d8c75730e0ae73179d4310f3aafec9864ba9dea0b259071c7ca59c3df27bdaa6 | Triage

Sharing

General

Target

svbot_activex.rar
Size

24KB
Sample

230511-t1k91sdg57
MD5

e7714da35836571a071e83e90115a572
SHA1

afbbbfc32d8b0e3fc931f6f2f697d3dac5048dcf
SHA256

d8c75730e0ae73179d4310f3aafec9864ba9dea0b259071c7ca59c3df27bdaa6
SHA512

57f6a7a2b52034812b27d772a733398a86b901beae8d6e9d1988c8c7f52a2426a7b03c31a14e1c367d4e660acf72fb636dd764f07e63f9f9f4f60922e80b337d
SSDEEP

384:diBBen45z4tIV/D2I48PfOVsFwCljkilHj1T0tUvmH3XCLThY/77jyMM+CDaj1Ud:z45sOV/SwmsfT0KuHHMuTjFmahsnd

Score

7^/10

Malware Config

Targets

- Target
  
  bin/cmd.lnk
- Size
  
  499B
- MD5
  
  a4c3faf37892b1fa14272549acd00a42
- SHA1
  
  4d65f7f3a7ecb5414826f5f3e8e82737ae114345
- SHA256
  
  9a203afa0f57f8d15a654fa05aee0d076a2391dc3759a1cfb643e49454b10996
- SHA512
  
  6c1bc6e4a7b9e17757d287c701108759f4ebe78483358502eb8452f9987b0b4091a94bda765e90e90ab399c9ddb36c648c7b8adeabd496079181b3580f817911
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  cleanup.cmd
- Size
  
  123B
- MD5
  
  7984eed045a43f900ecd828377ad1aa9
- SHA1
  
  e989aa91186c6aa14925100fad2630bac395c69f
- SHA256
  
  7c195ec5a8b6e3f5901720fe07a0c0122d79c8c07534351a24dc6a403e904278
- SHA512
  
  ffa1e3ec819aedf97475c720f6c4ec194cc7dbc7f6d12ac493f0e41de692d8b9dd7285f8dc04231545ba5756d719f15058bc596f896c7d94c5be30450facd11b
Score

1^/10
behavioral3 behavioral4
- Target
  
  crypt/crypt.vcproj
- Size
  
  3KB
- MD5
  
  f14dd090954b39436fabd871cffb5be9
- SHA1
  
  301bf3504b488d5375c112b581cf4a5b1283b74e
- SHA256
  
  68a457c4556786f80020203ff1b633c6e7a1c9147bee2e0cbba5239a052d64af
- SHA512
  
  a99ba0ea7ee075b007d409fa0692b198776e7eadd4acb1c2285b7a6cd5ed8d5eb543edca18df4945c9f1fc802ca39f82f45bcac8080c172c481a1537767e5ac7
Score

1^/10
behavioral5 behavioral6
- Target
  
  main.cpp
- Size
  
  6KB
- MD5
  
  e394a9774cef37b2b0006913267d3985
- SHA1
  
  f9a1b6c44b78475cb7be3c8583ec6522185f15e0
- SHA256
  
  0b335baa776081a14d39b3ce4810346ccd927b659a4e6bb4b6552d7ab0a61e8a
- SHA512
  
  abc767d8deb4e1216cdc117dfdbd5c0602f741b9add5c56a6a2d1b121a1d24788ba3cc90b57095955a1faa1a8e8a88eb529cfa2a124dfb59680e3010cfd14581
- SSDEEP
  
  192:p6tAAbaQHgPakk/2Wc2DvElFG1gkjXQQ0D8Y/jK2S9:pqeQHg/kDlbDjY/jK2s
Score

1^/10
behavioral7 behavioral8
- Target
  
  svbot.vcproj
- Size
  
  5KB
- MD5
  
  2a69931e58f6c1917b6539a5bcc98ab4
- SHA1
  
  55a2500cf48b43fb2451ffb0cc1ee4eed0d0044b
- SHA256
  
  1b0007f28c86b8037d9e4058d6457beb0ace3c9fa3e27b8fe2cab26600bb3aa2
- SHA512
  
  d1e1a042cd1106bc12f29b7782062e1654cd99306b3192f6e418691dd7e5cbe824bd58ede62a0531b54484c33d7976f1bf477e36cc967f1158c5af43fba7f300
- SSDEEP
  
  96:87CzklIcl4zo2zNbU7cl/ZoottCB6+IwYoGbI4:8Ik7l4rlXl/bZwYoW
Score

1^/10
behavioral10 behavioral9
- Target
  
  test/test.vcproj
- Size
  
  3KB
- MD5
  
  b9b3395052c0aeabebb659d40d009deb
- SHA1
  
  72f166665d9630e8192845f1adf19b14321f2bd7
- SHA256
  
  e6cb2f694ec2a5b7c4fb67d097996662696aeeb75b23ad9270aa57d856e94b5a
- SHA512
  
  116383e1990fc4f2161a41bca33cffa15056bd746b24d5135d24f4a639f4285f600a1725ffe63b6696223afcecbfbca89b84c071e0255ac37066a275a8166809
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12