a986aa2f241adf5c499f10d7cc18f1917f20c4536d9799260b12efd7e0dcf3a3

Sharing

Copy URL Twitter E-mail

General

Target

Release(2).zip
Size

26.4MB
Sample

230720-qrt9sahc8t
MD5

4bff106bb1cab9379c7bba2dcf0b5917
SHA1

33eb1d2cbcc4e5e3d28549f8cce5cf0109997fee
SHA256

a986aa2f241adf5c499f10d7cc18f1917f20c4536d9799260b12efd7e0dcf3a3
SHA512

9cb8e1c1cba8b48859123f5a48b756922294b3df9af2ce43bc05863fd8ab967f530f3e99941080c6dc8d91df0c19d5fcf60541d12d8b3fccc9b956f084354258
SSDEEP

786432:UL1CB39LSUHwfZxxBjKA0srrCOKY+EE7g:RB5lHwfZEzsrr34Eog

Score

6^/10

Malware Config

Targets

- Target
  
  Release/CeleryApp.exe
- Size
  
  8.7MB
- MD5
  
  76a355bac0e92a1a70e72c950f4454b4
- SHA1
  
  b21f1f0649bddd6dd879b25e0c603c04761188fd
- SHA256
  
  ea5493c1b0a0cc6541ad76301b6abd2d94577283f731d4b46328555bf7f437e7
- SHA512
  
  f8115321b930c7d8d7ab592450744e0efd9ca47d907fd23143aeb7edcc79052892f67786681125b569a08b7d238f41ee8cbc2383b00541b3d82ce0d57e2f1688
- SSDEEP
  
  98304:qza5igLIRfyC7egWJ3PJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUsSp:q5guhega4fJOWs9XNBZ16M2cuU
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Release/Costura.dll
- Size
  
  4KB
- MD5
  
  501981c7fc457d59238eb99780efb615
- SHA1
  
  f1f25c01f6acf33bdd62c4f82d3ef078e76f0906
- SHA256
  
  41bb464ac7c0d192641077e44a59d7d89860c3c620a59961f2fc4a4be47deae3
- SHA512
  
  5921d0662add6c8aa075106878cc56335ccbf059d8bc7f359fe9e02a52ec657c3e5df1c718929564c09f205e4bd299b086f3e7424141f5e55ed0d756f65ee1e8
- SSDEEP
  
  48:6F+lni2qJfjVRPGwzCo4MhTN0KDdilETrVsH4/QWk1qyFVT2IbG:7g7KedGEiYIWM2
Score

1^/10
behavioral3 behavioral4
- Target
  
  Release/Dragablz.dll
- Size
  
  233KB
- MD5
  
  5a9583a7bed76b2e94091f9b74716f68
- SHA1
  
  60552dc4ed629b32a7c0e7b31406a21829bdc38e
- SHA256
  
  6c5724efe19f5945143626a8270c9c3a188d4886eeaca083c57c742a985c7338
- SHA512
  
  8ab70fd60a27a80e43a270a401e8772833ad0a11ade1ea13483b37b1a02dbb70679bbe200fceca632ee1ba8df66a95a51a2fe65671eb3ae596682d3e1ee1c0d5
- SSDEEP
  
  6144:fTuK/5J3BPYcKHJv8ahfgfkMMafGfCfDf2fE:fKKhP+Dhfgf7fGfCfDf2f
Score

1^/10
behavioral5 behavioral6
- Target
  
  Release/MaterialDesignColors.dll
- Size
  
  295KB
- MD5
  
  d2207fccbdd6caa91c43776559ce401f
- SHA1
  
  4f78f282a238b21ad1f995f154d624865d08a38a
- SHA256
  
  1966082c8efa5ecddac7fd8b3e3b86a63599602d18bdff17e7c366d49603aaf0
- SHA512
  
  d4984e3a6d82e7ebe11c2f7ea07092e60ef1396849921c6c0a463dd9b38836c5f6799e79f932bddc62b89d7a9896b5e5ba931c3c8cbfedff51076a41796a8c0e
- SSDEEP
  
  1536:1r1In+fq1fDfDemxD0EsXpGX0EOAyzU7fKoVxbzQXT:B1WB1PerAjOAL7fKoVxb2T
Score

1^/10
behavioral7 behavioral8
- Target
  
  Release/MaterialDesignExtensions.dll
- Size
  
  349KB
- MD5
  
  6da7ae89f1eac96f143dc5200031d8b8
- SHA1
  
  d9dc3936bc9a288a727cb2295c3d05899adcc9c8
- SHA256
  
  c5b93560fa74b9a05959aae5116da59495d36782d2e17e45f0efcc06ad36ed6a
- SHA512
  
  3929f7092a5acb5ae3333e7e0a9ac2a403b78c8c8ad35a17ece25e6688a61a0f7e4b701691b02ad2941c6e15d2262c6f8ae76413af93dc92aa422e1738147e94
- SSDEEP
  
  6144:OM2EyV6zxDNFOzaFkpXeRk7ecDfE0MHOZB0zSvo1UvEGK262:nGVcxHOzxpuRk7emfE0MHOZB0zSvo1UJ
Score

1^/10
behavioral10 behavioral9
- Target
  
  Release/MaterialDesignThemes.Wpf.dll
- Size
  
  9.1MB
- MD5
  
  dd614b113b0fd72554a55eda5dbfcc10
- SHA1
  
  0144a3f8c52dd932bfaca7d7f147f694b5511551
- SHA256
  
  f2cb7b4de690abc21780bbab0f0b39273b6538ab04ef47fbe099126a43b62864
- SHA512
  
  974eaf9906a798c723436b9ab1abae282757596c350e48a6697d84c1bdd50715415d3a70c9a081d4b996f3abbbdc4b26d3c3f9139f8b685cb54bf01376512c51
- SSDEEP
  
  98304:vVDXJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fS0:PnJ45/9iD54+V11bFv4z
Score

1^/10
behavioral11 behavioral12
- Target
  
  Release/Microsoft.Web.WebView2.Core.dll
- Size
  
  445KB
- MD5
  
  c4b4a5f4f28d47239eb4e37cb3cc8046
- SHA1
  
  ed86941cf065f91758d536d8e13cc2542cc38922
- SHA256
  
  c2441011ec290b3408391f32072379f677ab3fa4507c4304167cd82fad6593c1
- SHA512
  
  440ee33d5a830d9c59d96367f2a43d4a4113f6fe0924a691e682a2e9251a8615e52177dcb9af225dba538a8a3893ac85be79e9c1aa687034e3da6c95191dc645
- SSDEEP
  
  12288:EB7Md7DkbrB3kPo+iKvRFNLe1+imQ9pRFZNIEJdIElxPrEIvLcglxMwCepM1STUH:EeFP7
Score

1^/10
behavioral13 behavioral14
- Target
  
  Release/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  e6f424ee6036ee7d58283780b705be8c
- SHA1
  
  c17fc397711fb2e0c400007620c76e70c956dd9c
- SHA256
  
  c9eeff2dd13109f41447a92763d31aaa07369c58a570c18bbb851824a77da98a
- SHA512
  
  1d255265115a4a2238a21e3ade35101babcbf9d5de58521365666b9564681119c4b7f20ed6a6c16fb6120ab19106fa40f25421da938b7fee7b8a5e7758f2c22f
- SSDEEP
  
  768:ejIHFTA42CL9tcZDgcEST3p4Jjrjh2jJFSgyauYv1JKia5/Zi/WGQKVu6bL7RSOX:AIS3C5tcZDgcEST3p4JjrjaJFSgyau0H
Score

1^/10
behavioral15 behavioral16
- Target
  
  Release/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  43KB
- MD5
  
  0241e0a42b292e0c9b585470c613ec78
- SHA1
  
  74e4ab7e37bff177a394617923baddfcf087c0e1
- SHA256
  
  15bcd610a80632ef59d911a8447b11127cdeafbf147c844f1b740735efdf338a
- SHA512
  
  bd083301c6f93a1852c76686797919787f439c65ea11d430701257fa4d3791a4eff892b6ceea1c534d832bfbc0b0ecca3f671e3a9c50f34089f919e3756882f0
- SSDEEP
  
  768:k2TI5VoCjJ4Jd7U2zkQ+Z8cDP/ryEH0yBy4JjrD1h2jVh3URGvkz7FKKa5/Bi/xm:VE5tjJ4Y2zf+Z8cDP/ryEH0yBy4JjrDC
Score

1^/10
behavioral17 behavioral18
- Target
  
  Release/Microsoft.Xaml.Behaviors.dll
- Size
  
  141KB
- MD5
  
  ec5a1abee150abe698689211b07cd1ec
- SHA1
  
  affc3cb47da8fe76986d271cdc3e7ea345cc04e5
- SHA256
  
  b864da9d88414877cea9b1a016146265a5fb9d0e12f4dbb1dccc0cc998119a54
- SHA512
  
  a2b55b4ffc3f11546ed8d3457e98b986c089e25229bd687da35d45d63e4860722e8b13826d3a3daa1be843cf3a4ae3da4cf9b6fdcb5d1a4948648537e683789f
- SSDEEP
  
  3072:UAyazS96IT0O6gAf+LwCMe1u051dXcr9/soMEs5r/j9:tyhYIT0O65cwCMyE
Score

1^/10
behavioral19 behavioral20
- Target
  
  Release/System.Diagnostics.DiagnosticSource.dll
- Size
  
  34KB
- MD5
  
  8d9df432109f1cfdd86723b5f171e3d7
- SHA1
  
  85dc92edd4b0049ed9049e075c4def8a3d64e43b
- SHA256
  
  d22133818a30313e0becf010d78a556a56b34ea361dbd33588c9817631fed540
- SHA512
  
  5c83303934eecfa61c43a071d29c98e5804d37a5dc7f7b035772d6a168b0c5e65dfabef20b46214e65493c4bda44831cafee83615498fbe9e718c884f4650edf
- SSDEEP
  
  384:iQobG82oiaPaf/gn5LQ0+0zdQUv2CtyW8fiFISWbW9pWJbWivT1Nq0GftpBjAvnC:nA299fI5dxzL2CC11vimvnEBBNFT
Score

1^/10
behavioral21 behavioral22
- Target
  
  Release/bin/Monaco/package/dev/vs/base/worker/workerMain.js
- Size
  
  537KB
- MD5
  
  6dcbb695dfdfff091a88c7c5d7abaf06
- SHA1
  
  9c8fc639955005c5f4f871dac88d535f3f8a16c1
- SHA256
  
  90445461e39687ceb89adcc0cc24a507d05757a82d2d922e326a2062b6f6a8fc
- SHA512
  
  14e719ff411846e214a210c0bb95dc1b0a25ed9c309e572c7c0cb2786165e299b34a9724def728d6d795e61f6f59db30e6dc98ccce21b5c8df69734e138ed422
- SSDEEP
  
  6144:wRIlnOy7KlzfH0+RqlT3+RRl/U+RqlCb+R6lp2NHEyaNyT34OfTkVDhuYG2:Rlgl7b2NHEyaNyTG7
Score

1^/10
behavioral23 behavioral24
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/abap/abap.js
- Size
  
  23KB
- MD5
  
  50f649f3e45a1f5c7f71f409bd5fb8a1
- SHA1
  
  1cce5441dee1f76bf158fbc0462c8e13e6b0ce54
- SHA256
  
  c7bc6470bfb0d82dbc422ca008dfb8b25fb02c8216cc3ee91e9e3971764efb2b
- SHA512
  
  0a74cd41751261daccf256af483197a844085c335c77076225801db48d580da92e295435057dfa4050ad84d1e6937779bf3849b3dbc5564159d4a7d35d5ef9b3
- SSDEEP
  
  384:rg0l1E3cOjsKpYDsv2JgYHb4AxJYmF7piUIFTyyxlcQMnOsjY:rgetOjs8M9gYHMANeJg6l0Y
Score

1^/10
behavioral25 behavioral26
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/apex/apex.js
- Size
  
  9KB
- MD5
  
  96d8e2d7e01af1bf87b50e397ef14e1d
- SHA1
  
  c58411cd9d819eca280d7aac743afb8c48941345
- SHA256
  
  12a9de1bd5188e228d1b225b93bc1de7545aa3eeb5df2942d1b30de8b4102279
- SHA512
  
  6c9920794f054f2a4c388dd22b0ffce9440fb04ea49b43b86d1bb9e7ed519255c2735a6fcd5be6e7835e5cbea99e7f44f67bf14ef540ba958d5193b76af1b1dc
- SSDEEP
  
  96:HDGkOt8DdWFF80lbEjNVhEB9ogBUqjoI0cai81ISgI/3kl0OsMCkwnI6NkPN8jhY:rOScFTbEjNVhEB9ogGTvcai81IIeZsw
Score

1^/10
behavioral27 behavioral28
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/azcli/azcli.js
- Size
  
  2KB
- MD5
  
  42a923c820d332ddff89a68c376d4657
- SHA1
  
  23ea23fa0dd03085bb92aa095bbc62d9df8a8722
- SHA256
  
  09f4dd1e73f6ba879f28fb7e07930279ab4c5a295483799c53c6417fae7b8d32
- SHA512
  
  253b80f3ee5a929f865f53ac237f673a3d505ce14cd80eb7f78e25c86a6dba58c4f87842fe2482932cac50ef4eb45733435da310f1cafcd863d15159f5fcdceb
Score

1^/10
behavioral29 behavioral30
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/bat/bat.js
- Size
  
  4KB
- MD5
  
  c0ea60d00820705cac4d2857da94e7f8
- SHA1
  
  b84fdfc23fb97f37e9134089aac916392a943635
- SHA256
  
  794ce7c333161e68fff0c6a4a1bc7cdc678073147dc48e1a49aa5313483fc4ab
- SHA512
  
  b5e2330432aba944abec1dd0450169d8c1060e42b52efb2c4aaab5750d1d7ed691d6524cd9c3249dd14de8bdc039acc08c3e969b06784c9f3236b72cfa79b24f
- SSDEEP
  
  96:HDGk28EmF+z+lDHm3vPP3jq8tHEDwrORJC3MB/mMw:rZEm3DG3rBGZW
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32