Resubmissions

26-10-2023 15:49

231026-s9ggraee74 10

11-10-2023 12:16

231011-pfymdseg4t 7

General

  • Target

    12034028745.zip

  • Size

    1.9MB

  • MD5

    538fe271670de8fff891469eeca0a627

  • SHA1

    38b49192df671dcdd45f06f9748563377893ec65

  • SHA256

    1f0ba2893758c9587f4eca17d0138a9508f30321e36f6b8a6c00358e0dd45f03

  • SHA512

    baed8c04399582c4a2f1c087f564ae51832d56af3703e8e5bd2220e278c1baafa230055edfc6aa10bbc7acce31563ca24762bb2d91a9546b4f636d8a7f5e3dad

  • SSDEEP

    49152:HQ+OAYllsVKFgVOgp4mvzHzOiHpEvXuPps7DcDZLja:HCHnJFgLumTzOUsuPy7DcDZna

Score
10/10

Malware Config

Extracted

Family

bunnyloader

C2

http://37.139.129.145/Bunny/StealerLogs/BunnyLogs_

http://localhost/Bunny/StealerLogs/BunnyLogs_

Signatures

  • Bunnyloader family
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 12034028745.zip
    .zip

    Password: infected

  • 454bd68088f17718527b300134cae3eed1c7db3ba7ed9e08d291ef7729229a79
    .exe windows:6 windows x86

    Password: infected


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x86


    Headers

    Sections

  • 90e6ebc879283382d8b62679351ee7e1aaf7e79c23dd1e462e840838feaa5e69
    .exe windows:6 windows x86

    Password: infected


    Headers

    Sections

  • 9b8efc369c7ff541f885c605c462c7d5a16acfbdfef3b28adc4e5418e890142f
    .exe windows:6 windows x86

    Password: infected


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x86


    Headers

    Sections