General

  • Target

    backdoor_remover.zip

  • Size

    58.2MB

  • Sample

    230908-qr2zmaca4t

  • MD5

    1589c057df027d368b7ee779f35de53a

  • SHA1

    9aca3904d430a7e7bb3e6b2d88bf37a33d75fb1d

  • SHA256

    a4ad54f7b4090d417182c91a216bd259272f1f37bfa06e13ef2e88b8b814b4d6

  • SHA512

    ed8e66442dc0c96bf5aaac83d627b1ff229ca7bc4cffd48fcc1e1b9e4f57078f8d85a4048c399a8aa2b590bc5de35723aa70a8c855567908944ff24f72eded11

  • SSDEEP

    1572864:WbFz+luiMs5zTqmtx0TkiGTjR4vUE0YEjTcSATuwQAM0LUtFku:4m0sFTqmtikicRgUYE8SATuwQAT3u

Score
10/10

Malware Config

Targets

    • Target

      backdoor_remover.zip

    • Size

      58.2MB

    • MD5

      1589c057df027d368b7ee779f35de53a

    • SHA1

      9aca3904d430a7e7bb3e6b2d88bf37a33d75fb1d

    • SHA256

      a4ad54f7b4090d417182c91a216bd259272f1f37bfa06e13ef2e88b8b814b4d6

    • SHA512

      ed8e66442dc0c96bf5aaac83d627b1ff229ca7bc4cffd48fcc1e1b9e4f57078f8d85a4048c399a8aa2b590bc5de35723aa70a8c855567908944ff24f72eded11

    • SSDEEP

      1572864:WbFz+luiMs5zTqmtx0TkiGTjR4vUE0YEjTcSATuwQAM0LUtFku:4m0sFTqmtikicRgUYE8SATuwQAT3u

    Score
    1/10
    • Target

      backdooRemover.exe

    • Size

      62.9MB

    • MD5

      647f5f13cc5805ec7be6db2cd75a6bbd

    • SHA1

      68f74f3842af9ac972b71e5c2327b86f7ede8e2a

    • SHA256

      96e494ea8c8db19bfdf702428fb3fe06b88a916b5044e92af6641ddd3a5c63c7

    • SHA512

      93979e79719b5890c142e8ce8ac8dfcf30c951a57684078a59ff8915ce55f50a4cd8fb6f9c9eefb98a2647264ee31c7b56492d1bedf08dfd81bcf768e1adcf4b

    • SSDEEP

      1572864:TDQPImtAPWUH5RdDMEOH5RKGvirAH8+1osuTCSxOB6xMV/Jq:TDXwKFHndDHOHn/vS6xjKcBaC/Jq

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      discord_token_grabber.pyc

    • Size

      8KB

    • MD5

      8aec4ce51e32611a7fd0c3d3b37df53a

    • SHA1

      050a88001122eb6e9bd8868e14d980392f8e69cb

    • SHA256

      539fbe4b49bb83eab970d9131c75b3a8b8728eb81d7ecf7153b2a1238eaa0dfa

    • SHA512

      8dc0a6455dd9604bbcd31dad923296b746f44961481d95c0f5a0a250792e3fd1116fe2d0609cbe495f9f49d74bee302d105cebb4051b78556158fc150aa39dcd

    • SSDEEP

      192:TgRNL7RbmujbweogNdMl7BeEJFDI2Z7w4HGz:IZlmcwpwdM7DZ7w1z

    Score
    3/10
    • Target

      get_cookies.pyc

    • Size

      5KB

    • MD5

      ee8f85bda7602ba94eb4a601529a99b6

    • SHA1

      29fd09837aa81bd51cb1203b5a22eafb6592fe9b

    • SHA256

      e094dbfff044bb3bd7590340317d20a0568f995f9ecb0f46f1a995e4defcc7af

    • SHA512

      79a23da574c146fe7a4b112341bd002f67b68ff4c6e4eaf8814b5f29dba7e07fb73be619a1fb456177329c4b3cbbd48c3efdd3648724e0bac994a6868892f116

    • SSDEEP

      96:5G0jBMvk89Jn96+xVBcnqiicv47CaRYubWeBYWTZzPj3tPVlc142x:5S3UYXPipv86uNe4ZPj3tPVG1r

    Score
    5/10
    • Drops file in System32 directory

    • Target

      misc.pyc

    • Size

      2KB

    • MD5

      e8d5156ef2ae2726b78556c96cf08a0a

    • SHA1

      85e6c576f04f32b77f37818ed765a47bca9ce4e1

    • SHA256

      4c1a1ce8d5f404de110ff32af0f196a1c4d08d204376c5b101d089b7351662e6

    • SHA512

      51d501476c53d37232566dc853de0e08fd18b4c48cf60cd5c285dcbc0617eef313f089f3f07c90dc142559dd91b75f34b617fd30558d086172d56fe02e055258

    Score
    3/10
    • Target

      passwords_grabber.pyc

    • Size

      4KB

    • MD5

      dd70d2af5ea2ab34239b8dc0f9ec9e31

    • SHA1

      efe2a252a1971e2ce5abbcd807da7bde7d871d88

    • SHA256

      eeb1f51948264f9e3f39d5e12e5fbacac689a2a6d6924dfd896b3f0eb0ace7c6

    • SHA512

      af8edebe9c91cb5ea332874aaa3ae39da353261a6b8998b0a11892667291f1a90fb10c771544067c7139a7f8076b17d4c19e305bb522a448bbe49cea432933a3

    • SSDEEP

      96:3APDnTWeYwh82zgWxU2i7YgzDGUzg49aekspoUU6FqeRgtNvMHn0UwicQi7:QzCEh8uVMX3vztF7U2q3kH04cQi7

    Score
    3/10
    • Target

      source_prepared.pyc

    • Size

      35KB

    • MD5

      487e5eed5d25dd75f9acd8deecadcdad

    • SHA1

      6747baa86104126abcefb51c0af466d865d4d8e1

    • SHA256

      6dc89ccd5c20cf337529ba5da86ec65ac6c93cd551c6963e3b26f3f0a3baeb0f

    • SHA512

      e17d0214a6784508256e052d93af0985081ec389cb748fe79cbc7cab228e041f431d337c3455d13699c59af462ae90717f313f624df5c383970f6431d167617c

    • SSDEEP

      768:Z74yQgigcBaYcYmRXZsPozpLNBcdB4oXcdPCo:Z7Reg8aZYyKo9YdB4oXchCo

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks