Overview

overview

7

Static

static

3

Twister_ICEFUN.zip

windows7-x64

1

Twister_ICEFUN.zip

windows10-2004-x64

1

Autorun.exe

windows7-x64

7

Autorun.exe

windows10-2004-x64

7

Autorun.inf

windows7-x64

1

Autorun.inf

windows10-2004-x64

1

ctimne.txt

windows7-x64

1

ctimne.txt

windows10-2004-x64

1

swf/flashp...sa.exe

windows7-x64

1

swf/flashp...sa.exe

windows10-2004-x64

1

swf/game.dat

windows7-x64

3

swf/game.dat

windows10-2004-x64

3

swf/plosinovka.swf

windows7-x64

3

swf/plosinovka.swf

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Twister_ICEFUN.zip

  • Size

    11.5MB

  • Sample

    230514-pyl2baec3x

  • MD5

    55b22aafd0cb6109749882959585f0d2

  • SHA1

    adf0b72adad57f447dbd5977d25e7d33bc6e58c3

  • SHA256

    17424e72f802a9348dcf2c97299d49cc371743feaece996c0e5fa1a88a1fb7af

  • SHA512

    b86fac78040d8d430845087ae6913beca632112dff9484a16a6c5006fe756b293c658cd5a434b78591506c24fce4d9743357de5788092868f6bd71a4c52d80d9

  • SSDEEP

    196608:z01XFbXir/Q2sAD2rOXgVazuS29/9ZGGi8iPpoIP3B4+rp9j+heAiH+SjuNjMcpa:zibybQ2CVX9/f3aeIP3Bt1+hebFcw

Score
7/10

Malware Config

Targets

    • Target

      Twister_ICEFUN.zip

    • Size

      11.5MB

    • MD5

      55b22aafd0cb6109749882959585f0d2

    • SHA1

      adf0b72adad57f447dbd5977d25e7d33bc6e58c3

    • SHA256

      17424e72f802a9348dcf2c97299d49cc371743feaece996c0e5fa1a88a1fb7af

    • SHA512

      b86fac78040d8d430845087ae6913beca632112dff9484a16a6c5006fe756b293c658cd5a434b78591506c24fce4d9743357de5788092868f6bd71a4c52d80d9

    • SSDEEP

      196608:z01XFbXir/Q2sAD2rOXgVazuS29/9ZGGi8iPpoIP3B4+rp9j+heAiH+SjuNjMcpa:zibybQ2CVX9/f3aeIP3Bt1+hebFcw

    Score
    1/10
    behavioral1behavioral2

    • Target

      Autorun.exe

    • Size

      4.0MB

    • MD5

      763a177e47b5dd1fcd2ea110ce104514

    • SHA1

      42e9681ea0b6d8a65d6176cd7f850517e2567c49

    • SHA256

      e4395ede12cbc68d08c722493a7275c2ba994a86787a764054b89ba47eac728d

    • SHA512

      c9ec9d041f8a0496e6b88c48c11f05d5c16727a1efaba693ad1a0d2db8b020a24f7e44b775e1310fe2b8d70ac7735688a7732b355a502e30aba77c7640b06b25

    • SSDEEP

      98304:a8M1LcgGt1nju99W66siH8wBjABdKGqEOddOhX:+Lct3q9kuiH8wdALVSOhX

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral3behavioral4

    • Target

      Autorun.inf

    • Size

      27B

    • MD5

      ac115cd6a8cb440cc5e84fda3719dc3d

    • SHA1

      e31c91581b2d8c0d36880faaa6b1cde6576e42ac

    • SHA256

      1174ea71dd12784d21be555c50311c1d7c56b513d25e8b3cf9bfd12ef9c4f027

    • SHA512

      c2ad58798689553293ef5af8437c6af92d49238fc2e0e26eb411a0f98497174a055740e49a4c4ac0651b98aaeb4e91b1c39190330d4e23d5cde682c26db598a3

    Score
    1/10
    behavioral5behavioral6

    • Target

      ctimne.txt

    • Size

      417B

    • MD5

      16d3d6339369126a86ff992b43997c95

    • SHA1

      3b0d02b805c8f541741c0b7ba2a0c803c768f573

    • SHA256

      b4310b687d6ea45e45876293f8018250c2226b3faa098762ca226550e18f2ea0

    • SHA512

      fe553e5c1d188c5d2c0531ff9a4e26bddcc80ddf462ddce339c2221c30763b16f679dede2b93081076257ea90519c67586cb9542a74a81fba95066df223c8533

    Score
    1/10
    behavioral7behavioral8

    • Target

      swf/flashplayer_13_sa.exe

    • Size

      9.9MB

    • MD5

      ee097b095fe9098fb05acb318fa117b0

    • SHA1

      a423567d6932a5886eefa671c0ac9b28c04d2f3f

    • SHA256

      1fb9a37f6da7f7482b188579717b7308d008a341e7c8e527b52f8665d96a8ead

    • SHA512

      3c38d68e058b2f59004914ec8fa41eed96db61a9d6dc243e8e3ae1d895f79171145a44efbd18933a9475b85716eb691f2da1eaf34d3caa2bf8f343d7d46d1286

    • SSDEEP

      196608:lv5Qapru7Dy8D3A7GOGqZcivKbnQgiyIAVlkW8+DxXjKry0s6O3:lhza7DpQCO8QgiyDVlkncko3

    Score
    1/10
    behavioral10behavioral9

    • Target

      swf/game.dat

    • Size

      5KB

    • MD5

      df44f860f73d4d81d43f0eccd0f7b612

    • SHA1

      a26a7dae031f8d4b6df03bd5dd09eb1bc649e424

    • SHA256

      938f01e92dc977b413b667ad791feca11f1b848c6b28454cf6625329598e8c36

    • SHA512

      c044b3a5f443e9c31c5d20f39af6e61057c5ed0873ce17de5e7afc2df73025ccaf1a225624bd47344fb0c1ce51b03f22559976b66906973273ab976a48e71ba4

    • SSDEEP

      48:k/4v19Y4JdEDDDn2WVomVppN8MY7PWi1KL9e0Xuwq5QJ6yorL+cE5uDT:k/4ddvoomVZ8p10bRqqJ6T2fYf

    Score
    3/10
    behavioral11behavioral12

    • Target

      swf/plosinovka.swf

    • Size

      3.1MB

    • MD5

      6e65046ce249d10f7e6702273841efad

    • SHA1

      b236885ef541b6c590fa01be50f60ba0fa21fce6

    • SHA256

      b92fecc2980149eabd545ca9392d4a06464e78b8d7cb98f15bc044a2537f3b02

    • SHA512

      11c58f98ea0ecd3d05b8226085c64045a66feab67ac22c34a1ba9fae39152ad59991626f7068439df36a9e587678e885b55c73d8bf7222d657f3f8478485a6af

    • SSDEEP

      98304:x/Frprzbebi4+RRsncEgFTMuyCqzuEmUKVVi:xnrzQMmncEewzuLUKVVi

    Score
    3/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v6

Tasks