491a7743e26ecbf89e9e9e7bb79118c3986efaa20babaf17ba31bc832bee8b97 | Triage

Sharing

General

Target

0f8e114b9025e7f95f4d72901cf056e3
Size

986KB
Sample

231230-frt9nsbccm
MD5

0f8e114b9025e7f95f4d72901cf056e3
SHA1

fa931ac002628bfb9bedf7a48f0cffe969c51fd3
SHA256

491a7743e26ecbf89e9e9e7bb79118c3986efaa20babaf17ba31bc832bee8b97
SHA512

ebfcdc8d27066ad0638edda1ddd63f72312779b2f465510a5a89b4d954002a171abfc87a47cde35e19b189b96dd20cf34fa60d5e838bb6c1c1ba49ed91c4c99a
SSDEEP

24576:E7hIRdbUYKlm7jPRgGoswxRCCkBoJyrgOsnlev:MhCFzfztWRC/BoJyrHOev

Score

7^/10

Malware Config

Targets

- Target
  
  0f8e114b9025e7f95f4d72901cf056e3
- Size
  
  986KB
- MD5
  
  0f8e114b9025e7f95f4d72901cf056e3
- SHA1
  
  fa931ac002628bfb9bedf7a48f0cffe969c51fd3
- SHA256
  
  491a7743e26ecbf89e9e9e7bb79118c3986efaa20babaf17ba31bc832bee8b97
- SHA512
  
  ebfcdc8d27066ad0638edda1ddd63f72312779b2f465510a5a89b4d954002a171abfc87a47cde35e19b189b96dd20cf34fa60d5e838bb6c1c1ba49ed91c4c99a
- SSDEEP
  
  24576:E7hIRdbUYKlm7jPRgGoswxRCCkBoJyrgOsnlev:MhCFzfztWRC/BoJyrHOev
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  GSBOT cracked/GSBOT cracked.dll
- Size
  
  279KB
- MD5
  
  01c6d665e3d982964126895c7dd81118
- SHA1
  
  b6bc2ac01c7578f69dc29f8d286f57dbda03921f
- SHA256
  
  83efbacfd6b18b6dc5235acc6c1763a22a7fa37970f52b91c328d2cd544f38ab
- SHA512
  
  75435a3bcd01509efb41d07e8a575a0655d0007eecae5640a9970be3c27c9493d664e790df25e903e5de25ad8429f3273506523f621d90748f28ffa2cbcca38b
- SSDEEP
  
  6144:coW857PmTwTBvYx8LfxvRAu+5N2RCDcIs3aCwTKR:PvDjNRAuuUbIs3Su
Score

3^/10
behavioral3 behavioral4
- Target
  
  GSBOT cracked/Xenos.exe
- Size
  
  1.1MB
- MD5
  
  216c3eae24901482bfd26cb9dca1a833
- SHA1
  
  f6000cc06cbc9f0e748b81cfac77eb2598f71e69
- SHA256
  
  8bdb3ce10dee7a3249a186050d7f804bca19859f292ddad7ae8c5afbb649a07b
- SHA512
  
  74cf449facf674c6cb6b5831830a598038ae09bc088da8af894fe79462b48ad02222a2d931233f731187c163c7629a920488efdd1f58692c4f3c9a64d1497a17
- SSDEEP
  
  24576:gwTJ6A1eP1Pm9zhTaUe0K9XXVYFEjd6/Gr+AK9hhEfSVgPCS3tMrMyj3F9hIF1SR:r5ra0K9ndjd6/GXKvhISVE3tMx3FE1Sr
Score

1^/10
behavioral5 behavioral6
- Target
  
  GSBOT cracked/Xenos64.exe
- Size
  
  1.3MB
- MD5
  
  6f0dd4150efddfc20b70401479964211
- SHA1
  
  e97c802a8013b13fb91a831b779ade7c3ca6870b
- SHA256
  
  0e6d59fcdf8f143e23b076cc8380d6d23324839ae4f91793133b600e7eb76eb9
- SHA512
  
  d8e823876507cd10b8c176e502c99bb80d52742eaa7c0e319b2a5c1f605de962505bf09950418a461fde427db34a59dbb67cbb4a6045f44d243c77945aebd0fb
- SSDEEP
  
  24576:uLGfO4noYBPtVY3HPou37urInN48pGrnofSVgPCS3tMrMyj3F9hIF1SqY5cbaF:uLGfKY5tVY3gur9N4p0SVE3tMx3FE1Sr
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8