Overview
overview
7Static
static
1GlyceriaHa...ee.jpg
windows7-x64
3GlyceriaHa...ee.jpg
windows10-2004-x64
3Mainprizer...nd.lnk
windows7-x64
3Mainprizer...nd.lnk
windows10-2004-x64
3StanesBese...ly.cmd
windows7-x64
3StanesBese...ly.cmd
windows10-2004-x64
7StanesBese...ne.jpg
windows7-x64
3StanesBese...ne.jpg
windows10-2004-x64
3chuhraFond...ia.wsf
windows7-x64
3chuhraFond...ia.wsf
windows10-2004-x64
7chuhraFond...le.exe
windows7-x64
chuhraFond...le.exe
windows10-2004-x64
1General
-
Target
backscraper.img.zip
-
Size
527KB
-
Sample
230324-ng5awsga51
-
MD5
403abf9198972d61e96a887fb027a431
-
SHA1
521a10c2cf8b54343d6505c2fdf3f2dde7db9002
-
SHA256
466cf0832a24b9a900aa36431f7fd69647c172c1c8054e233c473e83e50aa18f
-
SHA512
577399b386e34cb26b8a9925fd373d898ddbefdfababcd099d3d7d55a04bd1b5e474633db55cb54a75c16b831fa293bb6662ba4c76d4c4bf01687e29b5b75fe8
-
SSDEEP
12288:8jNm7xY41hx1BDcAv7NFANjbsDk+iXNEa5di5AOq1vr1p:8sxY4PxTDcADN6Px7NVdaAOq1vr3
Static task
static1
Behavioral task
behavioral1
Sample
GlyceriaHaberdine/possessinglyBingee.jpg
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
GlyceriaHaberdine/possessinglyBingee.jpg
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
MainprizerMisapprehendSeastrand.lnk
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
MainprizerMisapprehendSeastrand.lnk
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
StanesBeseeches/Inquisitorially.cmd
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
StanesBeseeches/Inquisitorially.cmd
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
StanesBeseeches/Pseudoconhydrine.jpg
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
StanesBeseeches/Pseudoconhydrine.jpg
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
chuhraFondled/longeveEctocondyle/UndersortPodalgia.wsf
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
chuhraFondled/longeveEctocondyle/UndersortPodalgia.wsf
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
chuhraFondled/longeveEctocondyle/glycuresisPortionable.exe
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
chuhraFondled/longeveEctocondyle/glycuresisPortionable.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
GlyceriaHaberdine/possessinglyBingee.jpeg
-
Size
71KB
-
MD5
d8733bc8f61d6db050a024b6f9c99588
-
SHA1
a96d53152d25338fee6a582b072587e75654dde9
-
SHA256
535b013dc73d5191b5fbf48c0050960baf499ce8dd2df4f6838bf17672afb753
-
SHA512
ad4a7a9fa397b5aaae5c9ed8e934776e31f1c98a3db58e53831da6ff4a069d778e4b931e93155b47e3e81a73e592ccc48167cdd485e31f8a0e7f3c7c3404b70d
-
SSDEEP
1536:5tFojEsI1ulFWIZW/9YzqaW1fZfPs/EHcf8ZXKRW8NR8ClI:FaEst29YpchfE/EHc4X6W8j8aI
Score3/10 -
-
-
Target
MainprizerMisapprehendSeastrand.lnk
-
Size
1KB
-
MD5
4a70fe97d9d875088349804a02ce13d9
-
SHA1
2aec9bfc67be00cbf17194c4c4b414ea3259ce94
-
SHA256
f2b77f5f16c71f007c234447ea1f9c976f84ab01080af3b1c4c4219fa7b287f8
-
SHA512
65b58c1d56c72519179ebce43532aa2fba6e75babd91fc2e04de45e27f3c35a2f71646f9bd6234bb921acf4a337697426d3049f75e234b7e6d77cafc2bfe6786
Score3/10 -
-
-
Target
StanesBeseeches/Inquisitorially.cmd
-
Size
740B
-
MD5
d83d6ffcd16cbcd4870671952976fda8
-
SHA1
c0f7e6f54c94579518567032d1f4eed04955ba2d
-
SHA256
1fb1db9d2e48ed64b4fe840d2e54095638cb424cfc4d325c2ad4cb910eadc287
-
SHA512
7908f22f6dc1f4f977bcc92c901ba64fab7b31bd3eb74d58e2a0dd0dc2e7ef7cdfa3fbf017f7f04105ed637f489cb896a1b09003a2a198be16ae812b5e359377
Score7/10-
Executes dropped EXE
-
-
-
Target
StanesBeseeches/Pseudoconhydrine.jpeg
-
Size
78KB
-
MD5
5881ee2e28cef6740d54a91440635418
-
SHA1
afab673fa3d08dc2233de3252f6bb4d43aec501f
-
SHA256
b6b5c4cd67b2f09b41b8ee05268669d9e8866db852442678820c12e11635f4fa
-
SHA512
2f4e03684a514b8dbda694e56173ec973e9770ffa00bbbf1b9c4eac79d26772083a6cd9dd13cc0fb8f09ea0e8ad345514cf97aeb8c99a8482d3c86f94b06ec75
-
SSDEEP
1536:80Kf42e0LjLZ4bjUHz5L1YVcNkKzfh/W+SyVm6aNyK0jwJ:2f4r0L3YUHh1YVcNkGxA7b0jwJ
Score3/10 -
-
-
Target
chuhraFondled/longeveEctocondyle/UndersortPodalgia.wsf
-
Size
308KB
-
MD5
1dcf754fad54c2b87a00606217d004db
-
SHA1
a10b9e0d84058df4c8e61f9ec9a9a453640e9f60
-
SHA256
1b6f1d744c48df52231fe303f3c2911b3daf8b6e849d026916ced7e98948b946
-
SHA512
311d63d4c3cc24607380c93b4828d6bfa99ba981e598c4e5ce996c462a9eb90ca0f132687888045754a18a982cfb9ae3101737cdee52a21bae942c07f2a3e2c9
-
SSDEEP
6144:sU+pm3bu/2htEx/ooE1XRiXIJ4H/qYCWsh96bioMUv/76BPBoLFFaZDe9tNBq:sU+OZtJ4XIPcuozrzCf
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
chuhraFondled/longeveEctocondyle/glycuresisPortionable.exe
-
Size
283KB
-
MD5
8a2122e8162dbef04694b9c3e0b6cdee
-
SHA1
f1efb0fddc156e4c61c5f78a54700e4e7984d55d
-
SHA256
b99d61d874728edc0918ca0eb10eab93d381e7367e377406e65963366c874450
-
SHA512
99e784141193275d4364ba1b8762b07cc150ca3cb7e9aa1d4386ba1fa87e073d0500e61572f8d1b071f2faa2a51bb123e12d9d07054b59a1a2fd768ad9f24397
-
SSDEEP
6144:k4WA1B9BxDfQWKORSqY4zOcmpdlc3gJdmtolSm:H1BhkWvSqY4zvmjOwJIT
Score1/10 -