General

  • Target

    UbitaExploit.zip

  • Size

    26.7MB

  • Sample

    231211-jh493aaag2

  • MD5

    dad1746b578196f5a8ca479ed599d995

  • SHA1

    48cad19ed6d64d57ca44d638d9b326a13cd06abd

  • SHA256

    98d5b748b791bf3990abaf47d8c62293ad5f85f563c9602bb0fa85fd8a407e34

  • SHA512

    6f28e9dbdb3388f73fd07572480ccf3f9ca8007ddf4753a1ca626582a590807d46927f810380351fb4a6ffc863c82b142ab667c23938c538d6ae0c330ba0413c

  • SSDEEP

    786432:ls8mRkyYWGlzPFbil7Vw0iNvVcIqind1WhJPGU7JmMBzU3FN3:lsdGpbilm0ociWVGU7JlFU3

Score
7/10

Malware Config

Targets

    • Target

      UbitaExploit.zip

    • Size

      26.7MB

    • MD5

      dad1746b578196f5a8ca479ed599d995

    • SHA1

      48cad19ed6d64d57ca44d638d9b326a13cd06abd

    • SHA256

      98d5b748b791bf3990abaf47d8c62293ad5f85f563c9602bb0fa85fd8a407e34

    • SHA512

      6f28e9dbdb3388f73fd07572480ccf3f9ca8007ddf4753a1ca626582a590807d46927f810380351fb4a6ffc863c82b142ab667c23938c538d6ae0c330ba0413c

    • SSDEEP

      786432:ls8mRkyYWGlzPFbil7Vw0iNvVcIqind1WhJPGU7JmMBzU3FN3:lsdGpbilm0ociWVGU7JlFU3

    Score
    1/10
    • Target

      UbitaExploit/Evon.dll

    • Size

      5.2MB

    • MD5

      ba2cb86836a523d0222d1b6d196df10b

    • SHA1

      048afc664496513e65e19d8a78a7f7268cd9b877

    • SHA256

      9bce7d3774c8aef1246668a32820c65feafa2adf96741042e3f0de2159ea15ae

    • SHA512

      e5698dca580303f459d7814d8ed211c25b8faf71ddec02f175971b73ebdd546e705facaf91bd0c879a78554f5008b456442d1ff1c1a691b06d2b94fcace59148

    • SSDEEP

      49152:sb86snt+LAKcEktNeOheMktSJOlfGw2PS7p06UL/7V1WIB9cp/cXTtjfY56TKkvI:6C1K8tNve18CUCcXTFY56ekyQv3TOG2

    Score
    1/10
    • Target

      UbitaExploit/FastColoredTextBox.dll

    • Size

      325KB

    • MD5

      adac0cee5cc4de7d4046ae1243e41bf0

    • SHA1

      c8d6d92f0dbee64d0f4c0930f0d2699a8253e891

    • SHA256

      68d0e444c0b27552d2cb86501dcb7db3fd64b82d966e9708db0408ec1ba38c79

    • SHA512

      1d7af604540532a4121850760b1e401bb6356e59503c26f3d1fa358a105b7d88362c92f78aa4394095b165f06c484b8c2d2ed640380e85ef9b3eb087d3e7c869

    • SSDEEP

      6144:CbgkJe4jG4m3oCCClXA34Wm5pVg/IWTKZCQOsqJLDd5eNqwDl1HD5:CbgEGv3oCCQAohVgSLmeNfD

    Score
    1/10
    • Target

      UbitaExploit/KrnlAPI.dll

    • Size

      1.2MB

    • MD5

      457242aba102f82daedb7ec907b1ac5c

    • SHA1

      bb20ca697349a16fc80c928aea8d155c1cb4fa40

    • SHA256

      3667300295731be993d6a2d6a21e23e8be9fb177a8b3325f55db28fd265fc19a

    • SHA512

      23f8bd7cad2e8530dae8f14e620343658cf07ecfae71d223666166228e2d223abc5e981c26eb78ed4c4737c74284737a854c8e7e7cf06441244cbcfc9c6acd1b

    • SSDEEP

      24576:7/DatK7f4Im/2dF989RLRXNlDeb1i9JyxAme3MpZp:72Of98zLRXNlDdJyxzCM/p

    Score
    1/10
    • Target

      UbitaExploit/Newtonsoft.Json.dll

    • Size

      685KB

    • MD5

      081d9558bbb7adce142da153b2d5577a

    • SHA1

      7d0ad03fbda1c24f883116b940717e596073ae96

    • SHA256

      b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3

    • SHA512

      2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511

    • SSDEEP

      12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5

    Score
    1/10
    • Target

      UbitaExploit/Siticone.UI.dll

    • Size

      1.3MB

    • MD5

      750c58af2e56b6addecffcf152520ab8

    • SHA1

      14995e7f1d12498606d9d209d78d55fe6fd87802

    • SHA256

      27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26

    • SHA512

      2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5

    • SSDEEP

      24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb

    Score
    1/10
    • Target

      UbitaExploit/UbitaExploit.exe

    • Size

      223KB

    • MD5

      ee76439a30cb79aca453729cd1bfd9f0

    • SHA1

      005d8e674cd9f0860a6c75a02f171a2f86bbdfcf

    • SHA256

      ecbe045bf81b35513bc63ebb2da748896b6f367ea3547a71f045682d1b406325

    • SHA512

      091723664e2a8d7f76ad6575dbfacf9cd5ea7c268cae8d4c6d47a691020b5796098e8b0ac5a800620ea9a45f64ff1a2524c9198046f6e907f68052d9b5e5e806

    • SSDEEP

      6144:3EDIbMk+2DuTguPGVUTgFGQduAQ4FDGhJz:S2DuTguPBgkQ0A67z

    Score
    3/10
    • Target

      UbitaExploit/WeAreDevs_API.dll

    • Size

      607KB

    • MD5

      ea1ad1e19e81df5cfcb4207563896153

    • SHA1

      d0391630a4d1eab58b59b62062413fd9a6d70461

    • SHA256

      ba4ede69fef9675f0c8dd546cf41d0c529fa2bd75965d6964709f20ae3681109

    • SHA512

      a9b65263739bb794f7d54db06ffbb1c42eeac367b252b820e2e93313e328592652890fa3c6e3ea5d04fa193854c87b499cb07e9b7afc1627de27b27d1cec8471

    • SSDEEP

      12288:XURkGrbk/x95DR7XZdfrXg+JwuKt/S/60pR5kjo5Bda7EptO:XIkyk/x9L7Xfw+Jwz/S/69k5BkApt

    Score
    1/10
    • Target

      UbitaExploit/exploit-main.dll

    • Size

      10.1MB

    • MD5

      b90a40d4962e38fc90b2036aee8fd9e3

    • SHA1

      e98b5a88159c706452e84ec23af51872631d0d90

    • SHA256

      08a16bf1a0bf33de70557217f63607377014577a6e19e6c684c3459c86422259

    • SHA512

      8191182e48af0ef988fefac3664c8ec88d50359283d09e02760433b309f320d30b0cb846396d6bcca46be36f144d88e2226a742bcc937bd64dbae7f66fa55ed5

    • SSDEEP

      196608:kl/3hARPNNXHZRnZ9EeWgUE0h4PdY7T4Y4X/jJeMMN7rziY:6hAlPXHXn3kgUj9734X/gMGf

    Score
    1/10
    • Target

      UbitaExploit/finj.exe

    • Size

      6.2MB

    • MD5

      e9dd0b0482dbe4daecf3d53e1a08d7fa

    • SHA1

      403b9998e2998e7ecb19e84b7cd722b6ec734c2b

    • SHA256

      19aac616eb0a9070a9efcf41b9e031789a0ae72f9e7a1e01774b48c197fe324d

    • SHA512

      ab4792717cece3946155318f3bfc118dc8e7e7e1f9ee1194b7d86442ff699e38149c0326db0f8ec6413570163295d71cca14285cd70572983c0ea765935a355a

    • SSDEEP

      98304:sh7PPhYtq1AtJszz/paROhoj+6tgc10SeGr9xU5iQkhmHt4sGTwqt2aXDOBR0jl:wDPhY02JsHQS67r7UYQ7WvPhTOEl

    Score
    1/10
    • Target

      UbitaExploit/injector.dll

    • Size

      1.2MB

    • MD5

      ae010d34e2d1024a75f9b2a4d0b03c6d

    • SHA1

      68be792344341238afe7f81123d856968c550ce4

    • SHA256

      09597d8b2a454c2fb4111de052d49e3fd9b0cb6b54db49088f2c00340b32d781

    • SHA512

      04eb518e43014adb1e657ad3dc0522bfcb80f556e60fe1376edb540526341f6b67bdb18ffd7fa8e2f22437359f1595dd34ef500bf37986fc354f6b18392de291

    • SSDEEP

      24576:y/DatK7f4Im/2dF989RLRXNlDeb1i9JyxAme3MpZp:y2Of98zLRXNlDdJyxzCM/p

    Score
    3/10
    • Target

      UbitaExploit/injector_evon.exe

    • Size

      5.3MB

    • MD5

      d2e68036ee0e9df99cfd0e73a518fe65

    • SHA1

      aa9d6a03b88fff79d738f1dcb32f576ac228c909

    • SHA256

      f2bade81da7a79febad21f6228b1571987c37ba16c6d592d7e0f544ae5d9b362

    • SHA512

      75c00153d114b47df7c9121e804281764d557101b93cb7d392bb75d9a925bb945f2b803af3bee3ce6dbc8d534124754a57e4af7162ebcc481fdd5243536e4441

    • SSDEEP

      98304:Oj4dbrC8HU7E0GJ59OT4NyCcO6VRO9WgZGFQfPAuvIawPPu1971:zda8HU7Eb50CHoR+0eHbu219

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      UbitaExploit/kernel64.sys.dll

    • Size

      143B

    • MD5

      eda22935893926c3b2289d0137e2350c

    • SHA1

      6033904a1c2d663711dfdbefcdd0e1e387c8dfb6

    • SHA256

      8247a7f7b315d744f622e2bef135ef647d411c0128da6e88d81efcac46fe9fff

    • SHA512

      f1a35d97f1e041a9ab4bec74402b2f5e192b7421ae531dce108ab1171a1f357492841c9ec807fd989f3bd8b3646b1c2769dca1f2e999bb1693d94ee7bcdc43ed

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/CustomModules/6872265039.lua

    • Size

      90KB

    • MD5

      864f1644f1f8cb2ba7503e0ffd68d98a

    • SHA1

      96ef37f6eae85737d5fa71dd8ecf2d6887cfda37

    • SHA256

      a1aefc9b69f56c8c9b53ad4189f079066838f4f55d036070f4ca77b6c527e5a8

    • SHA512

      6d56a4f08a86ca1f81fb4c350478504f6b66999f62a087112775e8d01db31370d13a174cb463ed8b1504352553374dd62d3624cfc40cadb52e4855409ce1fdef

    • SSDEEP

      1536:hLvBXGqQ3kNFzDwwfdvPFZuWmzfD694On/3xujQ:hb1GqQULwwfdvL94M3xGQ

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/CustomModules/6872274481.lua

    • Size

      382KB

    • MD5

      0749828b075c4c174f15cbe518a0bb24

    • SHA1

      96c7cbf2a9b4490fc780dc317e0e6f1c07e76057

    • SHA256

      0df75cfd8614f1ad328b452d5df4092072daf700a1613cec474ab74cbc034878

    • SHA512

      6f4cc791be72cf61a711b51f4edd1746ce682d4fc0728d779a29829807f3a227d8b443a44ebb91e6430151f56e3aa6a3f48e22eb0698bcf8d059fc402eb0a3b5

    • SSDEEP

      6144:SkNSGRWtyQB/zkfw/85PsTl94p/CTNP8uV4YxaNIMCRRit:UtyQB5+PsTR8u5wNIMCXO

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/GuiLibrary.lua

    • Size

      295KB

    • MD5

      45842682e27b504f858b58c3acefcf69

    • SHA1

      1f713ac06c2c2b8cc7007e0b19ce294882b5520a

    • SHA256

      c8034808749b3e9491027d3f620ca888221a2133542d440e5983a7b94382de9c

    • SHA512

      05bfb85b2406693bcfd7c2e50a8d9a7bb8be0981982e69090d220c6a9285accbe9280a41bd0f05d2c6539d9e84cdb277212e0882e2baa4071b0fc319cab8431a

    • SSDEEP

      3072:8Q1UZGbMPxALyunMMxiz4QRezPsK4BbjJbn+dUDiSlqIiQk8lr83C:8Q1uun2LVl6Dcx2C

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/Libraries/entityHandler.lua

    • Size

      8KB

    • MD5

      b8c2abd107a4fa46d7c56e0670e35396

    • SHA1

      ea3beacd2fd5fc302ed3abeddf22c3a40df4d0a0

    • SHA256

      64ec8eb4ac42216d3e52f6ce180bdb8aff1905c35b872a0d6af2b872397811aa

    • SHA512

      8a041ea3a82a654cc1e7be9af01cbc469acf0fe3ec1a169ce39ef0988116111e186616e04feec5872b8c3f19a62910f8f0ff8ca82f3b29a356838e79618d9e92

    • SSDEEP

      192:cACGCPCiV6sa7T+kuOlpKk7EyJZksIqFZ2vbpRdvBsJ3lnMtA:w7q7f+kukpKUEyrH2vlo3lnMtA

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/Libraries/sha.lua

    • Size

      52KB

    • MD5

      0611c8315d87ba0144f26ffd77b6ef0a

    • SHA1

      356e8753700fdb1054c4eea1fe8ec93ffc0456e9

    • SHA256

      f45856cbbdc66811cebfeb0215c31f8c23a1b40f4f0f54ab43e9faa703a1a6b3

    • SHA512

      8ebd2e243e386ee0b212feb08a27c8c1ad6d4fcdbcf0f2feb646c699d7688a45ecfb1498ef138cf82635d9c49faca517e3ca89ff431a83c643766c17fd22e1c9

    • SSDEEP

      1536:BJkjWUKqPDxWJQhgzFD+CtwzDZlzmXVKZKBHu3:BWKqPDYGgx+fzfmF2KBHu3

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/MainScript.lua

    • Size

      77KB

    • MD5

      cf10416016f3dba02732cd7dfaa80833

    • SHA1

      7dff339207ad4bf7404c56b62f0fec90ce2dce54

    • SHA256

      06f586f9cc9e68b54d72cef2143574f445350a004f7a26838605c72bfdc3626c

    • SHA512

      dd4db51183ab9784f7db8b25370b6f7b0d5fc807298d92f0de541e0dae08b397ca9bc6bd94385932ae52b75f5dda2cd9c57d903d0068723fdb27980738bfd89e

    • SSDEEP

      1536:yb9sWi9ltRkhbwlfTpEJxrSCr/zc6XEMM:yb9sWi9Rkh8VTpEJxrSCro60MM

    Score
    1/10
    • Target

      UbitaExploit/workspace/vape/Universal.lua

    • Size

      204KB

    • MD5

      fdc12b1b0d185eb0e3ddee9fba47ee55

    • SHA1

      ddcd2743673ea25621fe7b6a3b606e4468115d01

    • SHA256

      78699324af144fb5e776de28573c19697e24cb0b848b9e6432a7224cf327e68b

    • SHA512

      b4a574237aa18345214e855daaf9fe73674f96bceee1f9bbba2715027db61366f8d6bd141e4c44b95444f47179d5425fc465da2970d5b4c383b289ef36492982

    • SSDEEP

      6144:ISGR2QXtEBafpu9A2IaG80ESOoH7oiDzw:1QXtEBafpwSOoHvzw

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks