512
3bece10b65dfda69b6defbf50d067a59d1cd1db403547fdf28a4cbc87c4985a4636acfcff8300bd77fb91f2693084634d940a91517c33b5425258835ab990981
-
SSDEEP
768:FKtnBTTQi/YqMFlVt52ftDhKeoNzZq8OujxUu5XEAb4b9yvMzUV5:qBTUgYFveDRuFEAb4b99QV5
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/README!.txt
-
Size
448B
-
MD5
8776540b31a6f870e53a7cbdc550a4c3
-
SHA1
dadd6853cddfd708f1a3cdfa17ea85cc886e7c49
-
SHA256
a6f1abdf7071462f92b84aafb1bb7caeaed244e70ec06363248a5cbbd2d197b5
-
SHA512
2a791190a9fe607742c6438f6b3bdd9185cb5be2f82be10533df81e141ae0d3c8847664ad430b5e15b2530eef192da8e3d7e53be894085029d6bf6350df3af21
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/Xceed.Wpf.Toolkit.dll
-
Size
1.1MB
-
MD5
c3d181ab31e5bec15d266f50c8bfa4d8
-
SHA1
e46b04fe9e1620945881404fcdc73588e84f2dd9
-
SHA256
d78d3c61c4665c703976f5f697187669a5ef888ab1c00ebaabc0bcf409e833ae
-
SHA512
11b0dd0ba7292b5aceceb8f55a388571663f2820c55582e39f7e2727ff4e7ea0e3b51e24ae37c858326f3d1b3ce2ff272703c904dafc11b766ecfbdaaca59572
-
SSDEEP
24576:8N2IhPdiQMKl4fz6eY3vsKQbBlvplvraO3ySG8XxDaZVEbbG6C4:SPdiQMKl4fz6d3vsKIlvplvBfLNaZVEL
Score1/10 -
-
-
Target
Amazon & Dicord Gen By ShadowOxygen/bin/db.exe
-
Size
5.1MB
-
MD5
dc28a95657072fc5b40f011c8078bb80
-
SHA1
11e0fdd502cd881814885285c05ed5b61e164636
-
SHA256
24a95e0286a530b5962a48ccf0246b1f0bfb35b77a25d4792e16cfdf675c26d5
-
SHA512
80dcc85fefff319f508b1a90a9bc9beefe42003e7ab9092d4697b64c3fbddbbffb3fe2d07e295329df5a10fc7f527167d085c9c6d858f5d014c79ecc5b717446
-
SSDEEP
98304:9h55mrHQktlw2Kce26t+JhVWn2xxjsOIzsU8Ys04RRNNH:9h5u3tlKXqXWnA1IzXtXiNH
Score7/10-
Loads dropped DLL
-