a16ffc8e781e14fc6058630b81cd948df4be52a4721588121d9448c0c0359a0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Liquid_V3_Files.zip
Size

1.9MB
Sample

230203-xkv13acf21
MD5

9c4a1110a20b60492011260a1e20b3ae
SHA1

2356dc4a16b1561e74ec5732a228b020c4179070
SHA256

a16ffc8e781e14fc6058630b81cd948df4be52a4721588121d9448c0c0359a0d
SHA512

853c669dc9faacbdb9b07869e61a8668599f6554eae6392cb19f9d6a11ecfac7b0b949172e19992d4fe13313f0e39e6cde32509653108d6a28a71fcd49f7f567
SSDEEP

49152:vCALecFKx0IwugFJ9hqo94eTQ6NRKfh2u:qoecLPH74eTQeu

Score

6^/10

Malware Config

Targets

- Target
  
  Liquid V3 Files/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  Liquid V3 Files/LiquidLauncher.exe
- Size
  
  2.2MB
- MD5
  
  a3f1a0273a51879db8147db21581bca8
- SHA1
  
  4fbec47940b177702df61be774051e4520cdb9ea
- SHA256
  
  798bc28fa4d4ce257c0324dcb058607bd3ed0fcebd0628a2df6d944f7eeb76d1
- SHA512
  
  de1fba872f85db2c70bb16ae3333c026159df284d2b1b839dfc1f0c0c121f00517c29f57553aa2c8d0392ec001859feac9f803c94a5fb19ff9cf7e9bcfd2e7f4
- SSDEEP
  
  24576:/YdQGnYdQG5N8Bo+WjZQCHEk/JQCzy6TSJ9f3Qld9yNpanPUn9jCxbAyxhxCcwSU:GQlQE5+MZQCBJ7y2C0FPbd7CHSltxbQ
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4