merlin | e7ffcc5ab285fed3905a98b3af9fd30b1782f2a4560755cd8ac35a39908d3c10

Sharing

Copy URL

Twitter E-mail

General

Target

e7ffcc5ab285fed3905a98b3af9fd30b1782f2a4560755cd8ac35a39908d3c10.epub
Size

4.9MB
Sample

221119-n6qtssae27
MD5

0431ab6198f98daaebe42aa811e789d0
SHA1

fdafb1e32b03b69ee7a17fc98dd639c11021b3a3
SHA256

e7ffcc5ab285fed3905a98b3af9fd30b1782f2a4560755cd8ac35a39908d3c10
SHA512

3c0431e43fb75f4852a92cd942592dd8154712f11ff0503d5208510ee94d01747cebdc28a38a874f62e03b200ac58d95e279d94f3028abeb75dcdf6bda8de8ca
SSDEEP

98304:FfBcUw+mkNLTv/UMT+eL/a0X7fbmkVwtsSMd8fGNxxuiRtzA7:IUw+TNLbMMKsiW7fbmikxfg0iw

Score

10^/10

merlin

Malware Config

Targets

- Target
  
  text/part0000_split_055.html
- Size
  
  3KB
- MD5
  
  568b5635c163feda44b7b02ec5d0d1c0
- SHA1
  
  13acf036f2db0bcabe5633f789118fbea5017d84
- SHA256
  
  722f4de7f9b3bf70cb17bbd01c9ffa75096a3e3a4b68dfa1b3b0784b2b959d3f
- SHA512
  
  f45e914b286979af71b0f261ae9ad2ae9e903fe775cef5b1e0b70c7cf0839460823a133cd90560815f4f52957668e9d6f9b37776ec36cc135b30742c7acdb33b
Score

1^/10
behavioral1
- Target
  
  text/part0000_split_056.html
- Size
  
  1KB
- MD5
  
  4e0404f0d07dbeacf99ca6e8256cf4b3
- SHA1
  
  a8affcbaea67a2e3c8d990a7d3eb8391731cf344
- SHA256
  
  beced13b114643ee560c62b9731e237345471ed24713b819d6588dbd0ced7df2
- SHA512
  
  1feed65c990586074178ba86f129cb2b8dacb6ebc43814b82e8be53818e704a3eb93f487c62324cdb87bbb01519d2351a1ce9dbcc86287236460f4211dd9640b
Score

1^/10
behavioral2
- Target
  
  text/part0000_split_057.html
- Size
  
  1KB
- MD5
  
  891223d75c88f06a70281a33e16111b9
- SHA1
  
  d44943be450e6a166c414019fb150d1f91c7d980
- SHA256
  
  a513e78de4f7553fbfd9509457b971005ee4a9385d45fa04588e94f1637bffd6
- SHA512
  
  27d57c44d92446b68c63f1a112fd18fd5d64fc0ade12460071a1f8faab8d118d15922e88a77007f8c84d2bea34f6ae924300dd2303d393afde7b16b3c61b64a0
Score

1^/10
behavioral3
- Target
  
  text/part0000_split_058.html
- Size
  
  25KB
- MD5
  
  7e95967dbc295641377f096ed0abbb96
- SHA1
  
  c9518c9bd2e18e40aa64ff98f4dd69ec5a807302
- SHA256
  
  e2f2b5e37b1b7c8dfd52dbe8a9f5fcc9f241912331c5967a7716e1c663620450
- SHA512
  
  8d79783b16b0aceb0f34be1ff54fef72559766a5e7d705503fe56b570a0ea95a34ef5c7cbc9959e4ad55ec91223fb042e424e1cf640a088ed628ac0a9dfd2f73
- SSDEEP
  
  768:in7g5YeRQs6Nba1G5csWhWW1gD4OdTd596G:y7C7QsOXesWhWW1gsOdx5wG
Score

1^/10
behavioral4
- Target
  
  text/part0000_split_059.html
- Size
  
  14KB
- MD5
  
  3844e769bb2fb351c073cccedef09eb9
- SHA1
  
  471713f9b8fa3cfb87a93b2d1767e265b150cb37
- SHA256
  
  1208c5db5fc31d47379df73dad04ee2263a1515738039370f15a827e8ec6fbaa
- SHA512
  
  25dca3025b1c66a45504cea788f93483fb22fb0d828eeb37cd9a1d2cbee3c96e605d9ba41163822d5d5abb3d524584f908c9f1b5d5ba804dd8707991813f62d9
- SSDEEP
  
  384:bupuNo/f7hAYXmq0O976O7PDt09+9GiMUdNRvOmDRO8:z45TTSZG1OmDL
Score

1^/10
behavioral5
- Target
  
  text/part0000_split_060.html
- Size
  
  15KB
- MD5
  
  d4458b9ee4f4f389f2d9cb310bb98d3d
- SHA1
  
  a3ba2c045f20dd82d09b002643e48481f8d6ba0e
- SHA256
  
  56774ab2700d91928053dc16947eac6f6577d5ee6bdd6424dd9464e2946bbe3d
- SHA512
  
  3e5bc2b38fc1b4a2fc409bddfd68d80cccebde34820c241876002fec04348d6d6d7649a5865b59bcf8f15ce9d98d3d9296000ef1de92a8875788ed570b76c2ca
- SSDEEP
  
  384:bPKIxX7X7L7st7E7ce2aHASl5lbJVDZpNG1D/wq76aXFR67DO57zC80oOG:DZxmaHjl5lBGGqG3HO
Score

1^/10
behavioral6
- Target
  
  text/part0000_split_061.html
- Size
  
  6KB
- MD5
  
  056fd059a4a6748ddd2533fde9fde15e
- SHA1
  
  4d740bfe098ff52ab0b8386b636a9936a42ff009
- SHA256
  
  a53bf28486c727394c4172c26911023d2e6b241d8bf4106a1c95d2802ede02c0
- SHA512
  
  e1a5d3f39165e4364b03333745b0a77d8949911044ab1e2b817646454b836b087d1967cece09ff75ad37a08d7ffacbbd76e33e5af4df6bdce878823b6e18bf71
- SSDEEP
  
  96:bChj+l+FNaWmBDWh3ZDJ9tDiw5apyZuGT9whUyWZaFPoRCwkbCwG5dvlChMFHgfg:bFl+2WjJ9aGRWM1qs75j
Score

1^/10
behavioral7
- Target
  
  text/part0000_split_062.html
- Size
  
  6KB
- MD5
  
  98db3b85e03079fe22dd8b652ee78446
- SHA1
  
  c5a85bdb25659b9b797d644a5fcf22438d41d5b4
- SHA256
  
  1cd1f05715808a7ae3a196826ecf8acec44538b9e11ddbb6e0322c3111f9a210
- SHA512
  
  4519f47ad223272ad9f78a5973c8fb76eec58bcc0398e92b791d119c1f0492164f953c7461e7c0432a9a6ce3de7a0dd8e78bd265512f6cb2d2bfb1a45dcd1e8f
- SSDEEP
  
  96:b/hdqGWKDY5+DFIuEghurcSP3DDDPrb7//vWBDyRCDDDeDtqfzboFpixsPtqovMU:bzEF5yIz7v7/dDkbbE3V
Score

1^/10
behavioral8
- Target
  
  text/part0000_split_063.html
- Size
  
  3KB
- MD5
  
  7d0e7879987e36d07b49481b541c2b22
- SHA1
  
  47654a3ccb9bf8187c991b18d732eb537df0ba21
- SHA256
  
  078540f69ea8c9e61ad5e630bcfb8a1e751e52b2da304ae65c87b49e50e39f6a
- SHA512
  
  241faf60cf7e077b373c70c4a93791e811bc2b1deb48810f1e26cb4872c50f82ed8df257a36f3f1dd6dc16be5552e183d9cade050905e13192f806bfdabc3486
Score

1^/10
behavioral9
- Target
  
  text/part0000_split_065.html
- Size
  
  4KB
- MD5
  
  685dd7fce786b74e4cc861e6441ce460
- SHA1
  
  dfe8891b2a678705147d208cc1738820fe3b0465
- SHA256
  
  efde0f813e80bfa3c0fc0e235d535c7e9f1076bc6686b9ffce754781fdd94cce
- SHA512
  
  c62f539a9d07b634553ac7c04f0ba024fb0eed59f633de991cb841818e755e5195763b7683c81249e3b9cd42ded602376e7817edaf29beb5b8133139f643770e
- SSDEEP
  
  96:byhe8DDRoDgeBZtxqDyMSYDOM8UrWt/4ODGOQPDsUBU:bzZiSfKrWwg
Score

1^/10
behavioral10
- Target
  
  text/part0000_split_066.html
- Size
  
  3KB
- MD5
  
  a94ac7e0207482508be50b8287abfbe7
- SHA1
  
  b810c5fdcf70f79005389b4986ba27391c609c31
- SHA256
  
  7394d448dd1488a7b4b54f51005477aaf0f99f5907ac87c20fa1badc3ded8130
- SHA512
  
  91a77d4f7e9312708daca4aac22d390c3f4bb740dc22b9f1db042b05f11fcc419efaa151393840153c112c2975e8c52e1c1a1a4c681bde43e5acb694afcc3b54
Score

1^/10
behavioral11
- Target
  
  text/part0000_split_067.html
- Size
  
  1KB
- MD5
  
  2ea4d19d8e19a56f31e927c88fae3647
- SHA1
  
  efa92e0f6291dcb154dbc9ceac51587d16e97ff3
- SHA256
  
  5cdffa62efe872ac2b4e9208171f172365daab27968ca3e4d33583bb09397d9d
- SHA512
  
  9ccb9fffcd2df9390f9ca2847c9772be282ead959df915bded3fb4faee505bb3774ed7a89fb63aba94180801879fe4efa7df749b8a64eae5e21f4a4fe94c1905
Score

1^/10
behavioral12
- Target
  
  text/part0000_split_068.html
- Size
  
  1KB
- MD5
  
  d61b0f2c4ba9624d16b206c9c8f01dd3
- SHA1
  
  0f805930a7b58dbd25be5cc60261315efb51a2e6
- SHA256
  
  83f83a2ea9b770a9d2e32b5fe1b13e3911609087da4ac9bb44cccbf47db880d5
- SHA512
  
  5bd47f4e989e7b412847d280df062b9268c1d9d51fbd21ef93bfcac7bd121ac9813cd16939449b19416983f139b0bd25d0143d6874cfa999b70dbc6513640422
Score

1^/10
behavioral13
- Target
  
  text/part0000_split_069.html
- Size
  
  930B
- MD5
  
  26ec0173153f430c47b8b41274696756
- SHA1
  
  517dbe52764f2148a5e142c98ce5e5fd65ec9f2e
- SHA256
  
  0796e85ea5a066a02ed7566e9453cb196313fcdd6ebee0232528ecc32f202058
- SHA512
  
  0afc97912964167ede1b968c337bf0bdbe99d8356124a720aab607001f3ab0a13e90ce1e8a69c516b89107b6e1850b0385fdb4289deae1f90b0ee8545c38cd82
Score

1^/10
behavioral14
- Target
  
  text/part0000_split_070.html
- Size
  
  9KB
- MD5
  
  a5b17a15e0a264bfe14355ac8d0fdd5e
- SHA1
  
  868dc6e37be61e55f44658be175254bb42097ae5
- SHA256
  
  a27a2214e7d3b9f8e5bd1d8c72146a9193876d5d6195d1a1d04b31919c5489fc
- SHA512
  
  8906d3000b09a8c4a1a3f42a4b1cb9a866549942c5b6d52be6f7b1a984a39dda0456f99c44614cbe9b926128bab830210e2c53c12770751e323c4f3bbda763db
- SSDEEP
  
  192:bgvD4hNdYXec77Lme+PfXhWoPvYuBbYvT3Z:bwshNe97XmeuXhWoPvYuBbYvT3Z
Score

1^/10
behavioral15
- Target
  
  text/part0000_split_071.html
- Size
  
  14KB
- MD5
  
  a951a04917f3870b33117559881ec9c1
- SHA1
  
  deb56f7d29004906dbbdc1d0b909c8904cf52d3c
- SHA256
  
  2d11fb40ad91ba70e1d5a2258df0870adf95de296be2c6f18f96bf1a67c66f2b
- SHA512
  
  a9e74f6bac0463c603c597ca943850184dcefcfd0545f445a11905ad84ca2121b68fdc5210b665acd4e7acdc92bcbdb8fff19c1e55e195294578b1d1b9f7f54c
- SSDEEP
  
  192:bOdRQk3fKjcTq5rxfJEg8vFrnENJZVUSnKV7u+5TRm7hkYXtL1PPIYk:b/tKD59m7hkYXtL1PPbk
Score

1^/10
behavioral16
- Target
  
  text/part0000_split_072.html
- Size
  
  12KB
- MD5
  
  ba166a6f79b409935f79c7a20cf9c762
- SHA1
  
  5c2369b62d6eab566a150ab9c12873aff6d4b234
- SHA256
  
  6a0d5bc093f4c511c83d09a655ada0663a013545f6d3d79aafbc407c106bd650
- SHA512
  
  fde58b70f1bb683ac88ec8f8e04cdb2dfde223b95f0feaafbc9f7ddbbdc7bfeb92a96f8f251bf11ee7c739d0f056ba11c110da8a6782921bbd47c05d7b87b56d
- SSDEEP
  
  192:b4LLhsX2z7soRwXBzJsJbfGk2oEAhlSErmKt22qF:bEdsX07s0wRzGJjGk2oEAK2c
Score

1^/10
behavioral17
- Target
  
  text/part0000_split_073.html
- Size
  
  4KB
- MD5
  
  1ab6d18edbcf745960b19a3dedffaff6
- SHA1
  
  6161afdd37e3d535e50adfe8246843f5e88d4aa3
- SHA256
  
  29d0e839c2af94d799b8fe0fd59b467c14e7100d6ea82022454c0237d1bd4fae
- SHA512
  
  91f2a86d136ec673ea9efe795db6baad9c1d4b6539d6baa7b953f39b4463d9205ee15a9ba369c4cc4e33553997bbe5edf7d3da7e231ca4fa56836a9be5308cef
- SSDEEP
  
  96:b5zh57KcfQkMD85Drte3fV9XgAcsXyd1YZz8dAZtlFQUU:bBoQI399XlydGYdEbQT
Score

1^/10
behavioral18
- Target
  
  text/part0000_split_075.html
- Size
  
  2KB
- MD5
  
  6069f1ea5ae1787175a5f613d63d3c44
- SHA1
  
  00763a232db742fb6bc7795a201dbdea96e24101
- SHA256
  
  0d6dd030e6443622a75b5089d44764b70f683bf8e92cbf521716aff8696bf4d3
- SHA512
  
  9a04f73802198c3333013496afb6f7cb92566924db2be27555e54e44b5c465acbbd461cb6e8a8f0f671e6b12d51c70d47e4760ca03faab025b41c6ff80a24160
Score

1^/10
behavioral19
- Target
  
  text/part0000_split_076.html
- Size
  
  1KB
- MD5
  
  103e01f10a110cbb1cd3c2a2aa38fa77
- SHA1
  
  8dc76b7093658513b8cbe7530d65b3ad6fbe4eea
- SHA256
  
  f02cce6f4d7a281e3843c339218b359ea85b49a56ccf6b8dd2fc765108f82b99
- SHA512
  
  f20be5d73541a87a137411d98f73b55802ad7dcfa6fd7ec6340f79e1266e3bd039d50a2552661149e9b95246537662d255b46c338905eb43d426fd3a4454867e
Score

1^/10
behavioral20
- Target
  
  text/part0000_split_077.html
- Size
  
  2KB
- MD5
  
  5e8f530b33f4bac2b3378742a1f92976
- SHA1
  
  66297e4792931b799ee97b86865e2cf07872cf16
- SHA256
  
  d8d6ebc76cc27cc972d478d2869c3c0cf67550f512e6c49ee6780c41758ac606
- SHA512
  
  abbfe8b9e39007ba3662176fa7714ba5d241e0806273b7759140c4254e8419cdc44641b75924f07e25f7c4d2e8a04559f9b11bc3ac6a7eec0bcbcdc98fc88943
Score

1^/10
behavioral21
- Target
  
  text/part0000_split_078.html
- Size
  
  1KB
- MD5
  
  3bd2e29ebcd20f320d5a9a27cdf937ff
- SHA1
  
  2cbe0fc2e48e97c45984d7d699bf36fd69a1ece7
- SHA256
  
  2fd9e43bf824b3da1f616d80e8c82db234b5d2aa936dc8f60b8fd293f8e63cb8
- SHA512
  
  3e0ad60ab955b411a8162c88efd12de0fc3f5671cfcef8a2abb0c08aed17912abee201cae3b2abda055512d776a50cc13539b8c429d707eceb863bd1d1c47313
Score

1^/10
behavioral22
- Target
  
  text/part0000_split_079.html
- Size
  
  1KB
- MD5
  
  9f3bc40267f7287904f27d3497d868b7
- SHA1
  
  65325c3f9fcabf69600ae8aa9073d94e1c56f143
- SHA256
  
  de93c6a1f448aa3eb757cf3af718f5105f080e330720f25921e78221fd9aca8a
- SHA512
  
  53a50c656900f57c97e95c1763163e0884550bee4bcfd0d9a69ed4c513e2ecfeaa02fd7131028586ed9a31298e616b4749ca200923869f9eb7dde6cf703120cf
Score

1^/10
behavioral23
- Target
  
  text/part0000_split_080.html
- Size
  
  1KB
- MD5
  
  6f4b507f7155fcaac432edc908ed147f
- SHA1
  
  b1b8925aac9ca520c6f1eff2944a5567220373d0
- SHA256
  
  1b12f3198e0aa1031b47059cd0ae509434ae7905ca61dac954f6f2aa5f33afe1
- SHA512
  
  960359ace001b9d31781eb9032e30db93bfbf1709717f062dc6d2cd6961135fe9d81290ea0fbfefb25afe4d246e249bd907ee72cc5b4d3133d10f64140d56864
Score

1^/10
behavioral24
- Target
  
  text/part0000_split_081.html
- Size
  
  12KB
- MD5
  
  7d13cbf44bbe70175b01ffda86dc0b94
- SHA1
  
  0ea577c40317871bfef0ee51bc4e723700768808
- SHA256
  
  315da4ef4f3d2b6765f512468e6095eb2002755057885277136fd9ecb58bdd0f
- SHA512
  
  f2ae4a36216975e582c67badfadf1b1cf2339725d56b46e339253598c21245211469dcbd8c73869605a985d29b0681e63353b55e92d8640fec15d91628d95b2b
- SSDEEP
  
  192:bJyP5Hs2jL4YL8fe5be7+XRMW+HUS7WL5QPr6D0:bCHsgLQW5b6c+HUMuqPug
Score

1^/10
behavioral25
- Target
  
  text/part0000_split_082.html
- Size
  
  1KB
- MD5
  
  1c6d7bc91d5d498196ec9f38ea51b795
- SHA1
  
  a124bc3ddfd0f2d8313e5e7a6f4819a7ca3d24b5
- SHA256
  
  81a13510441f8663c7eb3339df03364a21df5fc62086dfb41ba7447c48e71232
- SHA512
  
  40d808beacc8760c53082750fe8ddc8271d8c0b36bcf6e8afc3cee7ced5598b2dc9566703a4cd19d2480995d45513d1d01849f8eb4b23473fa6f96259e566713
Score

1^/10
behavioral26
- Target
  
  text/part0000_split_083.html
- Size
  
  9KB
- MD5
  
  c2c1aa7028ef2c6fd3d804473ad98eb9
- SHA1
  
  31c2ee335ed1ac294a72d44221124411b4575a06
- SHA256
  
  ad55da1b71045d9046d440c3cec5b5568735e75da5b69d2801d1021d10594b12
- SHA512
  
  4dd9121781ee131c309d30cf8d03378e5b843145b708f12337edbf4637e785dc9b5282ea70611534d6ff215aa773b75e50666255c6c27819d6eacc13594173f8
- SSDEEP
  
  192:bba1Ygzf7WUtWZVFzcTfU44XlWHKXPwGGZ9:bW1Ygzf7WUtWZVFzcTfJnqXA/
Score

1^/10
behavioral27
- Target
  
  text/part0000_split_084.html
- Size
  
  7KB
- MD5
  
  e981a533f81749b1c6f2f4083d5ea587
- SHA1
  
  7ea8346e6c1038dcb0e3d74222190f616e82679e
- SHA256
  
  6d70469c21a7d199656d06a5b8fe2fb4c3c414d39d33578f868a55460c14b502
- SHA512
  
  7914b4b0e8fe185d62f321ccabb6da6ab7d15e0d9842227221123257280af21a1699e6d733ec6876b6b3ef476485abc593bc38f063dc2ea66b6a3845d8a11447
- SSDEEP
  
  96:b3sD2OvBJDjPt+SOCC+QkD+1eOOveRWz7u83Mdoc0HM7/a6Q3xHaDDDDDDDDDDDm:berV+SOCdQ++0OgoW6dH0sWzz
Score

1^/10
behavioral28
- Target
  
  text/part0000_split_085.html
- Size
  
  2KB
- MD5
  
  12eaad3b3a578a1290bb027c2fc281cc
- SHA1
  
  141c46fbd735df6c59c636afad45098f0ee8f068
- SHA256
  
  37b14a6b7dfdb2d179aa504cd68c02e5be0637b0ef9eccf99734cf9221e95dd1
- SHA512
  
  9055ccc961b1360cdcb8353295c3a8417da0d8ca2b8b1258240ba892fef19f5cf41c9433e12b33f97992faba206aef642a351ff497620676c0fb548283c5f029
Score

1^/10
behavioral29
- Target
  
  text/part0000_split_086.html
- Size
  
  6KB
- MD5
  
  582528de3d8b1434983db9a1ae0e1fa6
- SHA1
  
  0dd0d840d60064cd9bb28834265ccc9bd91db68b
- SHA256
  
  c46a2051c283a69e4e2f5e31c5141b225f34e1e8624fdb028bafcb6f8e5631e0
- SHA512
  
  a9630e799ce3399b9bb6609d74c492a33b71e35fd54f057af183ad91108979ae820748aed8a3ed975f1d1efeb23453ccc49af9fa274bdfc0f8aa28885431406d
- SSDEEP
  
  192:b0XhucKheMlQzXvxhHWhZLygXn9hqYGnZeWItJrPIgt5XtuCLXag5HfRYWEdb/1C:b0RucKheMlQz/3H4ZLygXn9hqYGnZrIj
Score

1^/10
behavioral30
- Target
  
  titlepage.xhtml
- Size
  
  808B
- MD5
  
  4d84b9416536c44db49b53f98b82d5b9
- SHA1
  
  0ff417f4992d6d7a7fb3514f75077b43bd9ca0ca
- SHA256
  
  3c5ec342044ad75950c962247a62a64a6734aba7830d207f77aac4e907792dbe
- SHA512
  
  6ed8a078bbf7b88672d1274a6bb9db2df2a1ee1ac889f2f2d09c3e233938a0807c5a9f4fb24e68e94a5bef6da93368d78e564ce9e136733643856bd4c66285e7
Score

1^/10
behavioral31
- Target
  
  toc.ncx
- Size
  
  35KB
- MD5
  
  e83a9f094a18ea295519cc3fc9a7908d
- SHA1
  
  fdd2245f93a428b2c87404888888964d0b0535b2
- SHA256
  
  86e053cba87cbb0a00a1e7a524edb8c054260eae920fd6b8d61381e2a8370dd7
- SHA512
  
  022a8c81959f27df013aac97377592ddde3b46d2b1819f1f1eb3e50647fe5f95d43295b80d06f5ea8511a2049827c0e85de2ded090887182d4d0a37631f48c9a
- SSDEEP
  
  96:K+DgAm4nUN8PU0tYI8UUsY5YoFIYLE8j1OslwCbfZrN8riUUN8wdJPOGsh7Pq9Ip:gcPl7NEATrKw+OOMfRYhH16JeCR9
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32