Overview
overview
10Static
static
10Bunifu.Licensing.dll
windows10-2004-x64
1Bunifu.UI....on.dll
windows10-2004-x64
1Bunifu.UI....ox.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....ox.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....ox.dll
windows10-2004-x64
1DragAssembly.dll
windows10-2004-x64
1Mono.Cecil.Mdb.dll
windows10-2004-x64
1Mono.Cecil.Pdb.dll
windows10-2004-x64
1Mono.Cecil.Rocks.dll
windows10-2004-x64
1Mono.Cecil.dll
windows10-2004-x64
1Prynt Stea...ed.exe
windows10-2004-x64
10Siticone.UI.dll
windows10-2004-x64
1stub/DotNetZip.dll
windows10-2004-x64
1stub/DotNetZip_.dll
windows10-2004-x64
1stub/build.exe
windows10-2004-x64
10stub/stub4.5.1.exe
windows10-2004-x64
10stub/stub4.5.exe
windows10-2004-x64
10General
-
Target
PryntStealer-Cracked.zip
-
Size
3.2MB
-
Sample
230331-f6d61aaa9s
-
MD5
36733e3f323d8b99fe05a0a3b60cb806
-
SHA1
03365c3bdbbf908612c693a13941d3d16bfc1201
-
SHA256
e4ce533707f9e1945dffa512023c4c9d4b9343a6e6218844bf8fac3e957b9260
-
SHA512
999b864bb45fbf5b1ef6492321ebc089a9f9f32b2e59a063d2051e92dad30e3b450563615470a26e95444941f330015b751e5b25d3f8f432128244f4a5b6c4c8
-
SSDEEP
98304:+B1c+Uz9pp6fSs52YLgatAVFrK/AyPibjWa:IMiSgXLhydK/ARbp
Behavioral task
behavioral1
Sample
Bunifu.Licensing.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral2
Sample
Bunifu.UI.WinForms.BunifuButton.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Bunifu.UI.WinForms.BunifuCheckBox.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral4
Sample
Bunifu.UI.WinForms.BunifuGradientPanel.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
Bunifu.UI.WinForms.BunifuLabel.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral6
Sample
Bunifu.UI.WinForms.BunifuPanel.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Bunifu.UI.WinForms.BunifuPictureBox.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral8
Sample
Bunifu.UI.WinForms.BunifuShadowPanel.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
Bunifu.UI.WinForms.BunifuTextbox.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral10
Sample
DragAssembly.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
Mono.Cecil.Mdb.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral12
Sample
Mono.Cecil.Pdb.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
Mono.Cecil.Rocks.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral14
Sample
Mono.Cecil.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
Prynt Stealer 5.6fixed.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral16
Sample
Siticone.UI.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
stub/DotNetZip.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral18
Sample
stub/DotNetZip_.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
stub/build.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral20
Sample
stub/stub4.5.1.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
stub/stub4.5.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Bunifu.Licensing.dll
-
Size
1.2MB
-
MD5
1a45c5f35d5a5b3bf94f01caae45a641
-
SHA1
678428c593a7b168803766264e4fe44fab253700
-
SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1
-
SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579
-
SSDEEP
24576:4AECFfBu6lsgu8la4AfrCN/s3IEiZfy/bbxqt72l6oQkwi:FfxyIla4lN2liQ/bYtg6iwi
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuButton.dll
-
Size
108KB
-
MD5
3e60d71b66fb974045fb8dae1baef617
-
SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b
-
SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0
-
SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327
-
SSDEEP
3072:bci6D+NfJoqK3E6f2ih0xdGzFpzUHgmvE9ZshCcU7P0tbSInIKm:o+NfJoqK3E6f2ih0xdGzFpzUHgmvEQC5
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuCheckBox.dll
-
Size
103KB
-
MD5
db530e9b3be4232a474e201798975c3b
-
SHA1
3be4c26c7841f2e6d0310eef3a1e1730fc2e33ef
-
SHA256
a1bfdfb908aecd1495e78789640b39982801800848abf202bd8f4a538a8e2d85
-
SHA512
b5cad7da8cf0de850da761de0c2a12efe3de3a6ef80232847ded224dec931f0f2e24da6579900153b1c23a8dab8e982f54f73043c51827aad6378464ad1af150
-
SSDEEP
1536:V+ISJunQdWxsOQ8TmoeW9B6Ylw9oGMtWUNVLeOT+b:V+ISJuncWKVWbxlPDNVLeOE
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuGradientPanel.dll
-
Size
61KB
-
MD5
3d622700dc3bcafe8d024c9db5498e2b
-
SHA1
05195f9aae925b79dcc50abf33b2e19b99979d21
-
SHA256
ec894ea254b16af35edce401678cb079036a98103550c9384ce99669abe21a31
-
SHA512
6044f3d3f46e8514a46514b5bcbc82591b1af448591efadd017d31e0c59701df4fc530fa68d60ac05f6557c5507b971a94597928ac6752310414cd44452797e0
-
SSDEEP
768:KtOa8cFoOYwmObnyWL5xQn/5C6/f5ia2z67ipZdhPOYjgsfHM9oizKgJHIM:Kt9jrbLUBC6H5XM6OpZdh2cxsO+ToM
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuLabel.dll
-
Size
421KB
-
MD5
e65106de1d954a8ba99dba7fdc3757ab
-
SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8
-
SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab
-
SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93
-
SSDEEP
6144:Fx0YWWd9jDKErgWc0uk+SyLmXFbP2DJFKFyyPBYVN:FIEcWc0WLmVA8BYj
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuPanel.dll
-
Size
43KB
-
MD5
c9b870d649ca008152c8a5f70c26f00f
-
SHA1
aa34ac78f4a8740efce16960e7e35e860e212f49
-
SHA256
2f11a4fafa78fe89a49d6f954a46cb80548d3faaace84ec5faac06ceffbcd191
-
SHA512
d5a9061801b4b97c842aeb8d453118e8f7f2dfff499403d44ac667171de4e4652c245ff02ff0a7f9e1012b952e70fdffca546de4d4a03909206789d35972cb76
-
SSDEEP
768:xn5riyVbhpxzlpiTLt2VL6NtnP1X/22b0w8XhlA9vVtmTCBwJItnhrgEZz/h+K2T:RiTJ2l6NtP1X/22b0w8XhlA9vVtmTCBS
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuPictureBox.dll
-
Size
37KB
-
MD5
fd6e28c44ab0bb05721034aa10e5e5c7
-
SHA1
2c52c3925b7b3f9bb17fcf32ee7daadd275fdf81
-
SHA256
df1d1a4399138a002883caeb326cb23fa95b5ec4a18a1abbc725166155a299d0
-
SHA512
bf8bb42cce6713bdae6a70f30ba3e889f6d63ab1e92336fddc890cedf33c3cf17f06114c301eeb0b552384af3a2ca0b64ad8920f7a266bed0b6b690b710b74e9
-
SSDEEP
768:RDM5qd07rjIiE27vDrAoNookVPzQ8fosMs3eeq9iKH69izKgjAe+:KE27vPAoNookdQ1iLq9Rm+RA/
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuShadowPanel.dll
-
Size
46KB
-
MD5
e44f7f9aeb04fecb92bf963f9bd742ee
-
SHA1
321a74d31a77ec72ba150414ad882c6837a4adc0
-
SHA256
143ffc7dcab05060e40b8942f6c2fc1df621befda482c66f0ef0b4ccc5944315
-
SHA512
2cbf4e0bd3c92565d1116dbaaf57df3caece3373d376f404356bd7ab718e7589ce4703d7000bdee8f2748e92a36027ff5da17d79c85867e420236d596c89beea
-
SSDEEP
768:M6PCKB5UZ2SIZbidOzVDrJsQ4l1BwmUy6fRXLvKcU8knpoBTliQVD35/HS1GzsQo:MsJJB4TBwmUy6fRXLvKD8knQL5fS1csL
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuTextbox.dll
-
Size
113KB
-
MD5
7571e9840eb07d2e31a88f650fc63350
-
SHA1
590898ae191816dc1249bbcabd839b493b1870b7
-
SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a
-
SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36
-
SSDEEP
1536:lrETKZN2tUFNZltyJcatoMuZJrxHxhAedJxD+0NK:lrETKPa+7rUPQJrhx6wJx1w
Score1/10 -
-
-
Target
DragAssembly.dll
-
Size
4KB
-
MD5
3032d055fca0a8565a01d936f8846638
-
SHA1
07876039c5cdba41560fd1445088dca759a2a324
-
SHA256
353e542e6cca204e960675b9afb1ef7ada3194dcf65a7a939464501df2e20b0c
-
SHA512
0f4aa304a9d5bb91f42b6c2777a105518e2fbb715f88a8b285a951f8ee1f635283d7b77e0f76f8683510f04cac9e2cf9e051eca5c4b98af9e6e81a0fe0573be2
-
SSDEEP
96:48llZV12bcgjeMZDxnbspltThvRPYO3XII:9llglDxbsnBhvT/
Score1/10 -
-
-
Target
Mono.Cecil.Mdb.dll
-
Size
42KB
-
MD5
1c6aca0f1b1fa1661fc1e43c79334f7c
-
SHA1
ec0f591a6d12e1ea7dc8714ec7e5ad7a04ef455d
-
SHA256
411f8ed8c49738fa38a56ed8f991d556227d13602e83186e66ae1c4f821c940b
-
SHA512
1c59e939d108f15881d29fe4ced4e5fa4a4476394b58b6eb464da77192cb8fe9221b7cd780af4596914d4cce7c3fc53f1bb567f944c58829de8efbe1fd87be76
-
SSDEEP
768:Ar5EYZep98C87KHeBUZwrEzsEAnbF+em50KktmM4CRIcZwMRTIzMAtpw:Ar59g98C87KHeBUb5AnZG+zdwMRTzAtS
Score1/10 -
-
-
Target
Mono.Cecil.Pdb.dll
-
Size
87KB
-
MD5
6d5eb860c2be5dbeb470e7d3f3e7dda4
-
SHA1
80c76660b87c52127b1a7da48e27700f75362041
-
SHA256
447ede1984bb4acd73bd97c0ec57a11c079cee8301c91fb199ca98c1906d3cc4
-
SHA512
64cf4fe7de68a35720d2b9338ba9cf182e127d95d72d2ccf7ff5c73a368133663e70c988a460825fa87b2d03717a4447948d5262f56aceb7c3bf1cb3ab5a41a5
-
SSDEEP
1536:2OCAsdBo+am5OMwr5IlALYKXgAJGsZhTjrjvjCXeO:ZCjta0OMuIlArVJGqT/jveXeO
Score1/10 -
-
-
Target
Mono.Cecil.Rocks.dll
-
Size
27KB
-
MD5
6e7f0f4fff6c49e3f66127c23b7f1a53
-
SHA1
14a529f8c7ee9f002d1e93dcf8ff158ab74c7e1a
-
SHA256
2e2623319bdc362974a78ea4a43f4893011ec257884d24267f4594142fcd436e
-
SHA512
0c773da6717dd6919cd6241d3cee26ab00bb61ea2dbeff24844a067af4c87ff5cbdb2fe3ada5db4707cee921b3fb353bd12ee22b8490597d4f67ad39bace235e
-
SSDEEP
384:70ve8JOuJ5iC7n2NwxEXCni+VXcMeDz8PmR1ugLoaeuLMBG9UphJAprjE3uFLHa9:7+m4iCyrXOhG8uRssveum1pMFLHFBvd
Score1/10 -
-
-
Target
Mono.Cecil.dll
-
Size
350KB
-
MD5
de69bb29d6a9dfb615a90df3580d63b1
-
SHA1
74446b4dcc146ce61e5216bf7efac186adf7849b
-
SHA256
f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc
-
SHA512
6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015
-
SSDEEP
6144:jIevdbLPNYe8bikm98KXPHhOWY/fFREomhUFD3z:se1PNL+QRfBg/f/EWFD
Score1/10 -
-
-
Target
Prynt Stealer 5.6fixed.exe
-
Size
378KB
-
MD5
914c3ed0bc1e3014e15b17d87a61f7c4
-
SHA1
9df55d26eb513d1916faab783c60f5b20cec8bc5
-
SHA256
9a9a42bc0f7b7636a202561359da1098d2f4c45f27e80fdd062050a369e69a51
-
SHA512
3ea3481377efe7b1873c7ab90719786aa2d9f82cdf75f243b27c6918280430bbee78833fba18dd5d69df3caf596c82faa481cad78aa64fdb7a6758b8b9161cde
-
SSDEEP
6144:qTWgV4CTshTKxoGEflVecSEuNYnMuBAnLzuyvwWoSF45AcTG8OnXKxQmqbAQ4jeI:qTWwshTKxoGEflsFEuNYB8z1wWo4sAIx
Score10/10-
StormKitty payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
-
-
Target
Siticone.UI.dll
-
Size
1.3MB
-
MD5
750c58af2e56b6addecffcf152520ab8
-
SHA1
14995e7f1d12498606d9d209d78d55fe6fd87802
-
SHA256
27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
-
SHA512
2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
-
SSDEEP
24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score1/10 -
-
-
Target
stub/DotNetZip.dll
-
Size
448KB
-
MD5
6d1c62ec1c2ef722f49b2d8dd4a4df16
-
SHA1
1bb08a979b7987bc7736a8cfa4779383cb0ecfa6
-
SHA256
00da1597d92235d3f84da979e2fa5dbf049bafb52c33bd6fc8ee7b29570c124c
-
SHA512
c0dce8eaa52eb6c319d4be2eec4622bb3380c65b659cfb77ff51a4ada7d3e591e791ee823dad67b5556ffac5c060ff45d09dd1cc21baaf70ba89806647cb3bd2
-
SSDEEP
6144:FuCIjOL8qwWN/jMlC/XiapWSu9vnITVxGtSV41kJDsTDD5rlGe6wfxLV/7:dZLJLdvOSsnjS4csBrge6sf7
Score1/10 -
-
-
Target
stub/DotNetZip_.dll
-
Size
448KB
-
MD5
6d1c62ec1c2ef722f49b2d8dd4a4df16
-
SHA1
1bb08a979b7987bc7736a8cfa4779383cb0ecfa6
-
SHA256
00da1597d92235d3f84da979e2fa5dbf049bafb52c33bd6fc8ee7b29570c124c
-
SHA512
c0dce8eaa52eb6c319d4be2eec4622bb3380c65b659cfb77ff51a4ada7d3e591e791ee823dad67b5556ffac5c060ff45d09dd1cc21baaf70ba89806647cb3bd2
-
SSDEEP
6144:FuCIjOL8qwWN/jMlC/XiapWSu9vnITVxGtSV41kJDsTDD5rlGe6wfxLV/7:dZLJLdvOSsnjS4csBrge6sf7
Score1/10 -
-
-
Target
stub/build.exe
-
Size
250KB
-
MD5
efaaca4cae6d960c91f279ac977d645f
-
SHA1
97f455488bef96429253dd4e24c055470780143b
-
SHA256
62a71deb9d259ea7b259bbfc9a254f382a695d89702d5ba02328a67eed23c6b4
-
SHA512
a595ae55a0c7ffea98b0ef31b58c701d4f582ed2db01a89ce00dc9f947099cdbd3f261efccae4d68e31da70bb40c9ac947bed58fb9e9e500e02bdb5d82b55d79
-
SSDEEP
6144:MDfJCTwQvNm9bQdK1FcSEuNYnMuBAnLzuyvwWoSF:sRCTwcEFEuNYB8z1wWo4
Score10/10-
StormKitty payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
stub/stub4.5.1.exe
-
Size
251KB
-
MD5
7eea56ea4822ec3da3e86362c32e9304
-
SHA1
ab8a0d7fd81bb61a63c8caeb52081da2fb3e5709
-
SHA256
3e383968fbdd567bb56c293837fd2965615246f40b95876a0ff954b06b34b40c
-
SHA512
61bd378e682519bbfc8dd33fb83865fb9a0e36fb9b1b086593a619992fd6480791d51e4a256f67a31394c6a67db1a5a2e8ee16c3b983c4734288834f9d3a3b57
-
SSDEEP
6144:gpksnd7L4+m9bQfDFcSEuNYnMuBAnLzuyvwWoSF:g2snJ51FEuNYB8z1wWo4
Score10/10-
StormKitty payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
stub/stub4.5.exe
-
Size
251KB
-
MD5
787c59882e9b7c46a800f44f6bb56a52
-
SHA1
92bfffef47597329479dd636d8aa0613740a7e6f
-
SHA256
3897171f1a25fa0d42e7658b72479e2089dbb51ad36658f2481326f4a9c13544
-
SHA512
282ba558ef4adf6e011233919389f5a7936b955621062fc9169eb72f83b307bdc4707fa5dec7550658ebbb097f20159e5458722c6c829840e504792ac068438e
-
SSDEEP
6144:tpksnd7X45m9bQf3FcSEuNYnMuBAnLzuyvwWoSF:t2snJihFEuNYB8z1wWo4
Score10/10-
StormKitty payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-