dc1bbd9dfb8b507a4598e43021a1ad74ad6d2f60674185bb0ee82f913aad462d

Sharing

Copy URL

Twitter E-mail

General

Target

Iron.Lung.rar
Size

121.7MB
Sample

230511-j52gpace75
MD5

750144ca7283c6b2b4e7016c9f31a89b
SHA1

30f2768e991f5b51b546c5a4a890bc01b8d990b8
SHA256

dc1bbd9dfb8b507a4598e43021a1ad74ad6d2f60674185bb0ee82f913aad462d
SHA512

899225e21cfa85e2f00c37fbca205f8d31bb5af8dadb9189e7be433f940f3fb62d9152a0a9db74c0fef75f6a87643f3b69cb47dc212ba31a9225550108267e5f
SSDEEP

3145728:VeKS8ENnp4QGijO+PBdQ/X4WmtTUP14nI2IU:4Lp5DMX4ee7

Score

3^/10

Malware Config

Targets

- Target
  
  Iron.Lung/Iron Lung/Goodies/SpinNShoot/SpinNShoot.exe
- Size
  
  4.2MB
- MD5
  
  71081f5f90e7c780937b66af0710f87f
- SHA1
  
  c32640490c6789e9e8917c78140921b51b723378
- SHA256
  
  d747ed772352daab383536e823cada9b4853e0acc0f10d384bf36e35214f719d
- SHA512
  
  6a4ac4d497e423cd94cec04144e1eb704d89860e86d7f044eca0a8f3804e9c9c65448b011bf2c8d2ff5033af1969372e4dc52b418cd17a5f182e5e53724d77f4
- SSDEEP
  
  49152:myMNKCjv1gb3MSLBGkzFApTKjiFF5gLtuiRDlTr6TqLirzAfef+T8zQS65:myMNL76YkzFSKeVgnlfef+ocS65
Score

1^/10
behavioral1 behavioral2
- Target
  
  Iron.Lung/Iron Lung/Iron Lung.exe
- Size
  
  638KB
- MD5
  
  8616d9ef509ab81b4993a0063c39b8d2
- SHA1
  
  66f6e7d043b4f436b8b1e701d65ca0e0727b7963
- SHA256
  
  c686ff9610225cbd8992b371a473299286663f31575952249ba83aa1aeb54dc9
- SHA512
  
  ae7f5b04b1d4bfe332637225d881bfb70d5ac622ca7cc9b525acd4c1a4ef7bbdea676f5cbe41fcd606162e077a4c2442ac78f54792a7799203c190facc522224
- SSDEEP
  
  12288:o4eC1MMcZ+xjx+RtIDjgooM5ANyxOOnwaV2ZKFXv7+zo:XJcZ+Jx+t4JDAOnwaVj9Czo
Score

1^/10
behavioral3 behavioral4
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Assembly-CSharp-firstpass.dll
- Size
  
  73KB
- MD5
  
  58417d6062a5c941c3397043d13a83df
- SHA1
  
  ec9c9a1024b7e742ead306652ae4741f63a3270a
- SHA256
  
  b789bfde39df2cd2dba31e6b3e9df78f6aa7a61cff6cffb94747a352a855e3d5
- SHA512
  
  68c33ddf8da666ff72f6fff95f3fc253d1eab786bb80f23c176398dda7659b42786b10b57e323ea16ed67000d51ad25edbc103fc06f4979f4b67d3c9ee0007e9
- SSDEEP
  
  1536:hllVckwzWYDDPg4xEwWrkQQge1gz4WEY/tY/VxefRg1/2KxMPLGHeSKscTcej4jm:zlVckq/PgeWrkQ3Mgz4WEY/tY/VgRg1Y
Score

1^/10
behavioral5 behavioral6
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Assembly-CSharp.dll
- Size
  
  494KB
- MD5
  
  9448dd46a7aab50697d9dda53eaa0a4e
- SHA1
  
  37eb2a54d46ba6a7c2e380f187b3b35346df7cfe
- SHA256
  
  967561c20a8330964be07497d2057a64c5542033c7863100784ba62c77cf4e3f
- SHA512
  
  5a45a43f4a66cd51adb59750c4aa076dc21b1b5303ec3d6c6fd52bc9836edd4c68cc90d07bfeddd98c27c45a8e271a00446644c85a090e608d52fdfa94dfcfdd
- SSDEEP
  
  12288:Q4oggDD5BP3yyll+gDuB03ylY7m5MvqdwT+REHC1oL2hJc/OlgDuB03y7m5Mvqdy:dPgeENZzlWgt3Z8IhQv
Score

1^/10
behavioral7 behavioral8
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Mono.Security.dll
- Size
  
  303KB
- MD5
  
  f7acab1e09deaa11c9bdd0d723363016
- SHA1
  
  e940058cff5dc584c11dc6e4b111e85a3f6ca06e
- SHA256
  
  8c47b23389f9eede068683ed8b64b5a466f986499112983290778b30accfd1ba
- SHA512
  
  ec73a3c841358113a33829b50ea14ec860ccaee883c327515b369d08e3979643466fb57dfd550c62eb1468b6c92c0cb03ffb07505ec77e62bb83fafcd51b2894
- SSDEEP
  
  6144:Buca+sTOwf+31OE5FXNywY1URfxArXj5of:9Ui9kgxY
Score

1^/10
behavioral10 behavioral9
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Newtonsoft.Json.dll
- Size
  
  667KB
- MD5
  
  d46892cc58663531b78625cf74acb439
- SHA1
  
  d4245bd8ea576c4250950b337d5d1047c12c703a
- SHA256
  
  759accaa5fb7bddb54a2ceab92a3d8ab50750333ec73b62605aea6165d1ca6dd
- SHA512
  
  fa204ab353a5f9a1885a5fedd5df48db6e37894ed93e994f92fdd273d06e58523c39d9fdfc31a55fbd02a9b023fd9a0105fc871b9ae518430e71b0a9af13f284
- SSDEEP
  
  12288:+m76XVrdlC5KK/BGoG1wQvOFTQ2VS8N9XBBjsgV:+m7w/AAoG81gMXBBjsgV
Score

1^/10
behavioral11 behavioral12
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Rewired_Core.dll
- Size
  
  1.9MB
- MD5
  
  609ba7d19459db0fde0cf6378f80736d
- SHA1
  
  7965f4d34d066f46421906664db635b8154df952
- SHA256
  
  20848ee2eecc35432a96588c81bd5b859ed4d3d56a1f897530bce42c7f8de51a
- SHA512
  
  20470b790c94e8901b4debe438d432dc02254a1788347478dec875446b1e353306491f4c344bc020780aa4d0019e616ba4eef1635503c1bfb96c2ce0268cf257
- SSDEEP
  
  49152:uECGZrF91sYM5bOt61N8Bmysx7KvwN+a4dJBneLPSM4NoLntso6ar74/rXcP0ZrF:ubGF91sYMXggOFwjO18
Score

1^/10
behavioral13 behavioral14
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Rewired_Windows.dll
- Size
  
  908KB
- MD5
  
  e4fe0ed059c50813c785b4b7cb59f85b
- SHA1
  
  eac65f6f20e11f3dbc6b059b90de464c960a1e4b
- SHA256
  
  7ca369e3f07136f34bf3b376443f638e93d1a2c84f347a3b14e871ec5fb08f64
- SHA512
  
  b610bf04272359c433df7f5922d17dcbe39a77113cdc52b7a7b6e822945e185ee43f91e4435e8215504a8e6020164466c7c89a6aa01545ffcbaf2e15504da11a
- SSDEEP
  
  12288:h4mpPG6MA8b+yalywpP6DT0BvtOPntcxql1a1y55RKPzocYX20/:HZRQhg6DMvMPt6qlcWuEc020
Score

1^/10
behavioral15 behavioral16
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/Rewired_Windows_Functions.dll
- Size
  
  3KB
- MD5
  
  c32a7eb9b595203e86c32f1136d27bc0
- SHA1
  
  ca3169aca5376e0e42ef6f03fda0da3ed2da750a
- SHA256
  
  bb91e36ee1039a9cd44f8f9563a392611c9c9f84c70b178520d7b6f779201e57
- SHA512
  
  029c14abd26a9ee71b6653f481d7733de7aa3ecb743a01bca6ec59c3d2e56017f0c4520e2371932de5ceb23dee2d9f28470e86be0b5e3f41350ba8cf67b36e00
Score

1^/10
behavioral17 behavioral18
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.ComponentModel.Composition.dll
- Size
  
  242KB
- MD5
  
  7cfe714806f245e2571e58be288ea10e
- SHA1
  
  4820ec4a7558e18aa1ea151d22cf1920b82b23a7
- SHA256
  
  596500c15e90d4b63573a19da292009c95b02e05005f48077d7fc0850dd220fd
- SHA512
  
  9e5808152c5921b69f1080644ff84a1ecbf1358475c4c28191bd07a061e504c72264854777c2be38dadb7c250d890285f55d94a394edf8277692a83fe9d79bf7
- SSDEEP
  
  3072:DdpvT15KXwrqrkRixoK47Sr73v/1fLExXEGgDX/EOoRlKPW10QgFLqRRRRRqqS6h:DrvTmUTTOoRlKPk5gF3HoJ0XtCeaK0w
Score

1^/10
behavioral19 behavioral20
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.Configuration.dll
- Size
  
  42KB
- MD5
  
  0b09a3e4ce58624998dd6e0632f3408f
- SHA1
  
  a12f53a04b9494da343c16ded4dd3d21f3edceb3
- SHA256
  
  d113751a382b211f650430b2e6509a459fe28bf70130b986a8e5183bec97bb5a
- SHA512
  
  36a9005973243c2f88674607e2dfb2203bd53445970b8398a1a6144979c920e5c30b6066dbc179d4f3eb1ada40e7dc285041a7a591c3fd8a844753b60e488191
- SSDEEP
  
  384:DC2yuMNMMZJN56g8mKo/hjp0r4ourMVSzciDqnjdiaFg9/Ses93HE7LDaXTSv/fg:PyP1Sm3ScrMdWgdVl93kZAarx2ZJE5
Score

1^/10
behavioral21 behavioral22
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.Core.dll
- Size
  
  1.0MB
- MD5
  
  caf99bab07df42b6e4544ae64dc4d908
- SHA1
  
  cac81132ef8a76cc0bee99dfa5ffc2096c02b848
- SHA256
  
  2d702d211d34e9b94ca18a5ef10a6c2b0fa40fb2cb09751348c7d5bd4dffed02
- SHA512
  
  312ae4f3baa0bbae11173961f99d4ca1ff35473fa7432076c36fe07ede4f16b882e03d5dc4216f20091b47763e269be113fe95af9f31927b789c3bf953569c19
- SSDEEP
  
  12288:7HJ2eJWqejMiMRDm3l2fo+5HcXILaRbm57iNC/UB1658SYd5kcowul:7HFGoqCUXAYdecowul
Score

1^/10
behavioral23 behavioral24
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.Data.dll
- Size
  
  1.9MB
- MD5
  
  d314b95fb863cdd6119abc7e28e7c1fa
- SHA1
  
  5996b5c782631a2e7f276f5f660809c421810916
- SHA256
  
  23dae8379e8c412f69caa0668be411c87672a775ce473e18faf01f56c114e079
- SHA512
  
  bd74f8a6d19bbf45ae67117ad3fa8eafc397c16657197eb4dcbad3829ffa6096fc29c692b7dc8649a75c9d6078c8ed123806de27db290a9ecf445143187801a9
- SSDEEP
  
  24576:+etFgYwMkru3rrFdx0dkR9VUJLdaD7y7X5bLid1EB80o6Dpc:HFLwirZ0CUJL4f1EB80jp
Score

1^/10
behavioral25 behavioral26
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.Diagnostics.StackTrace.dll
- Size
  
  6KB
- MD5
  
  1fbb019db62578427a660fdca39139fe
- SHA1
  
  6c5cee9a58dcf493f94df27b7de17f19bdf021e3
- SHA256
  
  4701e843059674accc1c87038ec41f3cecbadce2a65755f527c8b65b0cebc8ce
- SHA512
  
  7571a6b15a03b2ac408d219b798b964d90cea0b58ec9cacc2709c1495dd4edd24fd35327e496e945e297f1fc976f128db6ee6a75e1d22752adc7a79a65f3d4dc
- SSDEEP
  
  96:Z5SzrdBy6UFfVGJfFPlcaxvtV6gOCua5fpbe1xa0:Z5QfnUF9GBFPl5xFVsCFTe18
Score

1^/10
behavioral27 behavioral28
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.Drawing.dll
- Size
  
  180KB
- MD5
  
  1afff3a67c365aed5c2603e9c69d8c51
- SHA1
  
  9a95855ddf016638e72c3bba8749823969fcd9e7
- SHA256
  
  41d7f9907c43d1c9dda3cd4a9eda76c836dcc7daf7f657ba993f6b6d9c146ae1
- SHA512
  
  9252dba52939c852f8377a58b2f0ff673775f409f41d5efb463c50cde72da8d1c6ef595f3d1ef94db3351d3b41a66711dc6ed299a8fd1b5a880c04af25614c7a
- SSDEEP
  
  3072:EigawrUmay+yV3XOe3QpYbh+q6FR3F7lx:v2VnOppYbh9Oxl
Score

1^/10
behavioral29 behavioral30
- Target
  
  Iron.Lung/Iron Lung/Iron Lung_Data/Managed/System.EnterpriseServices.dll
- Size
  
  32KB
- MD5
  
  88ab1f8d6737fb3cbea0d9d23de14029
- SHA1
  
  e531e7cfafac32bacec6cfe819821ed216b7a47f
- SHA256
  
  4fad61273e69b6c951a71b205b24b5682282d2e7ee998bdda5e5b2049bf12802
- SHA512
  
  71ed43d5160938309fe59c0774409f2f814f289181ea9c1c5b228ad9b5f8a4fb3c088faa74f452b7838b9e925bf0f786a6a9c3e09b8fe1b974121917999078d5
- SSDEEP
  
  768:vFDPgwXPjXVB1SeXbtjfLWifV1jmadK/wDS1ubnrkQK:vRPgwXPjXVB1vXbIifbm8KoS1urrkQ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32