2ba992d4192de17328cad79264ec9f91221d585f2ed094e239ef0bef003517b7

Resubmissions

17-04-2023 18:58

230417-xmtwsahd5w 1

17-04-2023 14:47

230417-r5yd2aef58 3

Sharing

Copy URL

Twitter E-mail

General

Target

theZoo-master.zip
Size

874.3MB
Sample

230417-r5yd2aef58
MD5

38ad243a39dc9e1209adf617a25f0978
SHA1

e4b6013dda3cf8eb300670030bfdc62a0c029539
SHA256

2ba992d4192de17328cad79264ec9f91221d585f2ed094e239ef0bef003517b7
SHA512

e5f15022735fe6740eecdf8289337db13a9607f194c434d67c1b34c21afa071f5c263f988ebb2ddab834e448d5bc2dd3f52cf9c8d97936f667ea7e1db2218cf9
SSDEEP

12582912:9XxznxpMTAeiqjPbC5d4n/mbo6G64QitudAwxIHcXsL5UitjWuk6FyG0CssWQ/6l:Xnx2iqjPOjy/mbol2SudAUBC4ukdS1Y

Score

3^/10

Malware Config

Targets

- Target
  
  theZoo-master.zip
- Size
  
  874.3MB
- MD5
  
  38ad243a39dc9e1209adf617a25f0978
- SHA1
  
  e4b6013dda3cf8eb300670030bfdc62a0c029539
- SHA256
  
  2ba992d4192de17328cad79264ec9f91221d585f2ed094e239ef0bef003517b7
- SHA512
  
  e5f15022735fe6740eecdf8289337db13a9607f194c434d67c1b34c21afa071f5c263f988ebb2ddab834e448d5bc2dd3f52cf9c8d97936f667ea7e1db2218cf9
- SSDEEP
  
  12582912:9XxznxpMTAeiqjPbC5d4n/mbo6G64QitudAwxIHcXsL5UitjWuk6FyG0CssWQ/6l:Xnx2iqjPOjy/mbol2SudAUBC4ukdS1Y
Score

1^/10
behavioral1
- Target
  
  theZoo-master/imports/__init__.py
- Size
  
  20B
- MD5
  
  9a3f6f9d5dc0e10f928fef1503884571
- SHA1
  
  e9c431d00ecd7769aec2ccd544cde09e392511ce
- SHA256
  
  ed6e532d85c9da5105bb78f3050f59b5476d30b6e8564b014a21bb0555c67caf
- SHA512
  
  658b9d2040eb1ff539f45e00e6de5bc2ac8c533831788bd5a8a3e14611c0f93ec6d5f9cf935017c9b073d4e22f152fb69680efeb807c78df6a4ccb70ec514e4c
Score

3^/10
behavioral2
- Target
  
  theZoo-master/imports/_rlsetup.pyd
- Size
  
  10KB
- MD5
  
  ee960471f46f1f9c3251723a9dcbe0f2
- SHA1
  
  5047b4ac6ae0d5db8de15ac1df9cc142464c3232
- SHA256
  
  69c6fdf358e370356e242eceb9f8f021703b5472b9efc5832ee12396b4a48bc3
- SHA512
  
  fcc52c5ec1c7ab210c2814897b10f06f362d12979583076ca717ee7c618b00d3ab27694b9b05b9c6a26f2445fa09b196fbc5cc6abb96b740048bf1c80e123811
- SSDEEP
  
  96:PfS/8nHaM2zE2YbTv5bVeODTj3G3ykNhc7+PO/cc94cl/Xu:nH52+r5PDTqy2Kcc94c
Score

1^/10
behavioral3
- Target
  
  theZoo-master/imports/colors.py
- Size
  
  839B
- MD5
  
  fd12562f434b6c1a98e3c058d413834b
- SHA1
  
  da1de76d325b8b77a8f97edb73cfc30edf505827
- SHA256
  
  a81af7ff1cb67a503a2df746ce070405f99f23d8eb2640688c59af291a2235fd
- SHA512
  
  aed53a88bbb78b79edf4cdb43a6e2c39531b2ae781f0e48a41f8903974c420bcd448c021baf6d4b695903a6313597e7f5ad9c636ae895be551ffc8dfdff9313d
Score

3^/10
behavioral4
- Target
  
  theZoo-master/imports/db_handler.py
- Size
  
  2KB
- MD5
  
  d5d5e9f70c6c8f5f2ac421debc1c7be9
- SHA1
  
  b48fffe28ba15629cff2fd2d3033e95181713164
- SHA256
  
  00075027b55d5ead5e0af3e9fe0225b0a1d95fb70c40e00eb55c602c2a84fff8
- SHA512
  
  ebd701704abaca5e739871c0a91447cc81cfe4b19913c52c0d69f416f3ab44839f24bdfe6b84a95758f53203d998ebbb8ba8ba6a3eaef18513e34c55b48cc4e7
Score

3^/10
behavioral5
- Target
  
  theZoo-master/imports/eula_handler.py
- Size
  
  2KB
- MD5
  
  6907bfd1895500d3c1f618df68518ef4
- SHA1
  
  00f437376ea78569d443da03f350e72e07c69af4
- SHA256
  
  0d73cb32b56f0ca86a8193e6b5b7511f8c12d87253fd0f34f089efd69a924536
- SHA512
  
  8ca7f85e92d8f9f992fc4e9f74b50dfc474499762b14f179c626c226b110b90f2b90628ef31ea11a9176df5ecf79c5638db6fa7c99278561af58c7af88a2f496
Score

3^/10
behavioral6
- Target
  
  theZoo-master/imports/globals.py
- Size
  
  12KB
- MD5
  
  529d7b2f08c927b790656939db3c632d
- SHA1
  
  16f4ae8ba208c55e6d3b60edfac1a8172013fd7a
- SHA256
  
  1cd290a506171500dd2c9b4dee14e5a06803a02d451d85a6309ac56055c63b21
- SHA512
  
  091a2e1bcf8c4d70f6c3fa4c1e20e9fc1331e9d0b4ae35475aafba4389da8b2ff5f495a595494510fe4c530690bb6daa948061aa1de76f04cf3ae98e4e718705
- SSDEEP
  
  384:qsbL+1/OYF/09jLQSwK9Nf4BaXLkzH47v1q+RcOH29qUzvj5nFpOKOl4lJwuJMtM:qsbL+NOYd09cgM
Score

3^/10
behavioral7
- Target
  
  theZoo-master/imports/manysearches.py
- Size
  
  2KB
- MD5
  
  5c9029309232acf67957d7dc05d05642
- SHA1
  
  1293673ecff8c904b2ff1896156fb56bd13c2234
- SHA256
  
  4cdf67e106fd813280f7d4a7db686eadd2f45e13e7f0e93af3e19cc3702b73fa
- SHA512
  
  44c4ac531923b0d88a6e31cba5e8143ed54c23273f38664a05f69ed95f3f0020734ce60bb8d5df027c01adddf31815a1b0f85ba646858e70610eb76beca2a71b
Score

3^/10
behavioral8
- Target
  
  theZoo-master/imports/muchmuchstrings.py
- Size
  
  1KB
- MD5
  
  c6abee7cf9aeed41aa3ef83ead04ac3e
- SHA1
  
  39a6a6a900eab045dada2e75b052331ee2689d15
- SHA256
  
  062c84c283cddae57aef2e546dab8f8aed4b1924244731387e42a171769222e8
- SHA512
  
  682d8bd2b933015f359b7e621018ed2c62720cb4f006b8ef15dca5a67b596953647fa6dbcf2f620b0299859d9b181de1fec878832f999d6cec6589d1ca07baee
Score

3^/10
behavioral9
- Target
  
  theZoo-master/imports/prettytable.py
- Size
  
  52KB
- MD5
  
  538a1660328eba4d987150cf1f7defb5
- SHA1
  
  7bd28ed735044aa2c1a155cb1fdc42ecff4c4410
- SHA256
  
  7db30219256548be448ad71156bff6888773ac8f34018d4ec3b7d92849486231
- SHA512
  
  8776777be190621e7d486dcba369941f07603f4032e65367fb7e26b897c8b95ea15357a907bfa0a38893fb0df9966311da1e868704df3c4cef0101942b73bb25
- SSDEEP
  
  384:0hR7aJ/wnqMzGZZGW6ipSb6LJa6SzO+K3ldjOSOebXl6oZRaa4OoQGea:MGJ/wqgGZZGT56/rjn3R/l7A
Score

3^/10
behavioral10
- Target
  
  theZoo-master/imports/terminal_handler.py
- Size
  
  6KB
- MD5
  
  8607a2b55eeb72569f6b040ce9eab020
- SHA1
  
  035e869ba246d9000b7074d0c5c9f602d3110c9e
- SHA256
  
  ede24040ef72dbcfcb322bf492891b3dc40036996252cc770a53074bd15ba154
- SHA512
  
  4add13620a54781c6b35f30a117c49ed0f87466b24d568d7097d4581335ad82f40813911f5f5d156a4b12daab6bfbf6382fe77eca88891ab025a5eb1cefdc298
- SSDEEP
  
  96:0nJX0rVshjW+31xNwwS8pymrEpfMNtBSBT6HUNBzC9uKOtAF9EcCEZirrWb:0nThjW+9wwBpYUBQ8olkse9Sro
Score

3^/10
behavioral11
- Target
  
  theZoo-master/imports/update_handler.py
- Size
  
  3KB
- MD5
  
  4be7e5c0a2d6311032a1c6fce458989e
- SHA1
  
  a11ec2883a430a183a2c701d9566b40399e19656
- SHA256
  
  ce32494bdd4f90baf1480c345aa04f51fc6289d1a931186b291109275312340b
- SHA512
  
  ac6db8cfb4513d96deb498e71e169692662498a6e8bdc6efdc4277214532869a6b664e680338c831c392d704965fcdb8006c0f8312ab8553886ab7e855bc5f87
Score

3^/10
behavioral12
- Target
  
  theZoo-master/imports/winreadline.py
- Size
  
  9KB
- MD5
  
  a2ce8370162d5a59a506842c1fe01466
- SHA1
  
  4db0501e81d1eab723d66bf5243b01e0ded38ef0
- SHA256
  
  5c7a8caf33665db16c6465aae77649d871fc130655e6c56872bfa04f2d16cfae
- SHA512
  
  bf96bf5eb021c9291325f8087a3a46464fc20a1476016e27885d00831713ac6ffbfe999bd8b33e799ba86fa86d6cbc858510914b2cd7e9194b98f34b17cf832a
- SSDEEP
  
  192:oyZtLLP+3ORFTrewN4okMdeuruLovVnIxrOZmLTUpEq7LU7ouu:ZLEUFTrJWi8u6OOxrOZmLTUpEqXRH
Score

3^/10
behavioral13
- Target
  
  theZoo-master/malware/Binaries/All.ElectroRAT/All.ElectroRAT.md5
- Size
  
  60B
- MD5
  
  2f178a474ab4490e44b151fa65bec685
- SHA1
  
  5415b4aff780204f548c999f74fb83a33c56247b
- SHA256
  
  0075738d9ae4e957fa60c8701a7080102da30ec7091bb8964593ae995c7ff522
- SHA512
  
  20b5c705c3b8ad81210eef86c069b55e49a1de6f401dd853c45216050684f986dddb3c710c1a5622efab5a42aa6707d5b7ed4deec2e31b7b6e9f26c569bb4889
Score

3^/10
behavioral14
- Target
  
  theZoo-master/malware/Binaries/All.ElectroRAT/All.ElectroRAT.pass
- Size
  
  9B
- MD5
  
  d1ffcf28ab933ac685753cc6c1be9b20
- SHA1
  
  5d0447073056a1e9de9b38ab47d0a52b53418fb7
- SHA256
  
  d682d88cbb07ad1adfc69618adc71e3549733be116fbbbf4395e6235da0dbf7f
- SHA512
  
  921919e71a1bc899f9dabf3eac13d4f6a793067976925023e21601d897838e5d8ce71e69cdad920046d8fa3b408b6acb19dca748ffd60b3892f60f322b28df0a
Score

3^/10
behavioral15
- Target
  
  theZoo-master/malware/Binaries/All.ElectroRAT/All.ElectroRAT.shasum
- Size
  
  85B
- MD5
  
  f2a39c139fce9cb2b51866420a65bdc3
- SHA1
  
  01032d2e6086380c80b0fd9f08bcb51c56a1149a
- SHA256
  
  b76cd83db6e1fd3b09935a752b49de6dc526e463f52ced5ebf2e91900163d1ca
- SHA512
  
  2d87253c53fc03e6d3b6a14397c6a780ff76527b5541b67dad62bdc4f001df68cf15f7b03c1e77236c794c2ee3737bf5037e1e98392435833f10c330791ada79
Score

3^/10
behavioral16
- Target
  
  theZoo-master/malware/Binaries/All.ElectroRAT/All.ElectroRAT.zip
- Size
  
  881KB
- MD5
  
  7ff8d31ad43f62f1c6876b725a1ebb1f
- SHA1
  
  e23baf502bf5b2eb81fea0a2e570e7ade8998bee
- SHA256
  
  dda14413450a11f336a8305cf274943d614905c3429d4f0efeffe6bf4b8b7bdc
- SHA512
  
  b1afbd5ed92933ffa1a1add1b5b8cc581c7361d8106fed20a8aee1493af7a0279b27e4220515d39e4f5640df43309aa40073750f9e232438cc5f7a561273a9c6
- SSDEEP
  
  12288:yykcN4NEaT6082MQxzgoOnAlUiQNd83MBBPXyyg1/UgGc3G4af3ENPNBAIhH6oRt:vkckET92MAs8oNvLKBU5l4iCsWvVbGo
Score

1^/10
behavioral17
- Target
  
  theZoo-master/malware/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip
- Size
  
  4.9MB
- MD5
  
  1a4685398fa5bc12ef2b466fcf0915dd
- SHA1
  
  50e99528b12feaaff8861842a96a850efc046cdd
- SHA256
  
  72687b3bdb1b51311c94178fa0bc263129ee22310d15e83b4b0540b5bf072649
- SHA512
  
  9ae81f179fb14bf03599bf9274d18eed9807d680a3598cf6fc5f0b0460e13def893497c7a1eee17154d215f9e2b67f294e4848b0260f1fc730c9ba123bafef5d
- SSDEEP
  
  98304:JSfd8PbarxH7LFkU2y5X+Dzw2QVruXIh3QBZB3kP6GTom+O+xDc4iA:JSfdeK7LFks5X+Dc2QVcI6zB32svwA
Score

1^/10
behavioral18
- Target
  
  theZoo-master/malware/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip
- Size
  
  1.9MB
- MD5
  
  288ab0eb964e2a4137fe2dd1a90a731e
- SHA1
  
  aa10b834528f9bbcfe7cfd5772338258cefe277f
- SHA256
  
  7f608672dfe78ebae00c9036ce011eb14e9e64602bd8bb70356ee639cdea90a6
- SHA512
  
  01403d14558109e149e05bfa61cf690745be459e3fe0caa40b3d33efecc47e93a7321a1ebc0d2f4bfc3069cc157ccccaaaddce0b7c0b1aa6003c51b0256af53d
- SSDEEP
  
  49152:58g0Du3DlLbmhwjzLHy5wFMZ5pyBdtvB+GBKgOvYXu:oC3DpqhOnHyyFQ8VW/T
Score

1^/10
behavioral19
- Target
  
  theZoo-master/prep_file.py
- Size
  
  3KB
- MD5
  
  47918026d243dc29cb7448ceaeb4fed8
- SHA1
  
  012572553d7ea809507f574351ca07159e0afee6
- SHA256
  
  18d8b52b47780c178c71d0d27fe9921a4c2921e2bf7e04fb34e0b84927d5b8fe
- SHA512
  
  669e1891b3236a5b92faac775736fd254af6aa0e97b7043312cd41ddc1196a77b0c12670369b0bfaba8f1d21296ed0701d2ee121cd2e94a40b817054092cbd53
Score

3^/10
behavioral20
- Target
  
  theZoo-master/requirements.txt
- Size
  
  18B
- MD5
  
  d6a1df50d7df92df786312359396b95b
- SHA1
  
  437a74e0ddecdeae2d5968173a9280afef7cee18
- SHA256
  
  f41a95c0ba49e5fe575df9611a063d49b78621c95515b88377fa75260bada1be
- SHA512
  
  a086f703fc29f00f5f9021eb1afdb44154d0ffd994669a3c12a0ee20e38b0f660f063aa9e6c81793decb0489b72fa8ea568c47930541beb753077eaf015c4605
Score

1^/10
behavioral21
- Target
  
  theZoo-master/theZoo.py
- Size
  
  3KB
- MD5
  
  3b5f8f778d7aa355a8ed6e39218454ec
- SHA1
  
  430fdb363c54273724fca2bd3a3c5eb498ffccb3
- SHA256
  
  786dacaa3d31f7048de3b4846c2195d546b199527db9a0c5f7ab46465c6ec784
- SHA512
  
  683ef0f7b080de488c6dac512924249f382c3687490ee703f7303471505d86a62351b6c7380a92ebf4daf266021c0dfd899b68770652d6ea6953d01036918b77
Score

3^/10
behavioral22

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22