General

  • Target

    Darkweb RCE.zip

  • Size

    77.5MB

  • Sample

    231230-wzcmladea3

  • MD5

    5a2a46b5c145469021ac9eb4bd70d4e8

  • SHA1

    8fa5a11f0c2d47d50824a2f997f01c9634311922

  • SHA256

    60a18edab70b51dea63e1632224dd5ae46205239a6001e62efbd31bd1d5ab27d

  • SHA512

    2be3088bf57bd9d6fbebc737b5b6bcf9bc54bb4ecf8774b9634e52e76d673a81700ed518c1baa3ffbe98cbc4ca6b1eacd5939961198e85f54bcc4f2ea1e1e6ee

  • SSDEEP

    1572864:coOiJRijIDUSk8IpG7V+VPhqctgWUBtgW2jCHnfurijYmfZWEVd7T7d:coOftSkB05aw5WUgW2uHnfAijYGZHT7F

Malware Config

Targets

    • Target

      Darkweb RCE/Inject.dll

    • Size

      226KB

    • MD5

      98e46b546c2aa9fd0f18e63e63c9f67f

    • SHA1

      ba4b81bdae7701a01fd1cb779b1bf25eb23f0b4a

    • SHA256

      27676ddf5f875f7cef3f3bd6ffdb772df220f11d17b373fc9d867808546e408a

    • SHA512

      cef8eb21e26b7d05ad554cf54aa6cc4fefd051b22b8a790c1795abde95e2a7115e0d3ed0fcd55f43ef6b58acbf7a4adb57c2183b982d739167e46b10d5948bda

    • SSDEEP

      6144:Gjj0PLhcXrzhqIAiyiiiiXoBcZpf+un4Dh4RXv:Gj3FqIAiyiiii4Bmf+u/RXv

    Score
    1/10
    • Target

      Darkweb RCE/RCE Tool.exe

    • Size

      77.0MB

    • MD5

      e969fd6bc574440566a2e9b7ddce6564

    • SHA1

      2bb96f6d9df7a1db0aed848a1fdb3c595bc9e644

    • SHA256

      f1b1bf2ba0e233523c63d540205b17a7be44316e9c835d4f6e58392eaab053e1

    • SHA512

      5138a760b703b9cde9a34c2a32ecb7f9a1b840cb6913d3ac46cd86c9868b82f7b204eadf205f15a7b8c05b98991f0382e7970ac3357631a1008c98e100026138

    • SSDEEP

      1572864:koOiJRijIDUSk8IpG7V+VPhqctgWUBtgW2jCHnfurijYmfZWEVd7T7:koOftSkB05aw5WUgW2uHnfAijYGZHT7f

    • Enumerates VirtualBox DLL files

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Target

      Darkweb RCE/RCE.dll

    • Size

      24KB

    • MD5

      e6b8735ea19da68d9baa23f945a6fad3

    • SHA1

      65ae6742bf4106ce56d57d3ab427bd3e379f9ca3

    • SHA256

      48541be9ed6be56e4ee61dd48ce6b237b7a83a3be4db5a54ce350a042c77ecfe

    • SHA512

      ca3f3945406b9dc64b67f78cb75687b487203f177f4d3a96ae070f5aafa01ef43c733dd69847c095d6484a616abfe85f37568f8b289564693b6a3947fcac4585

    • SSDEEP

      192:iDGJzcLqS+q+obtogcv7QZYU+Am6+cfX/huI1Ps1YK2c5PkDVX:iKqHtobQZYU+Al+8XAI1q2c5PkDVX

    Score
    1/10
    • Target

      Darkweb RCE/UI.1.65V.dll

    • Size

      236KB

    • MD5

      2ecb51ab00c5f340380ecf849291dbcf

    • SHA1

      1a4dffbce2a4ce65495ed79eab42a4da3b660931

    • SHA256

      f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf

    • SHA512

      e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b

    • SSDEEP

      6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG

    Score
    1/10
    • Target

      Darkweb RCE/bin/requirements.py

    • Size

      2KB

    • MD5

      66c4a096e0371c77e18f94a2de406469

    • SHA1

      c5640ae18a99bf7390e56a8dea2835d980498b78

    • SHA256

      c2cc06e265c74a013dc38363367952be02c6a3ac98bdf1d51059d686e1265f18

    • SHA512

      b8c716c4ec3120166bb1c3ec996b9030bbf325a77f9e44a25be9f939f33917059c3e5e6f6f76ff37d113a4d40b6bd24e1f4f4705c9dfe17d26cf04ca677c12f4

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks