e179de0543e0024bf3b90de52ad1786e1d10965d2e2520f166f6ec582371d788

Resubmissions

30/12/2023, 14:21

231230-rn6zvaafe2 7

30/12/2023, 14:08

231230-rf1svsegcn 7

Sharing

Copy URL Twitter E-mail

General

Target

kb250irm.zip
Size

8.5MB
Sample

231230-rf1svsegcn
MD5

7017c1cbc4277988e3898a71a50765c1
SHA1

b7ea9ec2eaa0421462e98b0ae279d02aa6a864c8
SHA256

e179de0543e0024bf3b90de52ad1786e1d10965d2e2520f166f6ec582371d788
SHA512

72c447adec23637c1370e5df1ef971c77d75be17e39446eae7b65c14f1dfd3d9e59491576251fba624e09dd7d0bcbe98aa7496b9fa995ec33b97b37ba0f6fb4a
SSDEEP

196608:I9hMQC+ctzp9iUaA3/MC6qXYKSLE8EVGMrR2Io+et381d3s/:YhA1r30C6qXYF482rU/38v3s/

Score

7^/10

Malware Config

Targets

- Target
  
  kb250irm.zip
- Size
  
  8.5MB
- MD5
  
  7017c1cbc4277988e3898a71a50765c1
- SHA1
  
  b7ea9ec2eaa0421462e98b0ae279d02aa6a864c8
- SHA256
  
  e179de0543e0024bf3b90de52ad1786e1d10965d2e2520f166f6ec582371d788
- SHA512
  
  72c447adec23637c1370e5df1ef971c77d75be17e39446eae7b65c14f1dfd3d9e59491576251fba624e09dd7d0bcbe98aa7496b9fa995ec33b97b37ba0f6fb4a
- SSDEEP
  
  196608:I9hMQC+ctzp9iUaA3/MC6qXYKSLE8EVGMrR2Io+et381d3s/:YhA1r30C6qXYF482rU/38v3s/
Score

7^/10
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  hiddump.txt
- Size
  
  8.7MB
- MD5
  
  91647c0a352ea0797d3f58cf39ad3c74
- SHA1
  
  a9905f20761f6acf515543d5258f7275681687ca
- SHA256
  
  957887ea72d5344e6d8f3fe70139cd40c291ad79fc41dc0d91d5f85c4f8ed384
- SHA512
  
  cbf1fee9c2abaac1e1bf53a7fada8518f627bd5b9131df1baf6f78ebff1185cbf4a31b193e278a40644edb92d8d91bd45b749929b215c5307720fc8ffe05d836
- SSDEEP
  
  196608:TrOrqjUIWMhfT8GgDqiEJIYrjwAeWep3:TrOr+fT8vWiErEN
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral3 behavioral4
- Target
  
  kb250/stool/Plugins/SharpDisasm.dll
- Size
  
  215KB
- MD5
  
  0f900d9190603d646009ec3523fa43cc
- SHA1
  
  a04598dcef92337ec57c0a357c2e55a1fb9c0f40
- SHA256
  
  6d3ce990cdf58da228697d25416d16d15994135c5f66571fe1e00e9c975bc2cf
- SHA512
  
  24397a81c9ad30f3d5377632d74706345c4a9811076357df3fc8d307a8941167b2b40b85923a4782f22a531e9f3ac4fe234ab892bdc1139a1a60f4ed7798a467
- SSDEEP
  
  3072:y0AUOuR0cuVT+INgDgU0CaG8yVHZ2pFnjuWG/tDTQPd0FvAvxl3vBsyr8fnLN64R:hsuRUVT7U0CaGpVHs/jEEsz6
Score

1^/10
behavioral5 behavioral6
- Target
  
  kb250/stool/Plugins/Steamless.API.dll
- Size
  
  33KB
- MD5
  
  2af2cdf92dd30521c983c848f501a067
- SHA1
  
  9c0b98627a8d18704dda11fcfdc4d87283cf10c1
- SHA256
  
  ef65b553408c2a0cfb226223d28ab248b3449a9699b14f967b51910897a1de17
- SHA512
  
  d5c38806d4fdf0ae6a3fdd09b106edbacc32ae296a811c0ae69e4a97c338dbdde4db47dd0cfd79a927f501ccc7325633353ef9ad06a0e0104225481f4494da2b
- SSDEEP
  
  768:N1gwCd5dulN1LJij5JFBF7YibQkk2a1ivS6KmskO4xujS1M:rCd5dulN1Lo7HjQiau7xuuK
Score

1^/10
behavioral7 behavioral8
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant10.x86.dll
- Size
  
  11KB
- MD5
  
  f61c6f7a6377d09aa75d453908e23827
- SHA1
  
  2a628f6c3a3dbb5fdf459401c5680fc7edc32a4f
- SHA256
  
  78b073fc372de7044f1ebd60c16342eee16eecd6d4092873d1a516a792facbd8
- SHA512
  
  692769ad80e8bf1331d05f66b0dd582ee7e83a9e19455986bf6a9d41193e17498cfd52997bfa09850ef8e6d7fbe2c4fb69e9e0b10f10d2fed8595da6b945dcf5
- SSDEEP
  
  192:f02+M3RP5GJp3WHAFROJqRZSz1rT/xEQayychMWfiKoKlD:VB3GJpGHmbTY1fx5ayyhKR
Score

1^/10
behavioral10 behavioral9
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant20.x86.dll
- Size
  
  19KB
- MD5
  
  d6192d4d88d63a0212755de43e1e6131
- SHA1
  
  63e25101cf93e1822ab39236c7c4620a2a1c03d1
- SHA256
  
  116d3ffa954adffb5c47e480262d5951baa7c35ea5fe76c153b02ef23f9546ce
- SHA512
  
  1bbfcd236acf80d11bea7f02af9fc38f2f6bb4a210f5584d9311526b9d35e4dfc41f3e2e956f3e0b85912417781c8b74554482277fdce710badbd0fe8eda9a64
- SSDEEP
  
  384:Yb90lYR0m+sjrrW9dRIgk+LY+2ITmXjECoQqt3kkJRN07Ih:gCqTW9fsEYRcNtd7+76
Score

1^/10
behavioral11 behavioral12
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant21.x86.dll
- Size
  
  24KB
- MD5
  
  b75c6006ed520f04cd57d956e8bc1d74
- SHA1
  
  e8f8735fbd11d282a9e3e4747ad2685a32f3a10f
- SHA256
  
  3d5c8854c79d4e71e6cd6177663fec293a09bbd2b455dc4aca1a362f8ac438c3
- SHA512
  
  8aaf59ac129860645055f6c68cdcfe7154d47d87947b8d13c5b01bcff6f98ccc6541d14c92fdf0fe14b170fb86519dad18c7867211483f3f19dc4d7adeb6e768
- SSDEEP
  
  384:r2K3Wqy0W7QBCj44ndOvY6ITv9X0vY74aZadlah+LY+OYwFht/kWHj48yyyyvyyc:r0BnHkK4wmlYEYbNntLfyyyyvyyymyf/
Score

1^/10
behavioral13 behavioral14
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant30.x64.dll
- Size
  
  17KB
- MD5
  
  e285b8a0488b349343d5fa7173743b38
- SHA1
  
  e475f38ffe27ce0b9af90771690c5298ef85b3d0
- SHA256
  
  12d66aea0d40a566fd56be8e33f8aed3557ed0c7041a8f3d4c0c010e196944db
- SHA512
  
  fbdbdfa33e4a922648a58fe2b36f502197e1a398ec4dee27bda79b4babe565c354571165a6b6d7de5fb24a7ac4d2d4f49be2f6f723f57eedb17297ec20f82ac4
- SSDEEP
  
  192:rLCAkfP7kB3VwWHU5FCRrh2vfjuglnSs8FBuqrqJ7q1bQOgNj2HVfu3KWOGvQ:rw37kM0U5QT4fjug5+y8gqaGg54
Score

1^/10
behavioral15 behavioral16
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant30.x86.dll
- Size
  
  16KB
- MD5
  
  5be751e9ca97ab9ff39f56faf63c1883
- SHA1
  
  e66eb3ed43fa4f891dc830fd5c030d7c4433218c
- SHA256
  
  e80e71fa010ce670dd512243f932b25e23ccf4ef86e49007ce45ab9031a1f0a0
- SHA512
  
  672541cc565343205a9b508f4accea6ea208973b2a1c230c9ea7261b07854f8884dc88dd969b017e365e86350b8a6ba834099dcb066fc78d1c140fea3b9abf90
- SSDEEP
  
  384:WPuEBILbHtoZDreMbljug6FFl1rjqSG2U7:6BIfH+wOhUBlGF
Score

1^/10
behavioral17 behavioral18
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant31.x64.dll
- Size
  
  16KB
- MD5
  
  a76f47477bc12affcc6ce7a8fae97e4d
- SHA1
  
  517861fac5a9c657176b2f696e86f96506d6fe3c
- SHA256
  
  dc4aeb588fd03836eb77197525cf38e6c55aa5ef415cec0bf2eebb0049fde7a2
- SHA512
  
  23279ad51a05c187b40dfba23e936c30b8abde5ce2367170f96e68188b0b3a8a9c7295b7abecb66ef3dc3d5be9bdedd9ee2fe1d708d4180040216610d07dd012
- SSDEEP
  
  384:eAZi4/VB2222222Az2afAog6tc3nqaGsGx:744tJKEAyi3qr
Score

1^/10
behavioral19 behavioral20
- Target
  
  kb250/stool/Plugins/Steamless.Unpacker.Variant31.x86.dll
- Size
  
  16KB
- MD5
  
  cc24951d1e66436e850011cd43c55b64
- SHA1
  
  0f835ee7b7814481ddd0e869fbb00e37d2a02b37
- SHA256
  
  9030b644171659839a2428cb28d4c827798ff93aa5b0903eb076b175987c740e
- SHA512
  
  86dad633eecb88f2853b0bcf0e715b07eaf5083b3f817cfa3a9c1bc56e655878140e18a1da5ad99a6e327759d7283b2f2a67ed2989c3baf8e684676be81d1c74
- SSDEEP
  
  384:ICSg13kzvVFTyPani3logr87Q1AK8QG2/6:xZgvVNSanwlDVG7B
Score

1^/10
behavioral21 behavioral22
- Target
  
  kb250/stool/Steamless.CLI.exe
- Size
  
  110KB
- MD5
  
  0e18c6c7489ca9abb416a23b31e09782
- SHA1
  
  d4ebf9845c3a135a55c7d33ab87c875df39d8941
- SHA256
  
  6b78303b21003efbf113e742799eb3dc4bd1c705890f759937d411fac818322f
- SHA512
  
  2b961c57bae45f95d50577ba66d59e5ac538a5ad764b4cd6f5edee3775fddbe5ac9bf8fd9806d45542b7d31625ee56c9ec6067029f48e8ba54cfc32774c63745
- SSDEEP
  
  384:E89XmZMEWmqIRPw8fcFpOGoA9aLu44B3qiVE341ByXvonJcbqPySHYqzQzw4rm:D9Xm5WsRIPY2N1YGx1ByoJKqhHEDm
Score

1^/10
behavioral23 behavioral24
- Target
  
  kb250/stool/Steamless.CLI.exe.config
- Size
  
  189B
- MD5
  
  ef0181de18ef3951806c0ad63b897ba4
- SHA1
  
  4b6a4b0f7fbbbd1dceab385e7fac74a35fc132cb
- SHA256
  
  e8decc96235b5494880083eb79c22c84c6d9ef312828baf9490bee7782c350ec
- SHA512
  
  b1816817e8deaa7b22bc51966e9debed46b254be6463f2ac0204be348baefb751c5d846a5353d43cce66a005a73f6226462b8ec8b59d4e16a54130c327c68b79
Score

3^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Executes dropped EXE

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26