f1dc10290b6f045cdb3ea2d0ab1c8f3ab98621fccda5c575adf21b37164a0f57

Resubmissions

31-03-2023 23:16

230331-2873raff4v 7

31-03-2023 22:56

230331-2w382aeb62 7

31-03-2023 22:46

230331-2p4afsea93 7

31-03-2023 22:44

230331-2n7w9aea79 7

Sharing

Copy URL

Twitter E-mail

General

Target

Webbito_Cosmetics.zip
Size

21.8MB
Sample

230331-2873raff4v
MD5

ef8819a6ff2605efb7bad25c01cc58e4
SHA1

8a2fb8c428e3f14fac3b8ae99290108182d64c85
SHA256

f1dc10290b6f045cdb3ea2d0ab1c8f3ab98621fccda5c575adf21b37164a0f57
SHA512

8dc8e670d9049f750deb7d739bfe49525a43b4ba64e25cdc7d3ab2fd3d7c6b2aaa66c9df7422b8c1ed6995043d1812e57b09b38393d3dec8f17e74f5c9e2032b
SSDEEP

393216:HVSWtN1u6Zu17iRXQlC/qm0Rt9L1qrXrUZRmC562CVBvE11JL2dh8k3Z:HVSkNDZuYZQ4/90RtNEMZAZBV2VLuKsZ

Score

7^/10

Malware Config

Targets

- Target
  
  Webbito_Cosmetics.zip
- Size
  
  21.8MB
- MD5
  
  ef8819a6ff2605efb7bad25c01cc58e4
- SHA1
  
  8a2fb8c428e3f14fac3b8ae99290108182d64c85
- SHA256
  
  f1dc10290b6f045cdb3ea2d0ab1c8f3ab98621fccda5c575adf21b37164a0f57
- SHA512
  
  8dc8e670d9049f750deb7d739bfe49525a43b4ba64e25cdc7d3ab2fd3d7c6b2aaa66c9df7422b8c1ed6995043d1812e57b09b38393d3dec8f17e74f5c9e2032b
- SSDEEP
  
  393216:HVSWtN1u6Zu17iRXQlC/qm0Rt9L1qrXrUZRmC562CVBvE11JL2dh8k3Z:HVSkNDZuYZQ4/90RtNEMZAZBV2VLuKsZ
Score

7^/10
- Loads dropped DLL
behavioral1
- Target
  
  Webbito Cosmetics.exe
- Size
  
  23.2MB
- MD5
  
  ac74ba0e49bc1c25342bc91ba0b87a15
- SHA1
  
  ac9bdc2b01fcd0c2466bb2740299e6aaa7f9831d
- SHA256
  
  ef622e9c5899c746f30ff14ded168a3da6fa5f6ec3d403312720bb6b301afd43
- SHA512
  
  8c0e119cd767a16606902ff0d4f6ae387c40a07f8ae78fd3b4b4c0aa0c902f9d5cb83fc7acd997b05ddeebc7e60e957e98fd825396711c9d9990f3879d8f91ca
- SSDEEP
  
  393216:yUUUUUUUUGUUEQYG9IGJIGqpb/AxiVvpnY6/0e9KUkC/NtZZBamujIunhnGgx3rW:QlH3F/AEZtY6/yUV/zB3aHVtcLT
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral2
- Target
  
  WebbitoCosmetics.dll
- Size
  
  5.5MB
- MD5
  
  b84098f247b37d333cc096e072c5983b
- SHA1
  
  dd027ae131634bedfefbfe7e80faf294a21aae98
- SHA256
  
  56afdef5f4621c5008f21c6e0c128478fc51a9e2f8289c21331cc1c0c3c9c6f7
- SHA512
  
  2e531d52013ce0fd511c758d367e387e97a41471601b5472693c6d7037b4e6d5db444e264cbd2aea0638c1fc6cd32f36a66af2ddeea450f1ef840be20bd44886
- SSDEEP
  
  24576:tRYWpWuGJszyBBHYekckwa6TJyFwCNFUSIk0VcJT0IMfy5ka3jlfRYhV4Gu8VZf8:xGJszyBBHZveuh4kzn2U67i
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Web Service

T1102

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Loads dropped DLL

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3