Overview

overview

7

Static

static

1

NEW ORDER.bat

windows7-x64

7

NEW ORDER.bat

windows10-2004-x64

7

NEW ORDER.cmd

windows7-x64

7

NEW ORDER.cmd

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2e13d86844d1f1f27b92e84714e2841cb41df2809b4515b5e4bf13856a50613

  • Size

    2.6MB

  • Sample

    231010-zkncbsca63

  • MD5

    008b35cbbad58ddfbd32aef07b9ecc70

  • SHA1

    da8aa807e7794415ce2e2cb51cb05a10bc19e252

  • SHA256

    c2e13d86844d1f1f27b92e84714e2841cb41df2809b4515b5e4bf13856a50613

  • SHA512

    48f45fd259588fe0c359b846a54542f8c52801f4df6b0d8fae018ea3bd6d28bc23f8f9cf6bcec62c864dba4e77ecbf4d4f857f4e87712e68f2c4bf004c1e5d57

  • SSDEEP

    49152:+CpNh2QhMoeUQMqIvssIe+wQiU+E14e1EGeW6Aa1ezvTyOzaggOcAvD7S9y8Tz9X:t21yqmKv+E14e1V36AaCmVg9BLC/X9sc

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      NEW ORDER.bat

    • Size

      1.7MB

    • MD5

      58e903258717babfa285cb145d13ae60

    • SHA1

      7598f7b9854c0877568e4eb7fda28dc95f923f04

    • SHA256

      39b9a7d0255606c4ac0405c4ddfc57d723cdb751079f688ca4e59308456e07d6

    • SHA512

      aa24af3753c228d96be063e2960c623a7704a58e44d1c7748380d2053dd2551ca0e327c7ac29a43ff77abf6493f4f27690ebe7046c6a7e13fb79339f407f047f

    • SSDEEP

      24576:Sfc0cF98NTiK3Tsl6cKbF85WaLAtWYTABeValPPm+WhtRGtuyngCUFBU6+Jwb7Z1:d4Y/3/YM9BACcUeb7aw

    Score
    7/10
    collectionspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

    • Target

      NEW ORDER.cmd

    • Size

      1.7MB

    • MD5

      546a223f6646e33809e9b2ef29df5c46

    • SHA1

      a754082ee814e7dc4d33e16f68972e4cd969f4a2

    • SHA256

      473a0251276e0b7260698c7a9cc879c935dc35f138b5243faa5721830dd79299

    • SHA512

      d75b0a2a5bddb1d8be2091987f57df4c8b3e381761cd9701adbcc561a51b2be7ce165f55788a54e5c21b2c3e041db265965f72211be1e65ec4a6863592391749

    • SSDEEP

      24576:NNn9wdn6DtyQBpICuGreBd8qohFj3DlF5mVoUBAKDHlhuQYTEddFqwuaA/BliTUM:T2td0esLhF5GHlwQN6wJWKExlq

    Score
    7/10
    collectionspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks