98a90912b0248bb92b56ef2d36dae84cedccee87342ac0342b571af44ccdf085 | Triage

Sharing

General

Target

333.zip
Size

239KB
Sample

231127-ndm77sgc2s
MD5

6a415f7fcc4a49c68ef66e9ca48a6e65
SHA1

7dc757e6d047334bb03f861392aef7562d5360fe
SHA256

98a90912b0248bb92b56ef2d36dae84cedccee87342ac0342b571af44ccdf085
SHA512

8f220c56c8d36730ed895bdba0d2e79f814b08c6a9179b58121351c53875e7e4468a6e158fbfbca75fb5f249a74fb489b1822bc1f114896aba5cbcca19f1eeca
SSDEEP

3072:fTVEa2tthAJrSIGkeu488c8Byemr13TzYcj4l1/j26+aF4VIUCtL+Ot5OxCKODz:fTVmtha+TAsarr4l1a6+aLntcx03

Score

7^/10

Malware Config

Targets

- Target
  
  brave.bat
- Size
  
  253B
- MD5
  
  cb4f8bad62ca4f8abaa4f756fc8eb445
- SHA1
  
  f90371d91dc50c77b226be58734905975134ea02
- SHA256
  
  c4fae8ee516d3a293d72ce274f065bde2c7098c8f067d76f0aa1dc4bbd4dde9a
- SHA512
  
  12c8135a6544667f2d83b744fc97d148062640fdcbfcd84d9f063e34fd09404c50acf2784a861ab31c696e08276ddad75814e00164ae084b756e05090ff380e8
Score

1^/10
behavioral1 behavioral2
- Target
  
  brave.ps1
- Size
  
  1KB
- MD5
  
  962eb11ed7f746a7162676a7f66dafdd
- SHA1
  
  943520490fa64461b3f2ae51ec39963658126b91
- SHA256
  
  fcbcf40b9a0677c597f72ac27d34e1b93d6d3d3258c1b1d524d7fc75c3d55e4d
- SHA512
  
  428b4147b135a916195a0ff573e5de9a82e134dd5f2aafc3af9bc5887c7207912a09c2cd80f2eccede83aa1e0c83d7b33f3ba9b21e32ef7f46b49497d785e6b4
Score

1^/10
behavioral3 behavioral4
- Target
  
  brave.vbs
- Size
  
  4KB
- MD5
  
  b375f095bb00bcf3881929860a94c23b
- SHA1
  
  166d303afd6ee436ff78ac5b31ce12b6bfd5dd36
- SHA256
  
  fa37cc67fae3dc9ec9e14f11c08b4b9f83749f465770bed54969e867f78715d6
- SHA512
  
  6965ec1a64d911b9ef7298cb7f386d39a1c4fc105f0b0acb4f6cdf87d94d31af4208613047f7aa5d9275699854cd923feddb59f32b9131387609252ab09a45cc
- SSDEEP
  
  48:/XmDGg/zzzzzzzzzzzzA8K9ht8Q4OmWBhJWDyCnveaF:qK9ht8QQWu79F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  notepad.bat
- Size
  
  253B
- MD5
  
  e0062507387e069f09fc99aea372ca6d
- SHA1
  
  0ef703c0d61f235384de23a1efef19aedb77eaac
- SHA256
  
  15d5a7213e94a1bbd80d7e11cbf2d7fe64dffd64462acdddbd452aa9ca0d16fe
- SHA512
  
  22e95ede9190d2977a90c70eb3b984059020d62996412dc74e10c68a75021337938ee7c15756f51cd7c1de0afef89835f52460624edb29135aa6cad17f9cbbb1
Score

1^/10
behavioral7 behavioral8
- Target
  
  notepad.ps1
- Size
  
  521B
- MD5
  
  0bf67e41d0568e5ccbab5d2ed389cb23
- SHA1
  
  a9d3da0988e9eaefb97d3337b1a2f36001ff4275
- SHA256
  
  cde98c4d9f05439bb5a6e9ebc5af80694c50d829b531cc176031a2cdd418d74d
- SHA512
  
  35990968e66ff5a203bc06dbde908faf6cc83b285631562c72d37f9a9ce80f3e6593bb19df069656953682ff7c4955ea866326c2cc3b6c8d6b5ad081940a3513
Score

1^/10
behavioral10 behavioral9
- Target
  
  notepad.vbs
- Size
  
  4KB
- MD5
  
  847c012fce295a8ec8e6932dea83d4a6
- SHA1
  
  628619f29b0658d1a13e5272a4b9a977a9ccf97a
- SHA256
  
  60cd73ba3407061cfa10dcd5e971ea3ea118e4defa525d71944241c74617305c
- SHA512
  
  c3f8464847398f5c9e4ed2747544dbed2913ab8106f4dd0783d5d547f10318494c7ee85bb60061ab654eecd7c887282a1ae9cb2b4122cfca131dac0d56d29610
- SSDEEP
  
  48:/XmDGg/zzzzzzzzzzzzE8K9Ot804OmWBhJWDyCnveaF:+K9Ot80QWu79F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12