98a90912b0248bb92b56ef2d36dae84cedccee87342ac0342b571af44ccdf085

Sharing

Copy URL Twitter E-mail

General

Target

333.zip
Size

239KB
Sample

231127-mhnh4afh6s
MD5

6a415f7fcc4a49c68ef66e9ca48a6e65
SHA1

7dc757e6d047334bb03f861392aef7562d5360fe
SHA256

98a90912b0248bb92b56ef2d36dae84cedccee87342ac0342b571af44ccdf085
SHA512

8f220c56c8d36730ed895bdba0d2e79f814b08c6a9179b58121351c53875e7e4468a6e158fbfbca75fb5f249a74fb489b1822bc1f114896aba5cbcca19f1eeca
SSDEEP

3072:fTVEa2tthAJrSIGkeu488c8Byemr13TzYcj4l1/j26+aF4VIUCtL+Ot5OxCKODz:fTVmtha+TAsarr4l1a6+aLntcx03

Score

7^/10

Malware Config

Targets

- Target
  
  Execute.dll
- Size
  
  56B
- MD5
  
  529cf04db0f736467c7583ea80c3aa66
- SHA1
  
  7628148337b1d3d700c8151f76a1595b6f5123b8
- SHA256
  
  67642e56281bc4aa846689bc725f8fcc76e61c20831aa4f7e2e0c8cdba17e520
- SHA512
  
  f612b12e1a7c2021f6c2723fe57f23aba3d1b6588f080dd67e48dc44eeaf88455e4bc6bf9caed088c63c3fb019ad8696eeb44e7bb09f8c81638779f4658ef6d4
Score

1^/10
behavioral1 behavioral2
- Target
  
  Framework.dll
- Size
  
  520B
- MD5
  
  6a08392ecf95df7fc91917dcfaae8da6
- SHA1
  
  480f6a5c761e1a069c0d68f5ac2aabf727791393
- SHA256
  
  0a572ee5508d9310936801a04237d56f118dff4dbaa98f60070988cc4b8ca460
- SHA512
  
  d70c436183a9c6f6d4ce9296dce846f94cd12d7fbb76b24e59d88a77349a95a7a0d6ad8f9f4ffc32a98618b3250e0d35e4cf9ff1e711f4e63ffee425597dfc5e
Score

1^/10
behavioral3 behavioral4
- Target
  
  brave.bat
- Size
  
  253B
- MD5
  
  cb4f8bad62ca4f8abaa4f756fc8eb445
- SHA1
  
  f90371d91dc50c77b226be58734905975134ea02
- SHA256
  
  c4fae8ee516d3a293d72ce274f065bde2c7098c8f067d76f0aa1dc4bbd4dde9a
- SHA512
  
  12c8135a6544667f2d83b744fc97d148062640fdcbfcd84d9f063e34fd09404c50acf2784a861ab31c696e08276ddad75814e00164ae084b756e05090ff380e8
Score

1^/10
behavioral5 behavioral6
- Target
  
  brave.ps1
- Size
  
  1KB
- MD5
  
  962eb11ed7f746a7162676a7f66dafdd
- SHA1
  
  943520490fa64461b3f2ae51ec39963658126b91
- SHA256
  
  fcbcf40b9a0677c597f72ac27d34e1b93d6d3d3258c1b1d524d7fc75c3d55e4d
- SHA512
  
  428b4147b135a916195a0ff573e5de9a82e134dd5f2aafc3af9bc5887c7207912a09c2cd80f2eccede83aa1e0c83d7b33f3ba9b21e32ef7f46b49497d785e6b4
Score

1^/10
behavioral7 behavioral8
- Target
  
  brave.vbs
- Size
  
  4KB
- MD5
  
  b375f095bb00bcf3881929860a94c23b
- SHA1
  
  166d303afd6ee436ff78ac5b31ce12b6bfd5dd36
- SHA256
  
  fa37cc67fae3dc9ec9e14f11c08b4b9f83749f465770bed54969e867f78715d6
- SHA512
  
  6965ec1a64d911b9ef7298cb7f386d39a1c4fc105f0b0acb4f6cdf87d94d31af4208613047f7aa5d9275699854cd923feddb59f32b9131387609252ab09a45cc
- SSDEEP
  
  48:/XmDGg/zzzzzzzzzzzzA8K9ht8Q4OmWBhJWDyCnveaF:qK9ht8QQWu79F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  invoke.dll
- Size
  
  6B
- MD5
  
  b9376e9e3c4d48f5e35a3f355ae1f74a
- SHA1
  
  c65605adf5270f5065089b0189da542274d30db0
- SHA256
  
  90092e5fb861dd4ff34fa20f4b31ca44ebbb3bc367a8d7a35b89a7f89c793fa9
- SHA512
  
  5560101edb289c4a86476bce55648324ef188ff1e2d879a1a3bc10c1298aa643255c35d16a984f30d624fe9a87306304eaa14179863001ddd6e264e8bba17591
Score

1^/10
behavioral11 behavioral12
- Target
  
  load.dll
- Size
  
  4B
- MD5
  
  f19dbf2edb3a0bd74b0524d960ff21eb
- SHA1
  
  ddcb77ff769ea54ca622848f6bedd4004fa4f4fa
- SHA256
  
  8a6bdb6b18da586fe7f2acbd8f1055533f2cd97a3681b3652bcd712224df45c3
- SHA512
  
  f0419117db6330f52eba6e7ef08a5cb096fdb02a40b1dfe4f28dd57791a11b6753e4db0fb63e1c4a22293584dc61908a8e2e99dc59a07f805e097c723329d216
Score

1^/10
behavioral13 behavioral14
- Target
  
  method.dll
- Size
  
  9B
- MD5
  
  38b97710070dbdd7b3359c0d52da4a72
- SHA1
  
  4ce08d2147c514f9c8e1f83d384369ec8986bc3b
- SHA256
  
  675f06af4e7f254d55ac605bbd7da45d9e00207a97f8a8ab7bb747d512776bc7
- SHA512
  
  b11cec0f21dec871163d6c254850d3f807ecc4ae726b143a0c4667a25c3a3fe9283aee3f6850a2389fdce3d20f41d9c3d30f4768171137d6bdc1355a2116189c
Score

1^/10
behavioral15 behavioral16
- Target
  
  msg.dll
- Size
  
  130KB
- MD5
  
  bd24144f105eb3ad8cb45e35cd349254
- SHA1
  
  15222399a79d8b8ba7983a77dca04221f42500ff
- SHA256
  
  324727802ca8a9f171190aad58e26b84ddb266ab243130b74c0f15948c437b03
- SHA512
  
  6b219341726a6adf86d1892d1fe82f6776cd8dc5425da3ed1d9a836fdc81358c547260e4f316a035328e89fd1796f5abe77e0c6911fcb0ba2cf366b03e086a52
- SSDEEP
  
  1536:sgxGcQKLQuIMSR7vACTb6Ey0KF9hv+WK7q6ahlseONuaTTkE0fvIqBCJwPMt6V41:AlR
Score

1^/10
behavioral17 behavioral18
- Target
  
  notepad.bat
- Size
  
  253B
- MD5
  
  e0062507387e069f09fc99aea372ca6d
- SHA1
  
  0ef703c0d61f235384de23a1efef19aedb77eaac
- SHA256
  
  15d5a7213e94a1bbd80d7e11cbf2d7fe64dffd64462acdddbd452aa9ca0d16fe
- SHA512
  
  22e95ede9190d2977a90c70eb3b984059020d62996412dc74e10c68a75021337938ee7c15756f51cd7c1de0afef89835f52460624edb29135aa6cad17f9cbbb1
Score

1^/10
behavioral19 behavioral20
- Target
  
  notepad.ps1
- Size
  
  521B
- MD5
  
  0bf67e41d0568e5ccbab5d2ed389cb23
- SHA1
  
  a9d3da0988e9eaefb97d3337b1a2f36001ff4275
- SHA256
  
  cde98c4d9f05439bb5a6e9ebc5af80694c50d829b531cc176031a2cdd418d74d
- SHA512
  
  35990968e66ff5a203bc06dbde908faf6cc83b285631562c72d37f9a9ce80f3e6593bb19df069656953682ff7c4955ea866326c2cc3b6c8d6b5ad081940a3513
Score

1^/10
behavioral21 behavioral22
- Target
  
  notepad.vbs
- Size
  
  4KB
- MD5
  
  847c012fce295a8ec8e6932dea83d4a6
- SHA1
  
  628619f29b0658d1a13e5272a4b9a977a9ccf97a
- SHA256
  
  60cd73ba3407061cfa10dcd5e971ea3ea118e4defa525d71944241c74617305c
- SHA512
  
  c3f8464847398f5c9e4ed2747544dbed2913ab8106f4dd0783d5d547f10318494c7ee85bb60061ab654eecd7c887282a1ae9cb2b4122cfca131dac0d56d29610
- SSDEEP
  
  48:/XmDGg/zzzzzzzzzzzzE8K9Ot804OmWBhJWDyCnveaF:+K9Ot80QWu79F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral23 behavioral24
- Target
  
  runpe.dll
- Size
  
  705KB
- MD5
  
  dfe17ca37c6964d5caefbab320ef4ad5
- SHA1
  
  d18bcfdf311b1572685085854dc7ddcf51e76371
- SHA256
  
  b1beaf363441d8b3af27261bcbebc8df56b96aae55fe9b99d4ed046ba65012ae
- SHA512
  
  81263ff99d7dff08b72605fb076c8da37995e4777f1e4ea5cad3822284bfe635726ee4d35d1d52898d085d27256c4940e3d4dab90f7d35d5adb96d358c2a4a0d
- SSDEEP
  
  6144:Bmzuz5eifJ6l66q8iL0k/on5Hjo7gspg0q/zepiALPA+Wl/w0SVHpMA8a30r+TEu:cGPdpla8efrWH
Score

1^/10
behavioral25 behavioral26
- Target
  
  type.dll
- Size
  
  7B
- MD5
  
  be784e48d0174367297b636456c7bcf1
- SHA1
  
  8c906d9e0e2439238b3263e087aee3d98fa86dea
- SHA256
  
  510760f4c6f7fb3b5b332cd7d3a2f674235b0f58d77dbc3972adaf682a168136
- SHA512
  
  aed58d8904742a672f9ba339069004a1c0339e6481a8949de14ee8bf2afef43f8e18e55ba4a6854a7950ee355675c26b46120e500472deaf0986f68451442ae4
Score

1^/10
behavioral27 behavioral28
- Target
  
  xx.dll
- Size
  
  72B
- MD5
  
  14c2a6b7bf15e15d8dae9cd4a56432d5
- SHA1
  
  0d00aa5d547ea7e6f7283221e5f3b0cc91cc6016
- SHA256
  
  79891821778c4ca9358c27e7fb66b0442a2921b661df1293e398b18d81da5d96
- SHA512
  
  e476851faf540c3679225de2b224d64d117fa1857a4db7b34714d0154b8ba5ebaab50e1a6b0578759b7572e89e3df4d0d4112a7e4f5b81230931cfe6b651c63d
Score

1^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30