f94ac83ca87f16beb8dadebb57fc564a69c32416df82f5533699a395414356d1

Sharing

Copy URL Twitter E-mail

General

Target

Astolfo.zip
Size

187.1MB
Sample

231001-tc9byadd38
MD5

9556763d4e2bbeaae7b39a95d86ce23f
SHA1

49fbc59a36fc6e6b5ad03c54ca2c18c956bf1aa1
SHA256

f94ac83ca87f16beb8dadebb57fc564a69c32416df82f5533699a395414356d1
SHA512

422dc3576e0b04f79d93b16c01c3ee84faa63a64846eb5d4dc65994f57e20687e6279a01aa0d1c26089d8489ae2207f5b33c007c4b8ca5891d7f7146c64ec5f3
SSDEEP

3145728:qB9e/b4hdccPpHhlPS3WlRR0/vMKOg3gNvqAVL9vjhdgPVQAJ+XWRE5V2oj3KPBM:qB9e/cAcPp3lhKgvqAb7/gWH4KaP6

Score

3^/10

Malware Config

Targets

- Target
  
  Astolfo-Beta/assets/objects/c3/c3cd0db760c980287b26ef9c0894f66c4250724e
- Size
  
  10KB
- MD5
  
  78d3efc4abc7fda450d650b86e757992
- SHA1
  
  c3cd0db760c980287b26ef9c0894f66c4250724e
- SHA256
  
  fa7acce9893cd8ae274bf57453d782d825915e31999a21f0c38713116a100b45
- SHA512
  
  2e835e0e7db5186c7405c4217c7979d444771b58bf263e652485def959e341c1343be1a353686d965a90d504150e5407a50f891fb2883f94a5865a2851e7ae93
- SSDEEP
  
  192:gXDJomrimXOct5g6ksDLFtpfFSSu9z3LnjnM3SoOoKATzk2t74tfyQV:uimzp26F1ty/9LnjnVBAB7cH
Score

1^/10
behavioral1 behavioral2
- Target
  
  Astolfo-Beta/libs
- Size
  
  21.5MB
- MD5
  
  4ec8d7f8b47eeb77abf305ccd8606e9d
- SHA1
  
  c9e38020439938c7e9affcd172b123037a1c1d40
- SHA256
  
  23dc70fe6109878232a327427256b2a642db9fec92793bd3818b86b39c880852
- SHA512
  
  e105cdec1ac42bbfe7ef4afebb5338a23a25201eeff062278753e760c862d22695912493dbf407590580cda1c1fb978ab99a2aa7fa09f27c0fb093151bcb0d15
- SSDEEP
  
  393216:5fmc9/5ZIprYk97niGL1feinXhC+NbJQ5hfoLAlziCCZcgSC:5p/HIuktJeaXhbJKiAlz3mFSC
Score

1^/10
behavioral3 behavioral4
- Target
  
  Astolfo-Beta/natives/7202022.jar
- Size
  
  30.4MB
- MD5
  
  246338e7960eb8fd98e6b54a1ed0e976
- SHA1
  
  3b275061ee2073603b66e5a590e2d485d1005196
- SHA256
  
  782a65c650ffd376e241ea97e0c6448118cd04165fd7ec3413b76a5e2afaec98
- SHA512
  
  5a9d2972616e2222eac4f565ee2451af1efbe29b3f43a02f46266b5580471ab8451c8cd681512858e5ac2589711adac91fdace6d788a2baf9861b60b26e5267d
- SSDEEP
  
  786432:oCmyAD3HqH9eqiQVGF4iuIvU6guHcCl9TcES/x5:obuH9XeFub+cCl9Qn
Score

1^/10
behavioral5 behavioral6
- Target
  
  Astolfo-Beta/natives/MumbleLink.dll
- Size
  
  214KB
- MD5
  
  73926efe27b84a7ea0dfb8746a5a0716
- SHA1
  
  f9ba6e35b8886fe204f33189fcc0197ed4868fdf
- SHA256
  
  3a39e1dea679f9a05207e6a52eb4b762d282c8b8a4e3a67bc3dd2039b13c287c
- SHA512
  
  efa6f624382f3ab7e2d1c8a38be3779add61a0a847520c768a02918a024d9530faadf085ab76cd08150658446c205dbee15c08c21264dadb1b50e201d568ea2f
- SSDEEP
  
  3072:W9Joh7htyypSdFdA85a/wHx0700NDqZVOfWPRLoY46uvwld5l:IJol/yLF+2a/kx07kFohH8
Score

1^/10
behavioral7 behavioral8
- Target
  
  Astolfo-Beta/natives/OpenAL32.dll
- Size
  
  381KB
- MD5
  
  9e02334f9bba622885eadb059f0633b3
- SHA1
  
  ede381bf55e7d0cd3a7e058237bbc66a8ff63837
- SHA256
  
  baf27fc91dc852d78889e052cfc9ed2b6fc0927258bb507a895c6fcd50f10fef
- SHA512
  
  066eaaee241976d99e3f11de415976fb0e47e97035d4d7a7c121c33882190f3546637650f841a2858ac1734655f4994dc2cb8c5bdda5828557485fc20a779def
- SSDEEP
  
  6144:qB0wNMEdGJE5cN8PLJ8I1kabGLPwrWr+JervPI6YXaZ8AO8+H1MOi7BU:qBDL+af1kabGL/r+JwvPjKaZ8NMO
Score

1^/10
behavioral10 behavioral9
- Target
  
  Astolfo-Beta/natives/OpenAL64.dll
- Size
  
  373KB
- MD5
  
  89021c218a3f6feb807a664f852ffbd3
- SHA1
  
  97362fba53dfb6d9581b8c64829f4b1d98a97855
- SHA256
  
  9261b66010a845ddef9f61d5e4266fe2f08a53f3605da002e9e8f8d202bdbc5e
- SHA512
  
  e511c707c4453016cdeefcbc863fbf2750ad9cda12ad31f27369d5a396f9c98d9ef37fafb4030c683f17b1e2cdcfce924015fe49dd6652c3060bb0ba77ea3064
- SSDEEP
  
  6144:ABdTusYmeqPD3H/Jm9iQV4+ttOpJ2z4dpFg1RB/vPI6YXaZqRs0:AjTWIbgOmyEvPjKaZqR
Score

1^/10
behavioral11 behavioral12
- Target
  
  Astolfo-Beta/natives/graphics-hook64.dll
- Size
  
  223KB
- MD5
  
  0876864e98d48d2bb64246247f170fd0
- SHA1
  
  451501cf03aa8b27c6f81b76bddee4cfb3a3d295
- SHA256
  
  3b1e7e8e1c784a21c63e411aee5bd117c52c7dcb6a0413eb16ac2dbca62b591c
- SHA512
  
  3b65c213499d9d738bdd575f01359a918d7d64dd45e3cd158140c386b0f5472acde184d6563292d9d24980d7cf0b0ac2f505350f740bc92db6695f1b8c40e9bb
- SSDEEP
  
  3072:8cat0IvtZ5ySXGv7sAoBEFqqjiFTAeOk9ABicBgtBM+JIUw0v3StAtWs:8cW0IvtZ5yN7s5BoCDA0ckBM+U65
Score

1^/10
behavioral13 behavioral14
- Target
  
  Astolfo-Beta/natives/jinput-dx8.dll
- Size
  
  60KB
- MD5
  
  ec587acff9c06d699829908b515ea17e
- SHA1
  
  50348b2958b017df3bf30d7915ab61a4cb9a2b33
- SHA256
  
  89779abf806a93dd809bc7a4914967d0e6924dedf293afd48dd205dbce87d8b8
- SHA512
  
  2a7895d6196e3f1f740982bd4d0daeba255a033c971638e3aebd2cd2233c39f7c8e92c72d2eeb41f8b368d388a3b270fee2cbe219ee239f5d62af9f6f8ed72d7
- SSDEEP
  
  768:2Rj4ZLedvA5Z3cYlqcMOml0V6jY/MDS5TQkuzFqIn1pCDFECBXT7kE:gyLwvA/cYuLpYMSp2zJn330TT
Score

1^/10
behavioral15 behavioral16
- Target
  
  Astolfo-Beta/natives/jinput-dx8_64.dll
- Size
  
  63KB
- MD5
  
  90cab52fca89e7d233741c0439dc2005
- SHA1
  
  5d9a7d3fb6224dab97aaff7bd9430232732d9be8
- SHA256
  
  a38cb458b9e5a246d7418f38ac04430c2e5a3f46b082955d6dfd5d2bd74f4222
- SHA512
  
  041ca3aa3d6560f207d841c8af1939e4e93538fe4f34d74fb9eee003733d98783914c6cbe45022c483a6cfb54f0e4f25013f67851d9ae6e9ea6a8cc158d28936
- SSDEEP
  
  1536:PVt32LOgsg0Vn88QhCuUDhsI0CSS2u4mL5Ie2JQ:H2JsLV88QguUFT9DL5I9JQ
Score

1^/10
behavioral17 behavioral18
- Target
  
  Astolfo-Beta/natives/jinput-raw.dll
- Size
  
  58KB
- MD5
  
  0862d141de8b4dd93ac55cd4a1a78b69
- SHA1
  
  4d982f408e815519c2289cd720c78338392a9887
- SHA256
  
  0a8c0b47e173453bd92da224f73a6aff35b07c2db315abaf33e68edbdb147971
- SHA512
  
  c070516f902082c3eda3f19fab6d6a6998442664f1b25d5d4c2229c03b7cac1a2a41d78b98474dfde3514bc206f5fb92e1949627e3e64052e0ed880e3f6a52ad
- SSDEEP
  
  768:YxAM8x3LQmQhccHXx+LHfFCxMJvI/+q9c6LTZsTUkwS9/FE5HBXTWoJCRX:tDI3+jFWTLTiUknG5NT9JMX
Score

1^/10
behavioral19 behavioral20
- Target
  
  Astolfo-Beta/natives/jinput-raw_64.dll
- Size
  
  61KB
- MD5
  
  ffc85e4a631d90112aee8e213cd367cd
- SHA1
  
  067c11135f9ebeb554d5f80b7a8a5244c0f3b7d7
- SHA256
  
  832308f96b1760f2ebc183d1a1771278bb3236e4567dd7a23e1eaecf95f9c03c
- SHA512
  
  376393d9351ad2317bdff831df012ef993039c6bcb0616dec3c91ff1b13568a6f04c3bc8a0f9888aabafa7182513fe5f7fe5fe1fca7f14f64b58414e02bd8c48
- SSDEEP
  
  1536:ZFG7/fQHJY7EJsvjf30G8DbI7RfnBUVEGhM0q2JKmf6:ZFG7QHy7EJsvjfkG8QnByfJKm
Score

1^/10
behavioral21 behavioral22
- Target
  
  Astolfo-Beta/natives/jinput-wintab.dll
- Size
  
  55KB
- MD5
  
  7b5d669b490d5737d8a9d1f96274e2e5
- SHA1
  
  e7b9beead279298611d0c4753089d3af07c4c9e9
- SHA256
  
  59201c94eb563025e47fe6b6f5c4dc326f0059d49285e2d3a44482cb60ffc9e2
- SHA512
  
  ac43cfe9e3ef9dc0e1d2e49a8bbba041b5eca0d4822e694031c694f463017f39ad0131b9f689cc30d177bbf0253f6d2942314683c1ab51a54674ad1309baaeff
- SSDEEP
  
  768:gxucOm6iQLZXNvJGgY1mus+XBpkJ3L6GAwk44Rv+1mYxTauAR:ZcZQbzZC8J3LfA0Wk1T4R
Score

1^/10
behavioral23 behavioral24
- Target
  
  Astolfo-Beta/natives/jnidispatch.dll
- Size
  
  79KB
- MD5
  
  57697cbdd321ae7d06f5da04e821f908
- SHA1
  
  67167f2b2fce8db5f9f64a372b0da54730d3ee51
- SHA256
  
  361e173e6e50cb1bf8b7fab38c1ff99686ea819e58ee30348e7756cb0418a9f6
- SHA512
  
  b98246e889c0979ed688ee0fc97ee26576c366b3371c2aabd71af0e34b0b91944d18e09faa2544f2ea837b2705b47a12241227ff3966c84c78b73f9d01441159
- SSDEEP
  
  1536:GmFjTQ2AQV6j/7t7D6OIbKMgMPIRSPOdBSZuJpMK75Z37Xt6:Z3FV6jlf4VPXOdBSgJpMKVlbt6
Score

1^/10
behavioral25 behavioral26
- Target
  
  Astolfo-Beta/natives/jnidispatch_jna4.4.dll
- Size
  
  240KB
- MD5
  
  68bf293ed84fec43a17dbc830b6001c1
- SHA1
  
  e2841508e29f91c168c0a620c57cec387f681a6c
- SHA256
  
  19e394e5d7a64f1e5063043f6f8d23243db22ff87d67e9e930bd13f8b12bf275
- SHA512
  
  31679b608c01138c97dd0cb6692a00359e398623097650b72a8f4f2701955232657431df41dc3b1f5681de0c30ae6357d1d8343c6124532f2a067210bd1c9fb8
- SSDEEP
  
  6144:mGWyWK+wrp1cJakX7dHmLm6rj6vPhxnZKF13nMH32fHy0AXN3:mGW5PwNNrCPhNynMX
Score

1^/10
behavioral27 behavioral28
- Target
  
  Astolfo-Beta/natives/libmfxsw32.dll
- Size
  
  15.4MB
- MD5
  
  6980f97a2a92dce04c5cce88028bd160
- SHA1
  
  e5d5daf7b8ce47bd2ecbc34a28357d5a16f7262a
- SHA256
  
  39aa5129f3e61473de411a3e286a8ab2a410436923bbaa9320610de30ee1df5f
- SHA512
  
  954b75290c1223fd9652389b16f24dd7e5ed4bc1028b1be857c555248eda8b8b1c6414d36af529dec82adae303bdbc2138fa735f0d31a009bb415347756a32d9
- SSDEEP
  
  196608:JdsQK8Wj/go87dBJA+qsIX0DSFzFveFVlNSmfJzPmFpfaGUaDHxnQ7doP5hlt1Ya:PeV8o87dB30B1lti9q
Score

1^/10
behavioral29 behavioral30
- Target
  
  Astolfo-Beta/natives/libmp3lame-ttv.dll
- Size
  
  385KB
- MD5
  
  c46dc87cc8a8c039eee8fcab5546e92f
- SHA1
  
  fdbcf56ebcd8f7ab65ab4b2d68d4cd0103967274
- SHA256
  
  eca35fb48a83a4566f84df8dfa4667e36bd25d6074751dc2b289ab71b48fc7ef
- SHA512
  
  46593b8e1972d7a33edbf72809e7f39439211ebc40ea0f53337900e8e8b2441a28d6aa7c888720745d5a4fc46a22d04a83d9c882c5583b5c0df67a2afe05e58d
- SSDEEP
  
  6144:Yh4dNnIKRNAAwRXpoi7XOGIDy6yF9iPvctwxxaNaXNvR4:c49RNANRXpoibOGIm6yAcKvaN+tR4
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32