daam | 0d9c7b40537e5a4d45ea7038bacc49a9af1fb01a0b0e9df226fe21edbd1b7d77

Resubmissions

29/05/2023, 01:09

230529-bhz2caha69 10

12/05/2023, 04:55

230512-fj5ensea8z 10

Sharing

Copy URL

Twitter E-mail

General

Target

184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip
Size

9.7MB
Sample

230529-bhz2caha69
MD5

ddb681de1d72fec97efc5c8ebd9f3c6f
SHA1

688457cc77269fe300b310eddcc0c38ca7f5ef2f
SHA256

0d9c7b40537e5a4d45ea7038bacc49a9af1fb01a0b0e9df226fe21edbd1b7d77
SHA512

b9ae6efb9fdac12bb8b9c2d4a058197ea30ab016a1c0d9075d499d9ed5503f7dab8fdab625e7921f964b73930aa608c12aabdeabdd4f3cc633e510acc11ac871
SSDEEP

196608:I/UwUjgmnsVnJN60e4oO0ZWtcUuYKo4xYBuaHaMZhDnQZN:T3MJVJN60ehWtcUvKgJaMnY

Score

10^/10

Malware Config

Extracted

Family

daam

http://192.99.251.51:3000

Attributes

uri
/socket.io

Targets

- Target
  
  184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
- Size
  
  11.4MB
- MD5
  
  99580a341b486a2f8b177f20dc6f782e
- SHA1
  
  bc826967c90acc08f1f70aa018f5d13f31521b92
- SHA256
  
  184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
- SHA512
  
  d2cfbc281fe353b8018cb4e7a861a551f0ebfccb65aa03e964109db8f0caf424eace828f268f01d99d074c89990dc2e7091ba3971c513d781dd4792212463957
- SSDEEP
  
  196608:fJ3KuqWHMH+fOll0iiapsSxMGsLe/QLtdsoBnkUFH1apjp2pE9AhrVEnUqxVq+b:flK7WW+Ggii8sSxMGN/SdpvX8N2p9kXh
Score

7^/10

evasion
- Acquires the wake lock.
- Removes a system notification.
  evasion
behavioral1
- Target
  
  bookmarks.png
- Size
  
  527B
- MD5
  
  f09c283f4fe14d6875c9bcfc498503da
- SHA1
  
  1987f051a23f7b0542197058c9deb99ac9539e42
- SHA256
  
  6df865d4eb45172753d088e9feee810975e18f5bfb943946320bb01a21d6506b
- SHA512
  
  b7d056d81d200348f63044a397d69b6fb800447e8eb5131fe48a8ea1f86b8b73c92b316532fe780e7c24621bb035abd101053f0f232f52559647fd0ed455fd2f
Score

3^/10
behavioral2 behavioral3
- Target
  
  feedback.html
- Size
  
  235KB
- MD5
  
  ed7e947fa2f68727b517d7aac067dbb4
- SHA1
  
  01411403476ebb13a6a5de78cc600c633ea605ef
- SHA256
  
  90561d5f857b5afd2974a785005b9386f1284a8ea6da7bda5909710eb51ada9e
- SHA512
  
  f6ee2352a903f50d42ca57e2341b406ded2e8f4c854e34f0bb83ca78b11c2e5c5bf1763fe808feb004c0e95a0ee68b06c58ea65a23d3cc001be2af39b30409e0
- SSDEEP
  
  6144:WIvC2TkAie95mDAV1ZaDBOpp+7Zo6OlUT8tdJH7yo:VvC2YQ5mDAV1ZaDBOpp+7Zo6OlUT85
Score

1^/10
behavioral4 behavioral5
- Target
  
  history.png
- Size
  
  825B
- MD5
  
  019f59ac3da22c906209d68aa138b6b0
- SHA1
  
  c8d194a21265758981fe51644c33d204010b963c
- SHA256
  
  9a6e908092a81c60e3f6d901b27cb717bf248209767c1821f6dda803ff6f56a2
- SHA512
  
  4a5dbe38940a8510dda635f00de2d857307d296c28004666799252854c7f43863329fb1bbae748b6ee6d69cdce458997781affb5f6b110e584f5abd1213ae094
Score

3^/10
behavioral6 behavioral7
- Target
  
  linef.png
- Size
  
  17KB
- MD5
  
  4781b744cb1f855eab0e54addfacbe20
- SHA1
  
  a74af1c24d23b2c2541aedaf7cca21da1e53eb2c
- SHA256
  
  52bb14cc8d136d715de6cbdfd54e0ce40224997312e9614dc907c9f70426671d
- SHA512
  
  f88b14266b1a579ef2afc070f4a20921817e214ae92a141d4c8d625c0a893b036368c26b4ebeb737e3cb9ab0c1d0939bca0b9db110d532f0c67ef54d45cc2b65
- SSDEEP
  
  384:3NupzoBLw61Bwgg39qPPFwEMwytZZk0ykGpRApuGijmfnQ5GB:36ziLr1BM3gXFTMwO3GpWpESfn3B
Score

3^/10
behavioral8 behavioral9
- Target
  
  search.png
- Size
  
  936B
- MD5
  
  25586a2c4e534e1e73d074478775d1dd
- SHA1
  
  7f6d4552f489430945463274016e4024f68c4919
- SHA256
  
  be65b82e781a2118affd32689002d1d676108a778a75fbc1141eac1b3c428439
- SHA512
  
  879708f1d7064a875331a983a7eec65c3fd530f8865979e9498ee4e79c48ee44552ddbf536b6effe729eb6c421b7fbc7b7d5da46a61e9bf9a064e8f812d34a77
Score

3^/10
behavioral10 behavioral11

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Acquires the wake lock.

Removes a system notification.

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11