Overview
overview
6Static
static
6Payload/ES...ts.pdf
windows7-x64
1Payload/ES...ts.pdf
windows10-2004-x64
1Payload/ES.../ESign
macos-10.15-amd64
1Payload/ES...x.html
windows7-x64
1Payload/ES...x.html
windows10-2004-x64
1Payload/ES...min.js
windows7-x64
1Payload/ES...min.js
windows10-2004-x64
1Payload/ES...min.js
windows7-x64
1Payload/ES...min.js
windows10-2004-x64
1Payload/ES...dex.js
windows7-x64
1Payload/ES...dex.js
windows10-2004-x64
1Payload/ES...oad.js
windows7-x64
1Payload/ES...oad.js
windows10-2004-x64
1Payload/ES...ort.js
windows7-x64
1Payload/ES...ort.js
windows10-2004-x64
1Payload/ES...ble.js
windows7-x64
1Payload/ES...ble.js
windows10-2004-x64
1Payload/ES...min.js
windows7-x64
1Payload/ES...min.js
windows10-2004-x64
1Payload/ES...get.js
windows7-x64
1Payload/ES...get.js
windows10-2004-x64
1Payload/ES...min.js
windows7-x64
1Payload/ES...min.js
windows10-2004-x64
1Payload/ES...min.js
windows7-x64
1Payload/ES...min.js
windows10-2004-x64
1Payload/ES...ts.pdf
windows7-x64
1Payload/ES...ts.pdf
windows10-2004-x64
1General
-
Target
825de48ae929d503e838c6952ff2fc77.bin
-
Size
6.8MB
-
Sample
231117-cnkpaaee9t
-
MD5
825de48ae929d503e838c6952ff2fc77
-
SHA1
3199e665fed56762817cf486879177decd1200a5
-
SHA256
b88e6154aeb1c8505580917f36abef82ab4033e871559ed3634d90f9a144131f
-
SHA512
c365b94d3291bd660ea3deced8dfdd0e0579cdd7b5576cb2e20ec582fd52af1adf56aab17b9ea7dbfd3cd1dd2d5bd33faf58b4d6ad6093ef28704ef97fd4a4fa
-
SSDEEP
196608:P9aU4a6TMoyz7g90hrjhXcvPvHcQWVwheDjkX4Z:PD6Tj80wrFMvPv8TuheXkXo
Behavioral task
behavioral1
Sample
Payload/ESign.app/Assets.pdf
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Payload/ESign.app/Assets.pdf
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
Payload/ESign.app/ESign
Resource
macos-20220504-en
Behavioral task
behavioral4
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/index.html
Resource
win7-20231020-en
Behavioral task
behavioral5
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/index.html
Resource
win10v2004-20231020-en
Behavioral task
behavioral6
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/bootstrap.min.js
Resource
win7-20231023-en
Behavioral task
behavioral7
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/bootstrap.min.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral8
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/html5shiv.min.js
Resource
win7-20231020-en
Behavioral task
behavioral9
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/html5shiv.min.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral10
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/index.js
Resource
win7-20231023-en
Behavioral task
behavioral11
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/index.js
Resource
win10v2004-20231020-en
Behavioral task
behavioral12
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.fileupload.js
Resource
win7-20231023-en
Behavioral task
behavioral13
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.fileupload.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral14
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.iframe-transport.js
Resource
win7-20231020-en
Behavioral task
behavioral15
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.iframe-transport.js
Resource
win10v2004-20231020-en
Behavioral task
behavioral16
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.jeditable.js
Resource
win7-20231023-en
Behavioral task
behavioral17
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.jeditable.js
Resource
win10v2004-20231020-en
Behavioral task
behavioral18
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.min.js
Resource
win7-20231025-en
Behavioral task
behavioral19
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.min.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral20
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.ui.widget.js
Resource
win7-20231023-en
Behavioral task
behavioral21
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.ui.widget.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral22
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/respond.min.js
Resource
win7-20231023-en
Behavioral task
behavioral23
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/respond.min.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral24
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/tmpl.min.js
Resource
win7-20231020-en
Behavioral task
behavioral25
Sample
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/tmpl.min.js
Resource
win10v2004-20231020-en
Behavioral task
behavioral26
Sample
Payload/ESign.app/QMUIResources.bundle/Assets.pdf
Resource
win7-20231025-en
Behavioral task
behavioral27
Sample
Payload/ESign.app/QMUIResources.bundle/Assets.pdf
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
Payload/ESign.app/Assets.car
-
Size
1.5MB
-
MD5
8f63256f6deb6681dc55c9adf92669e6
-
SHA1
c86a3c611f182bf21ba9622df3fddcf74b384694
-
SHA256
8b8ee995e41859ef45cfe5ae1d5147e7d127fdc89b74d98822f767f7b63e0365
-
SHA512
0b19107961103faed1f836ffa6f844227ed3f98d8c09b454fbbca5ddf6d531febe1b2645acc4ba9d0fbb101b6d949c55fb995f53b11cb14a2e654f7e6007f90a
-
SSDEEP
12288:VIdD6RdK+bPdzRibfZUeEsoUsTgBbVJzyoygT6SfzXCp+c0SvggkWxXkvZkoXT/8:Vqg154TpXgvJkWtsT/1xU/qZx
Score1/10 -
-
-
Target
Payload/ESign.app/ESign
-
Size
14.1MB
-
MD5
ceef5794faaf0297f451b80293ab2e81
-
SHA1
883909263493fcc34b2c43359165d91037838919
-
SHA256
a101e2aea1a97765f04640176cca504b7023fe8ebb4774576e81d9f400de59b9
-
SHA512
3eb1c5a7fa1452a77872fb042b078f307017d8cae1f19747f71ea130a7a5fa7439132141bbf669295b2e2944aeab4d73f2d5b3f2874c4452a570ca5c13ce4907
-
SSDEEP
393216:cwQ1Dj28ttf9qYoK9d64kVbPyKQLTR7G2bQGPE0m3VbjCflssY3by1sb305Yb3Yx:cqKkLibQGPE0m3VbjCflssY3by1sb30T
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/index.html
-
Size
9KB
-
MD5
9d8f28f7f146df3bfaa790f1f0a4b43d
-
SHA1
658c205ccfefc68b71374bd5da4bc461c2bbe38c
-
SHA256
8ce1267aa1c066e0dd98cb551ba2bf2755cf8f01cb0777bfa1f00850749b537b
-
SHA512
406879e5b86b3273df1c09f1998db33ba98511a10a0ede7170c23445ebcb73fd39a5e0641ce3020db62db920075d145b2940a81266036811cf7f6d44c3219177
-
SSDEEP
192:qorsIrsUSt3ix3HUrSR6LM9wCINJcYcpMvMwQYsquMEGKlps4Rc4cmnGXIzpFtTt:NrsIrsUSVQHaSR0y8LcYcpM0wQYsquM0
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/bootstrap.min.js
-
Size
28KB
-
MD5
ba847811448ef90d98d272aeccef2a95
-
SHA1
5814e91bb6276f4de8b7951c965f2f190a03978d
-
SHA256
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
-
SHA512
bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df
-
SSDEEP
768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/html5shiv.min.js
-
Size
2KB
-
MD5
0ce8f355891c26c28f057e195e97dcd5
-
SHA1
3c7b369485cadd585d24be44701e459c8aa54d60
-
SHA256
8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
-
SHA512
2ef548277956106a8f0a21bee9a99f4dc804142cf77996a8355b453e1a9da5e4e39187bc87d67f9438f7acec4ea7e43f29a8d2b881fcd24b547a32537adeae1b
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/index.js
-
Size
11KB
-
MD5
64bcb9bd86e4265c1e1c9b7f0bdad2a4
-
SHA1
607acb49395e0531c60c4cd1c326ee530b7d047a
-
SHA256
e7d11c6392a54f1afef8205874b5d5b9d8ce3c7dae38b42d342bad89b44d9467
-
SHA512
ba7d55a86b1659061b01a823fcaee02f8ba8acada391f4d8515670520f546ea676b69b240b50715618ae06c189c94b26919c6da410e71de15364529f91d37bf8
-
SSDEEP
192:KorsIrsUSt3ix3HUYRQS0ELIYNQSIytnnI5wgUujRuMhTqQF33zzARK6H7D0zvL0:trsIrsUSVQH2EVKlfxvBojH3KxO
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.fileupload.js
-
Size
60KB
-
MD5
0a5e19875e467aa3f86c05182d28f550
-
SHA1
826329b6bd2df7c57a03bc2a342c27ecd3248822
-
SHA256
2b3df6d6dbe0c03ec7724dba14bd98f38cf0b4cfb4737e3fff7ff0594d103056
-
SHA512
a3c6878d8c90587948902ece767f8cbe08f4ccb99d274df7c4cddab713be9220f7088ed5376079b086a403fc30d7e143fac7cde52495ed97bc1dd64ea74adc6c
-
SSDEEP
768:skMch0r9GSzv5OhS4dNWzC8kNa9cxory0gn3DLpVNk2:HQzviSlzCO9OO2DLpVZ
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.iframe-transport.js
-
Size
10KB
-
MD5
9828c2356a0c63bd4b80b3a1c2698e19
-
SHA1
c91ad4c6a34839e7e2ad1cdf983b666a94f99546
-
SHA256
e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9
-
SHA512
176d82ea767ad6d4d306964371f5bad60b908539e35062e861d5a4f637942796dac2d62ee8dc724945dcf5047faff43893841704711e0dc33c106b2346f336c0
-
SSDEEP
192:/nNlAOkhBIskbma7g+0LmU6/NfSmvN+wCniIy4:A9f+18Df
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.jeditable.js
-
Size
23KB
-
MD5
93328502da0021e0472587884e148673
-
SHA1
b0d45e340fbfc62e0d41965fce9cec1c506eaf5d
-
SHA256
882892a2c0ecb30e180f4305c2e04d7f8f24968681473ee8f9e48aad45c36587
-
SHA512
80ada1414fd725d51a62974a5909b5475f7fea37169ad1f2b3ea311e06a4b209f9a36fd5ac3cd5d9a56c7cbae2a33d7a3a0939c246cd858339cd3147d6c2d328
-
SSDEEP
384:kaiWqw2almv0UHLcG6cspPj1ezsVqCIJ1D0N2NX:lqw2awvEj1eeqCIJp7NX
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.min.js
-
Size
94KB
-
MD5
8fc25e27d42774aeae6edbc0a18b72aa
-
SHA1
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
-
SHA256
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
-
SHA512
87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1
-
SSDEEP
1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.ui.widget.js
-
Size
14KB
-
MD5
d1d42e7b1fa13faeeb3f1d9487107135
-
SHA1
68f3b63eb6242f2d77531257cfc8194e335502ef
-
SHA256
30e522d238f9e84ad8289ab5b43ee396ffbd1e96c8eab77157fbc6fa30edaacd
-
SHA512
83546162a687b18ae3453816177bdaff45f97adfc9701ed26acfa2758e2a748f1408413df590a43f73c143c1e2eac92c790aadcab509920b3da86ab5013a77b1
-
SSDEEP
384:EoP+wRnaPhYzsi+meG752KIg1IqtvATHtBf/eZIu+z+nUjB:1PEYzr77zIXpNBf//B
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/respond.min.js
-
Size
4KB
-
MD5
afc1984a3d17110449dc90cf22de0c27
-
SHA1
b5aba40d65b0d6f85859db47f757ea971a0efd30
-
SHA256
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
-
SHA512
a9656fade32e1fd8b40ebba070eb627f176d6550412f45fbe6bf58c1e5ec7421ed5d489d95cb70ecd5e0e4a54fdc84cfb6a6764b9ef9034c0592f812d9a9ea48
-
SSDEEP
96:fmyBKAqK8GALbDdHx2YreRfMbSsYWjIvMAyAepEOHSQGw7TnK:f9qpG0tx2YreRfMbS8jIvMANepEOHSam
Score1/10 -
-
-
Target
Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/tmpl.min.js
-
Size
977B
-
MD5
bcb48547ab4ca73bb8ce6065013660d2
-
SHA1
58d4e6d37ae86bb8ec4b057a2767d0399c75e7cb
-
SHA256
8e882ad3513da790ead8b75161f03780a134a0dde5cbbae7ded807915bc23aa9
-
SHA512
8de87bd07faebaba2e1acb212a4e8707219341522c75eb8ee7cec12878064345acd91a5085548a2a2cbbe1c62959d79bee8c09864ac946db9d7f7277395791f4
Score1/10 -
-
-
Target
Payload/ESign.app/QMUIResources.bundle/Assets.car
-
Size
486KB
-
MD5
485aa9b9c11398c464d0c9535460b774
-
SHA1
2966cd8399f0bd5c4add81ea60f040a080936ab0
-
SHA256
2799307ba2063993f13fe5582c3ea3218990fa1ddedd7aee575d0b3effb8a3e1
-
SHA512
553471a4633e0f4a67d7dc816f2ef1840ec8beec3f5f755ef6a2cb2614c7c5e7002ee2d9b5503e73d2a14d31b518c17084e9da0bc2d7e7f539a8e4951b163c1e
-
SSDEEP
3072:IigNfod6Nq71AFSXwRJ0gLMTBRFDa9aft0UU1842Chi6zak5mY7:IigNfod6E7x8lLM7FDagfH941ta9
Score1/10 -