Malware sandboxing report by Hatching Triage

Sharing

Copy URL

Twitter E-mail

General

Target

CliIkosNet 2.0.16.28 R4 BANOBRAS.rar
Size

20MB
Sample

230321-wprc1aed2x
MD5

01ee6656a9a267e0e2f7e7288ccc5d34
SHA1

3bca8e3f289bbea327c15bfdc3133523e3a79ff1
SHA256

c530d7214b50c0c2f0382b1d9a83f3fc4bb71f33024823c751503bf301f2e132
SHA512

a15a6d10c0e8d1a490238cade3d7cbd89fdb093ed4ae33e63dea52b3406945372635ff6d6b867f4e1dc0957253e91d8a9d32d2521f112e6e80641a4b0cb10ea5
SSDEEP

393216:DRroe216maCW6P9oeV2iwGCOTcxgvXYCAJ2llvuvklO283wd35127Q0WPdoBm:DaeKC61oWLwUT8gvX9Qc8cl38c/7FoBm

Score

9^/10

coreentity

Malware Config

Targets

- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll
- Size
  
  152KB
- MD5
  
  de5fbd7e30766c3300a9821c2c702b8b
- SHA1
  
  0b011ab3f05ed54dc9ebd77488ad018792d2ff55
- SHA256
  
  b92fc674bda3e49e02568dcb257f268a5fdebe81df99ad4077918ebd0609485c
- SHA512
  
  198d9339d398c0140d05fc9cdb080059a31fb2ab7636df9ca82412f0871ad7d67b6083f0faa3f411d533e840e2214eaf15352f4c3f18bfdfdfbb2cd2eca9d093
- SSDEEP
  
  3072:SjR2ACqq8pLA9givICd3RZjMbQxMjReuUa8zn:SwACNFaUak
Score

1^/10
behavioral1 behavioral2
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.Practices.ServiceLocation.dll
- Size
  
  26KB
- MD5
  
  5d53c1b82090b5e0a024afb02431bc9e
- SHA1
  
  02e27b16e171ee8fc8edba43067d8d6d04ab74f6
- SHA256
  
  2028dba77ffefc0fb9f3cf5aba68868d6f706cb2599b1a67d5784d1cc411ccf7
- SHA512
  
  b8d45093b8808c0981fee894c5f4afb607c21894d2cf3347ec132cfc9e5386db2a9a724bd51aa51142ba9f5e1cea97b593e88b5969aa7672ecf992f8118140e3
- SSDEEP
  
  384:KRM1TlGyz9AswQyUPbKyXH/VUdlW+I2WFVTpBjTeajCw:KkTlGI2IOdm97Au
Score

1^/10
behavioral3 behavioral4
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.Practices.Unity.Interception.dll
- Size
  
  122KB
- MD5
  
  d5911921e2ef61b6fa1bef2d3d81965f
- SHA1
  
  96216000bb5eefaedd27869142b8574b5bd5f3c8
- SHA256
  
  79ec0b9b9752fe63c0c37bc4217c2e7d9ea33016107e3870d5e61889eb8cc3e3
- SHA512
  
  362ac4b8e8e7c07e9d0f6a8e9636021aafbf1a0d721ade9b4f2f31cf451115a3678a59aea01acf9b44bcee57f9001129cbe10489030dc9731495b8394ecd6c77
- SSDEEP
  
  3072:P/W6kPbS0eW8v1dvP2U/rlzHb03AAC7/Klll:3QjxMzDlf037Vl
Score

1^/10
behavioral5 behavioral6
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.Practices.Unity.dll
- Size
  
  130KB
- MD5
  
  b69c180ad707913247eb85ee2e6e3d16
- SHA1
  
  e8b66a9f9c41c3802541029ddeb22f7e591f6343
- SHA256
  
  201655cd2f641ac05e450fb03ce763afbc5e859d6ce1a25ae7fef3c27a2ee39a
- SHA512
  
  e81eaa13fc01fffdf88ac12b4ea0005b59de0bb9f64f51f4fb7c2148f430ff530377e64eb5448232ec22304c1321001582ecdda6686ff76b9fb80b32614a8a8a
- SSDEEP
  
  3072:vKVWBUDXdJ0GtRYqM5Axnnnn9Z03IuSsxiNuK3iAkmWm:vKVqUTftKZGxnnnn9aYuSsYviAk5m
Score

1^/10
behavioral7 behavioral8
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.VisualStudio.OLE.Interop.dll
- Size
  
  133KB
- MD5
  
  4895fc886b5d33d6f004e6d5702d9438
- SHA1
  
  cc0401e466f105196b56d8a432c60cd0d5060de1
- SHA256
  
  fceaf0d124e2da44cc60808414863142d1bb38ffa08bb67dbc33e2f453bcad31
- SHA512
  
  6dc3041604e8f3aed3b6c2a04a877ca4f9f91437499b1294ce27c9950f470a31ee779f5c96cd18b88c6a5aecf5423c60b5c2cc3e85f7a59259689a5e301ef3ba
- SSDEEP
  
  3072:1B4SGu9A07O5tp+zcKow+YhYZq1oj6ii8oDgpyd/v6t8oV4Ew:1KSv20q5tp+Abw+YhYZq1ojlhOEw
Score

1^/10
behavioral10 behavioral9
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Microsoft.VisualStudio.Shell.Interop.8.0.dll
- Size
  
  168KB
- MD5
  
  9515448fc70d82305b8b24a6a8f525d7
- SHA1
  
  56671588ca38d819f18b07504df0540514f852ca
- SHA256
  
  86ab75527f7b8125d5c1c630b9df76ebcba76445f905ac54288e689c23990cb7
- SHA512
  
  31761de3a21330c54ae34efc235d1f7238eddb3716e9e568c68013bc8656d0968d48db5f888318e3d34da05d00ecebb3d594cdb38498d6292ffa1f29240a7de9
- SSDEEP
  
  3072:KruwskpLU21TPxyYMGSyh1JHqe3jmQX4iyF552UMYZwQwBp/9dFE:KrlTp421TP0GL3Hqezr4iyF552mGr/9d
Score

1^/10
behavioral11 behavioral12
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/MimeKit.dll
- Size
  
  1MB
- MD5
  
  007c665a952587526f08fab9c84b0973
- SHA1
  
  e98a30dbd4421a0b06224eac66e5db3db052de49
- SHA256
  
  4bde60d1eb8f31844097e609db2874d138ba896d530a195572c19b7ae3014f95
- SHA512
  
  3ac4d8c322bb0b601e60c9068ad0a83e80543cc0233d16c277d430b015f74a685715dd37a62e13b69505935ab39f204d443615f372329b030bf98a4c89ebc1df
- SSDEEP
  
  12288:2ojHuG7qgJZ3W4vlnTZ6/hsHH6c/l6gSttAd7b52lD3qWh21UyKCzrZGG5uqgoz:2OzqAZG47lHH6c/l6gQ21XK+rAGE3oz
Score

1^/10
behavioral13 behavioral14
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.Data.dll
- Size
  
  1MB
- MD5
  
  31cf3c235cccb381ec282bbf3975f9ae
- SHA1
  
  bfc8fd8e2341a6ccfda95d8be5d7c425295672d5
- SHA256
  
  31812365198b0707ad98005e19e38a3d354b13fb5cdc272d5000bfe4b82a9b97
- SHA512
  
  a1a61667c6bc1cafe0790b3c651ab11a83b873e9cd66e482f0f9fecd39b3f0ad1df2d37207e0306f898698408f401ed35865b4393426745e6b2f8bb46b0fe032
- SSDEEP
  
  24576:Ak5enR3m5LB1GX5g7PTvN7TJ9VdBLKpagagngRhyNX3AsYN4hCJg6B5+ghg7xNxA:wiLB1GJg7PTvN7TJ9VdBLKpagagngRh1
Score

1^/10
behavioral15 behavioral16
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.Drawing.dll
- Size
  
  185KB
- MD5
  
  87d2bc9f5fb617e15d5887f7ecb8dd80
- SHA1
  
  e5536a0cf421e82f8a9c942c37326e6836806fc7
- SHA256
  
  65a42d3e5bd4508e3c75133cd1967301a84b5dae6698f300cd831ff79c54b611
- SHA512
  
  af6e385aa36a8d2c45993d0beb5dececce93ee37470713300ee342fd883f1538f3d298ecfbcdb2aad5310140927ee833c325b14d1b48794870e7b81c275458b4
- SSDEEP
  
  3072:pSXM0FFPvW3W42hOCSb/mCJpkfAtLwCMLh+hQ/JHRrDYM09CnA0u02z3z57rQn:pSX/P+mdSWAttMLhk8HRrDYDx05
Score

1^/10
behavioral17 behavioral18
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.ServiceModel.dll
- Size
  
  2MB
- MD5
  
  300d3fdef7348884a31e5e2dbb1c6cc6
- SHA1
  
  a859c7ec75c1a1004de0c4d9c487be43d326b001
- SHA256
  
  3d5b366f82246a37e3225f105bccbda7e699aeaaabc9fc2168ad9fe093dfd9b8
- SHA512
  
  a4b6c2e697c855c4e2c55acf792c31422cb1a781342a2d4117ab7a94087e661b913c30aeb4c088bc3a87c229905efab18318046c19ab757376b0eaa16982e2b7
- SSDEEP
  
  24576:3ykWO/8xjilq3qBr+K+38/Bny/k8tzz2aCSAyrMYKvQCUZ4u1oGalwnrTH:sulKAy/kMn2aCSAyrMLLu1oGalwn
Score

1^/10
behavioral19 behavioral20
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.Windows.Forms.dll
- Size
  
  2MB
- MD5
  
  5704ee24d68eb8a6d01b2e74f926ce3a
- SHA1
  
  79c9b2c2396b89cac82f277e41ab5460296837f2
- SHA256
  
  0b0bc1f2ebfefe0cf827b2e2a0caa3fb8c772d84df26ab8e40abe98e0f2eb300
- SHA512
  
  c8365dfdfec24094d9abd4c3ae03e2742e8fe0e8ce432a88883c33da4f10f8793e2e2272fa23e2b9ea1c25097ecd10f8c05b9943f8026a49c2f6967b9691b88d
- SSDEEP
  
  12288:3VQkIfvWp2pYn4cpEFi86OQdIxpH976ad3jveSlLT4QPzNilliUHJufGJULSo+wl:3VKvrZd6ObdTveSlX4Q4llBpufIo
Score

1^/10
behavioral21 behavioral22
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.Xml.Linq.dll
- Size
  
  44KB
- MD5
  
  d0c673eadb63a8d11f573abb578dc98c
- SHA1
  
  3e292375f4df6284f295f7410f9cdeb674b99ed1
- SHA256
  
  39e51b600362a070fbc231272d167072ecf74b2bbf0fd80bb8b37287683b29ac
- SHA512
  
  44001cbc0014e97a8c9ac309675221fd2f61528f9e26b404e75bb1222c93a85d46dd7fb2f34d280a878fd2943520b8bb56b2e867607e1efb592473282d2143db
- SSDEEP
  
  768:gRLa5+k3XRK7THV+6xMM1beCxkxz+4pW+Aj+iHsgBB/pD:GQ+QXk7DVbpKL+4pWL+SfBB9
Score

1^/10
behavioral23 behavioral24
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.Xml.dll
- Size
  
  903KB
- MD5
  
  9ea44b529e14810c45c35ff5e9de4e1a
- SHA1
  
  16a13de42754e6d42210e8f7b5ceb15f3c8c4ae8
- SHA256
  
  00208e20e3d1d520c233e7ffc10e4e56f9e6b3920bf4a971faee864268c7e5a5
- SHA512
  
  eda42a71be3cceb0cfc333dc46bdf7130c5f1a1c2abf7f2cb793ea90a25417352527b176d037b9afa5cb407255ab85bedcb01bd03152bff5a37a56e170b4d1e5
- SSDEEP
  
  12288:Y4lDNpKQsu9AMJvPJNiAC76mKfyy5NJFgzvRnS:YaDNpdUaPJNi/76muyiNJWvRnS
Score

1^/10
behavioral25 behavioral26
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/System.dll
- Size
  
  1MB
- MD5
  
  1b711459c28cb423940f9f9c348551bc
- SHA1
  
  996236960c9dd8e96666d4fa414617eff7f4daaf
- SHA256
  
  2fe343569f794f2ca92ee14a41875571a9f21bf92637b8f8ee86306534209cca
- SHA512
  
  aef7a03f378ee4c6d0832ae049530c75f429d84d1feefcf6baac28995378cb6d3fa6a6d0177a27d6d4398d6327492b449b6b2c00b06eddd00580a32715191e94
- SSDEEP
  
  12288:TMw4sVx/7T1pL0i9cuWtGNipyPhVWJuEtUygRpeH6/Bx8PhNM///kNp6MARWch8i:wOD3nLp9FWLeEtURIMBxxvpf/RSP5O
Score

1^/10
behavioral27 behavioral28
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Telerik.ReportViewer.WinForms.dll
- Size
  
  176KB
- MD5
  
  609e5f552fb3d8496d4db0ba7aa9822f
- SHA1
  
  2b368f7e60393cd7365697ca0a913ec3ecc4df54
- SHA256
  
  22489dcb078e96a06912c8a32d2037ae3aff0cd7649d00c898976f6512da2c91
- SHA512
  
  c9c11af4df15998152283b97880230a1e46e711540e7acb95d74497584c401182a237858f39facdfa6f512812a00dcf3acab8497242e2559495ac4d677bf9b32
- SSDEEP
  
  3072:rlaroolO0xkPan/U2/i+hvDeOPk5+jGw9YoexLAcQCXejGOQ/5WV6HHfQxQvvb1l:oGa/di+FeOs5+jGwwAczl/5WV6HHfQx2
Score

1^/10
behavioral29 behavioral30
- Target
  
  CliIkosNet 2.0.16.28 R4 BANOBRAS/Telerik.Reporting.dll
- Size
  
  2MB
- MD5
  
  4c0f5c63a2f68cc5fee21561769cfb38
- SHA1
  
  0038039a923bee12982410f17c168c0f4e73d12d
- SHA256
  
  807585df2d3c35cd31aacd6987fc59b4005a2431363cc96dbe8b027eab87a17d
- SHA512
  
  ecc1ab5d1e7a6e2c038778258655e4d839ebfb323006b570cdf272ab0e75ec272cc0692196c7542d373738ff7adbdd78fce9316eaaf412969e8a57824e6b4f51
- SSDEEP
  
  49152:S7Xq8Pe4Mvg/FopZEzLj+y3riQ6jsFVpd+PugYRxDYFmCzZnine4pYozx3HjiYkO:S7a8cgdopZEzLj+y3riQ6jsFVpd+PugI
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32