f71b9f85f5344a1bc7cd7c428991f14acf9007fbc19013a8cc84be3bdfc1c0d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Botanica.rar
Size

44KB
Sample

230311-ts9mmscc2w
MD5

fac06bad1f6d1575693cf8f686508e09
SHA1

365cc80f1acae16cea4357abe4e89b9d579a3726
SHA256

f71b9f85f5344a1bc7cd7c428991f14acf9007fbc19013a8cc84be3bdfc1c0d5
SHA512

3cfbcbf029a8695085189ba54050fedcf36953cc2c58b0499772a48ac41d627d2ef4af147f3a15606913f6ca136896695b196f242c877a7c121d76d1b436044e
SSDEEP

768:MW4Secb0itUwle3sAhehUdImjMXbfKmnwG5QS3/jiapjqtPBMwinI99vRKULyaS:549hitw5e+dImjYymnaSPuapGtPiwinf

Score

7^/10

Malware Config

Targets

- Target
  
  Botanica.rar
- Size
  
  44KB
- MD5
  
  fac06bad1f6d1575693cf8f686508e09
- SHA1
  
  365cc80f1acae16cea4357abe4e89b9d579a3726
- SHA256
  
  f71b9f85f5344a1bc7cd7c428991f14acf9007fbc19013a8cc84be3bdfc1c0d5
- SHA512
  
  3cfbcbf029a8695085189ba54050fedcf36953cc2c58b0499772a48ac41d627d2ef4af147f3a15606913f6ca136896695b196f242c877a7c121d76d1b436044e
- SSDEEP
  
  768:MW4Secb0itUwle3sAhehUdImjMXbfKmnwG5QS3/jiapjqtPBMwinI99vRKULyaS:549hitw5e+dImjYymnaSPuapGtPiwinf
Score

3^/10
behavioral1 behavioral2
- Target
  
  Botanica/Botanica_Font_and_Logo_Kit/Botanica.otf
- Size
  
  38KB
- MD5
  
  d37bff1ffdeaca8269f81fd3ca4499df
- SHA1
  
  e474f89f0f85657ccd87ff5a5fabe747ddbb2fec
- SHA256
  
  bad0f5da0cf9a00c011c94d93a927cdbb2e7b94a5f2fd8f6bbce87006b7ab21c
- SHA512
  
  e077d933909c1a4ec0a769ff20b32ea2c7baf2efe6b3e5deab3e7e4dd522c1563ccf3522978c2fec55861afaae50f68705385b5f5b90be17e8b3d1431b6b539e
- SSDEEP
  
  768:Y/MaUJQZEs6lyv4AXc+n16sllFR1jTrQAkrfJnSUIXxJXdf9uKzhLxcYcsAXcNH3:DFTyv4Ac+NFUAkrxSjXvda8A6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  Botanica/Botanica_Font_and_Logo_Kit/botanica-webfont.woff
- Size
  
  12KB
- MD5
  
  4f2b3bc874e1df6ddb75927f57753660
- SHA1
  
  d57f3b60cfafb9293af53694687d87c260a616f2
- SHA256
  
  1051bcd1b9adc092c56b419e315eae71f8bf097886efd969f8549f73fc083792
- SHA512
  
  312b9846bb930e20a9c3373068210a7a92d24a751bbbc6cb03357d9d58d8db36973a697885d900c6288e004bf94d7a29f88ebc37b6790307b3df8ea64432f101
- SSDEEP
  
  192:XZXD1gfn5efxfs6IW+KG5EK/ybfDNDBPiNGq8FdNd7ANIUDsUZPbCb6a+zdZ1v:JR4nCk6VRnRFBq097A7DMb6aovv
Score

3^/10
behavioral5 behavioral6
- Target
  
  Botanica/Botanica_Font_and_Logo_Kit/botanica-webfont.woff2
- Size
  
  9KB
- MD5
  
  d193563c3d5630752a68335c3275b7da
- SHA1
  
  b4362e61de28877d979557351a076465a9ea1265
- SHA256
  
  1f0747e1a51800e3b8db16d38355a3a57f0ac5af6a7494d29957288b60707519
- SHA512
  
  b3c9c8b2892ccda8e95f2eccb753cc97bbb7bfb4e7f0f3e8ad0120e0c153ea58da5f6719dd43c68b0e03f4e5c3e7b87a344d2dfdeb7ff90c494ccf83abad30fa
- SSDEEP
  
  192:W7wh8U8r4ZX7GyzYch8AxPeqLUcxGUdtILrmjvMJQQ:R9dTzBuAheesUdtimjMQQ
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8