Resubmissions

25-12-2023 19:43

231225-yfqq8achhn 10

25-12-2023 19:15

231225-xykggshegr 7

25-12-2023 18:33

231225-w7m4asdbgr 10

General

  • Target

    BetaGrabushka.rar

  • Size

    71.0MB

  • Sample

    231225-w7m4asdbgr

  • MD5

    0b01e4d379a614c9745b3a123918cc6a

  • SHA1

    6a3138fc60690d1dd30eee0d2b917a24c8b23867

  • SHA256

    0abf435906313239d4801e1e709d8b7dfccc8f9cd418a12376741bda27439b84

  • SHA512

    2f2b977dae791e2abe9ae132b8738bee152cdfb8c492c2b70f73a1da4fc8431b19ced7e39c9c5748ea217d6de8f02c3ba2f9ec943ab61fdd7860026b05dbb793

  • SSDEEP

    1572864:rh3ZdIZdl75hZ4rfti9vXa6d4rXyogkcsO6fW:933al75SVWvXaW4uDIO

Malware Config

Targets

    • Target

      BetaGrabushka.exe

    • Size

      70.9MB

    • MD5

      6280c09fcfacffc7b9714a662de0d5ef

    • SHA1

      1c9301708caa9450c0328513e91e41cef42d2a26

    • SHA256

      0fcc1ab0068e89a33b2ae8b911f7658caadd3d9dfb32d4614b827089f073ad07

    • SHA512

      efbc9b7f838c46fab19c7325d4ff76d50a6ce7a54c08d5367de49ab0bb6588a07c3c16e30875f0f4d4967d2cf8c78f54ee42efdba7e5c439333a2227d20e54f6

    • SSDEEP

      1572864:u4/4rzOchPFmClIqkzA1dz0zGTqw5L0e8t8JgnC7:lkqcd7Kq4A1i87L0et7

    • Irata

      Irata is an Iranian remote access trojan Android malware first seen in August 2022.

    • Irata payload

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks