6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe

Resubmissions

19-07-2023 21:16

230719-z4frlabb95 4

19-07-2023 21:13

230719-z2sndabb89 5

11-11-2022 04:56

221111-fkt1bsbcbk 5

Sharing

Copy URL

Twitter E-mail

General

Target

6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe
Size

20.9MB
Sample

230719-z2sndabb89
MD5

288fc7f27729206ff3aec044be5cff57
SHA1

cbb4c45ba4063b3af5e666856a469e8dbfc5ee9b
SHA256

6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe
SHA512

84e53c04ac3f0f4ce05b06d64d2ce38a680ac151d27528e9822d438183e0476a63f77d47b31b80d87db6c84ea69e0c626a51457ff3ed8904599a78becd21a943
SSDEEP

393216:kVMLPujfkHnqlUwberJ5KAwy/vl68vOSC8KAw4PYqzsyxH:kVMCjMHqlUwOOK/vg8OMhPYqzsCH

Score

5^/10

link pdf

Malware Config

Targets

- Target
  
  var www html kemhan/alfacgiapi/.alfacgiapi.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral1 behavioral2
- Target
  
  var www html kemhan/wp-content/themes/menhan/css/fotorama.html
- Size
  
  239B
- MD5
  
  a7c07c62f4f4f8999b1d8f2a0d3adb92
- SHA1
  
  e085ee5043d1610ae9d50dc703ad2c14e3bff678
- SHA256
  
  fb776914ff884b5dfea69d43930440975316c62e50a2b64b481ca745b9aba8f5
- SHA512
  
  b9e2b92c46f716a26b586e5f984ceb3d71d86298c05cc41c4d2d1be7e9e30e26e915f2c2bf8b1d7dbb4fd5c0e0169c7fe2a4a862b8cc0972bb2f74f5bec345f3
Score

1^/10
behavioral3 behavioral4
- Target
  
  var www html kemhan/wp-content/themes/menhan/css/[email protected]
- Size
  
  242B
- MD5
  
  60a91b6c17c166f9df9fabe704a94dfc
- SHA1
  
  6372dabec5d08f1a7d75a3994c1ad7decd1153cc
- SHA256
  
  4221c95ff4501a4b53cfbc73ba20004a65ca83ca6c64ce99b57982c93d2314a7
- SHA512
  
  17df4452440f955523f5a13d058df5602e7d327c87a338783348d1195c728788dbcbecfeae51f169cfb9ed3c323afd4a55d6ea9a35588808c96f13c2a952da4a
Score

1^/10
behavioral5 behavioral6
- Target
  
  var www html kemhan/wp-content/themes/menhan/css/grabbing.html
- Size
  
  239B
- MD5
  
  69da8f039aa356f2bbf27334b2eecffb
- SHA1
  
  6f276e5cd8a8bd0655b9383e7c59e9227e695e7d
- SHA256
  
  059c7420f830e405098b8109c5b6f523d84ada042d802dae4b9e746d8e3a8d56
- SHA512
  
  cde054749a91a09ec54f341c47650934627a5b6cc2bee1b6e71dbc9c844edafc981ec24ca29a8d894a9bc2593a38aad828c1193131d1da5c97bf4f0dde1b9ebe
Score

1^/10
behavioral7 behavioral8
- Target
  
  var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.html
- Size
  
  62KB
- MD5
  
  4b5a84aaf1c9485e060c503a0ff8cadb
- SHA1
  
  574ea2698c03ae9477db2ea3baf460ee32f1a7ea
- SHA256
  
  3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
- SHA512
  
  05196036c41398616c077925fc4bf252e81f11b6ebef8745047d75cb2c8b80441b8c3593f4d5b2617089e9f3d8d957f9edcdf8e43993661a277be8f4b6a32111
- SSDEEP
  
  1536:wOhGmmMET1VwoQNDerkOtxhncPvaAAGzw9jD8RlhANsK1q:JhkhVINDerkO+aAAGA/aANX1q
Score

1^/10
behavioral10 behavioral9
- Target
  
  var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.svg
- Size
  
  347KB
- MD5
  
  76a4f23c6be74fd309e0d0fd2c27a5de
- SHA1
  
  2b3c8ba7008cc014d8fb37abc6f9f49aeda83824
- SHA256
  
  7414288c272f6cc10304aa18e89bf24fb30f40afd644623f425c2c3d71fbe06a
- SHA512
  
  b0bde727e026bef3051ed0c98d3b315a7d72a421036628490b3a11c56276bc9d4c8c8c8d608463609550bb94eab7cb5f3216d93682053657abe1f7e01b287f3e
- SSDEEP
  
  3072:Unw+ubvqCDOzA5vK+jRwXxSbs3cMrNKyOATzr3Omq2OE+unSGwd:VNlFyGL
Score

3^/10
behavioral11 behavioral12
- Target
  
  var www html kemhan/wp-content/themes/menhan/gallery/jquery.aw-showcase.js
- Size
  
  41KB
- MD5
  
  6342e66204f6cfa2ab5f893a3b3879b4
- SHA1
  
  8f5dcb5093281c91f001a7f30a8f537dcb86a4ca
- SHA256
  
  35e59d5ebebfb6b99807229748391b255a253dc7c1ed6ed961d5d5a9e16fc286
- SHA512
  
  a56c0fedd6f8f8c7f1d4874c0feedd2e667ac545ed6762c3cd5129e9f75cc4c2f36f71392f43cd52b0aad857d178c9cbca590108ba44f0b0afd35cfb3ae78861
- SSDEEP
  
  768:uhCeNQjPQTTstgzYHlsEvwRSZS1PY2x6tZ7PcNj:uhCjMTTstgzYHl4u/7PcN
Score

1^/10
behavioral13 behavioral14
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/accordion6b5a.js
- Size
  
  711B
- MD5
  
  1f2a872ef4c69e43e7fd6ce4d8e0ea82
- SHA1
  
  829e3a4ede7a6011dc18f211116d1746677e4f91
- SHA256
  
  dd7e5d357c720216bd39e64a57506f88551b33f4d6f50e732031d804ad2e306e
- SHA512
  
  fb28e7d0eba11f75d2ef168df8c0edb8d2e055942c8dc6f1d6fc0a2b69190ee66c7bb780c02142fd94d2b14233c807c345a3aded7c1100d2db222361a7aab3cb
Score

1^/10
behavioral15 behavioral16
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/fotorama6b5a.js
- Size
  
  38KB
- MD5
  
  c0f742193173603907a54e05ccadd885
- SHA1
  
  268fabbcad7af8fb2b52dbe4017740e64aac6bd4
- SHA256
  
  dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
- SHA512
  
  716132b4e47c4b8bff49ddc6e4fd586fb35b620175600533960d7f5e90eea2e655a3714488c5db796878cdec1c62efec5d8411e4f8182d16e17f5f17ff4be946
- SSDEEP
  
  768:QilDVRaMvFKIHo1PQVZQ0+NMwDnObIXpk2k2J6QQKB58iT:QilBxv8NUZQ0twDniMaX20K75
Score

1^/10
behavioral17 behavioral18
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/jquery.bxslider6b5a.js
- Size
  
  57KB
- MD5
  
  98fbf5e7f4fd7497a4dd0f6ac8094713
- SHA1
  
  ca7063a59ca3260472d3d1de63606ff41abb847e
- SHA256
  
  7be7346013ed0f45438f55cd609b5ceecaeb216ebc913778497dcc7b1dbdc9f0
- SHA512
  
  e56d3eac34b4d7d5264dd65caeb70321fa5383f93caa5abdc7ede10d11cda3f986059688688291b56236b39ba73fdb254e8804a6aacc03a6b2b71613c4170699
- SSDEEP
  
  1536:qI4cXOsI312onFQFQELQ+O75DolGVpvBl9jz5z5nKZkVR8ok:qMI312ou1LQ+OpolGVpvBl9jz5z5nKZp
Score

1^/10
behavioral19 behavioral20
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/jquery.min6b5a.js
- Size
  
  93KB
- MD5
  
  8101d596b2b8fa35fe3a634ea342d7c3
- SHA1
  
  d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
- SHA256
  
  540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
- SHA512
  
  9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb
- SSDEEP
  
  1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB
Score

1^/10
behavioral21 behavioral22
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/main6b5a.js
- Size
  
  1KB
- MD5
  
  f2586b6a9adefc2e282e732834751333
- SHA1
  
  0c9d799ba0c66ab88a03037780552fdcb9d6c707
- SHA256
  
  7f3275f370732c72c98561c5a6aba75c205793c791fddfaaa7f981614c35197f
- SHA512
  
  27c174f8afdcfa72bd69856dcad2a74099c913f9d82dfe08c5168b87caf01655d9c5156b56d7b6ba6fbbdcf9056606f1937a8b244b1f978d8689707e6a27e725
Score

1^/10
behavioral23 behavioral24
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/modal/js/basic6b5a.js
- Size
  
  448B
- MD5
  
  0ff0c3df995681d6e5bd26bed64bd945
- SHA1
  
  7ea66d0514e183fa2fbb485037ca776dce967376
- SHA256
  
  a4355f3a0d568d17a2e5b91146e6ac4290aedd9191f3090aa2149e8f9180729f
- SHA512
  
  4efe15719e38dc0a7d02d0b43ed18ec6ad109719fe01c7a1a56c8967b1d0b8d31faeed538fadf729369f80089488463981677da83098bc4c4b5c25e913737233
Score

1^/10
behavioral25 behavioral26
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/modal/js/jquery.simplemodal6b5a.js
- Size
  
  9KB
- MD5
  
  a69f8dd6627d9b2856e52effcb4d3665
- SHA1
  
  eeb0721406280a6b760d0a46fb3b59ff50b0277f
- SHA256
  
  1e9398cbe7646b0db02020bb370f33afe0a752ce3a350f1c77cb81882445a8e8
- SHA512
  
  9aaafdc8e908ae7224f28c2d5cf0e0c586006ff6a72299564b9efa70d1f7e56ac8d897631180408cda0b33e52035626961282d8f1bd2a99b3d1d050ccc65e257
- SSDEEP
  
  192:KTbOngOrrC2AnCK0cP6oWDrDM+P8AWmT16sbthyXY:KT6nLrrC5np0HwlAljhyXY
Score

1^/10
behavioral27 behavioral28
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/owl.carousel6b5a.js
- Size
  
  51KB
- MD5
  
  a5f96c62d75be144282ef6cc429a6259
- SHA1
  
  99a600283194105be6679b4a7cba8ac27a8c455a
- SHA256
  
  9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
- SHA512
  
  214a522a93ca957b8fa2489838d119506fc7e1cd6bc385666c676704a075f2a9bff636e7c50e11bf90daf6a1260778486b79380f144da197c1e854e91119ee39
- SSDEEP
  
  768:Wqm5xYi1W/iwhgdFHrYuCkqsrQTtuwJoGdlL9mSzxmRbLyY2Stvg1EzS3+eDJnO/:7U5uX8em
Score

1^/10
behavioral29 behavioral30
- Target
  
  var www html kemhan/wp-content/themes/menhan/js/zozo.tabs.min6b5a.js
- Size
  
  71KB
- MD5
  
  eceeac8af1ebff77c1f9020aa3256019
- SHA1
  
  fcfd5e117300ec45395963bba9b9c7e480cf7fbf
- SHA256
  
  f2860c5a201d8624e677dfe085a4b1c534897ce68713c2327648a1746485e8d0
- SHA512
  
  af990003a7c24cfa488609fdcc1685753f46b634b33f31975c9a7daa10915d0f659eae0b6a1679cd23508dd4eedd1213d872dbc082d105789ba01ab3671c1ff6
- SSDEEP
  
  768:3fGN8B0fxTkfR9YT0UDF3NH+f/v9XGbIAS79sbhWaI753UXuVa+hQlTHrpaMhuRd:vGCB05avsBhs
Score

5^/10
- Drops file in System32 directory
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32