Overview

overview

3

Static

static

1

one/About.vbs

windows7-x64

1

one/About.vbs

windows10-2004-x64

1

one/Area.vbs

windows7-x64

1

one/Area.vbs

windows10-2004-x64

1

one/End.asp

windows7-x64

3

one/End.asp

windows10-2004-x64

3

one/Express_list.asp

windows7-x64

3

one/Express_list.asp

windows10-2004-x64

3

one/Foot.asp

windows7-x64

3

one/Foot.asp

windows10-2004-x64

3

one/Index.js

windows7-x64

1

one/Index.js

windows10-2004-x64

1

one/Job.vbs

windows7-x64

1

one/Job.vbs

windows10-2004-x64

1

one/Left.vbs

windows7-x64

1

one/Left.vbs

windows10-2004-x64

1

one/Main.vbs

windows7-x64

1

one/Main.vbs

windows10-2004-x64

1

one/Message.vbs

windows7-x64

1

one/Message.vbs

windows10-2004-x64

1

one/Netserve.asp

windows7-x64

3

one/Netserve.asp

windows10-2004-x64

3

one/Netsys...te.asp

windows7-x64

3

one/Netsys...te.asp

windows10-2004-x64

3

one/Netsys...ify.js

windows7-x64

1

one/Netsys...ify.js

windows10-2004-x64

1

one/Netsys...in.asp

windows7-x64

3

one/Netsys...in.asp

windows10-2004-x64

3

one/Netsys...ig.vbs

windows7-x64

1

one/Netsys...ig.vbs

windows10-2004-x64

1

one/Netsys...nn.asp

windows7-x64

3

one/Netsys...nn.asp

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67b2b8aa842efe70d61dbfbb5e930ba0

  • Size

    1.2MB

  • Sample

    240119-qdyeaaeegr

  • MD5

    67b2b8aa842efe70d61dbfbb5e930ba0

  • SHA1

    0d2dd152680fb73c47c77cee8f2fe9db577e3eae

  • SHA256

    3cb20c7e0cc76a8e8d9004a7944ef8bc4bd107d433257bcd5d91ae934207698d

  • SHA512

    704c169d5c534d51a94fd8f949a61124046430d5991b49fc135b49be7aa1bfa0c9b34b38fa982385bffef8f16367167778ce0386da92e79bbaf21833d6181df9

  • SSDEEP

    24576:PdCqaux+S71moqbSSMo20aRiWKYfYYOt/9OLyZYfKi24rXmP7Sc1:qu4m1mojSMpAr1LVM72ym51

Score
3/10

Malware Config

Targets

    • Target

      one/About.Asp

    • Size

      4KB

    • MD5

      8bd6780fbe5484f5a2c6a630debfd6cc

    • SHA1

      4e88834ce5d7c62fee72c190361fe1079eb7bf0a

    • SHA256

      a18be7aa0a691764f124686891246743e3fb2504eef00ff31f2b3770354ccaf1

    • SHA512

      19d18eeabc6dca9c8799b92b7da8f9f9f81e8c7f4ffc19f288f9f6e0fea3d477cba82876ad8c61aa99b8e66af340351e30699c2f8b63bdfcb3a2a3fdb6740b86

    • SSDEEP

      96:jmKwxPLXLTLnBdLmL0ePhUf9tdhhezka2ILJBxIBMYN:qK0P7PTHS4Khu9tmkFI1jIeYN

    Score
    1/10
    behavioral1behavioral2

    • Target

      one/Area.Asp

    • Size

      3KB

    • MD5

      b81469e4f62b05011a06ccdb48043238

    • SHA1

      b1bff50f94cac11084c69c15b02634fb415d9fc5

    • SHA256

      7d29caad8a7440b85b16089a634e365cdd4573d67293d1470de5885702bf77f0

    • SHA512

      a37ec86d2d9109218e448e10da42a44da5ca3ec9d7370f1c762f4c9a51f91db63f4824e9cdb53ea61d602d8b94c77ba866c9402e059b6cc6e6889d71b5f1c8b4

    Score
    1/10
    behavioral3behavioral4

    • Target

      one/End.asp

    • Size

      408B

    • MD5

      fdb1955d32025a5a835af44091b60ceb

    • SHA1

      c56db440d0bd63450b6c0dbf0e65a9b6b79ebb85

    • SHA256

      6f753b1ef6d466db2d8b97249a9711cd00fb010e54d7d2b4ed2d5fc4275adc4e

    • SHA512

      beadb610cb7ceb1d580b04400cf827b7f4b82f12654d2fdaf11410b4ab0a6e022231f7c0e4f98a67ca29262fc87ef9b1d2e9377820b6433fb6004b91ec62d6cb

    Score
    3/10
    behavioral5behavioral6

    • Target

      one/Express_list.Asp

    • Size

      5KB

    • MD5

      683e28975b18b94785f3cb0ec983e4dd

    • SHA1

      b98e47f1ad2baaec0c51ed3c61d0a060e92dc012

    • SHA256

      e98d4d884f366c5983e7082272ebbcd3288063bc3c8478289db15e6c405d490a

    • SHA512

      c82c64638ad97cf8a585b9d7e34e3de4477c468fc43eb89998fa9bf38615ab14a1618f30948863dd1aa11f3b0af313ecc42be12e7005465c24a008c7470aac25

    • SSDEEP

      96:iU+1yGlGMt3C7JS2SFSRaKgQKlIyNokPR4MvA7LYj4FUA73J:iU5Or36JtotKgQnA4MvA7LS4T7Z

    Score
    3/10
    behavioral7behavioral8

    • Target

      one/Foot.asp

    • Size

      280B

    • MD5

      c255bcfb230a789b21d930b0f6b41331

    • SHA1

      59c92e2bd38f116f2b6ed29c8893de7e0bd6b9e3

    • SHA256

      ac12f2f44d777e1808bca285eb6ce7815a13889dde5d6324f13a4e044f8fe755

    • SHA512

      bc127d267c548dc28050e01f80f9bf0d2ecbcfc6e44f794bf7497683e8aaef80b9435cbd1fa3590a5cc9447407d9fd31aacf81eb3d41ca3c5527746c2e859ac8

    Score
    3/10
    behavioral10behavioral9

    • Target

      one/Index.asp

    • Size

      6KB

    • MD5

      f31c564ac07877d0185285a1f45119ad

    • SHA1

      56240390f376b035a1cc9497155f67708005e2e7

    • SHA256

      0e61aa30c006b5e477b66a048b377b99f881e646d187020c40304329da053eee

    • SHA512

      2e55637d1c24abb5c04cfc618082747941cdb3e64fe457fbcd40f14f6854804e8243b1f06f6296fd496a85d91cbbc58f96cfca255d83e6064df887e0e7d451dd

    • SSDEEP

      192:IKnkQeGKygz7UkoRo4L/g/WSGt/G/T/Rs4:KGK9z7UvSvP

    Score
    1/10
    behavioral11behavioral12

    • Target

      one/Job.Asp

    • Size

      3KB

    • MD5

      e7810de0882167e90e578693e79bf0d1

    • SHA1

      398599058773d20ab4e903c82c64123f022fe11f

    • SHA256

      369d3a20c10040e0e880f26e858a7a7d8ce3d987c774c50c710fdfd70a169b80

    • SHA512

      aa9f0d074155d0c9cc9b3995fb1d605c7dd27b5ec890f12300f388243582e1064e7bd95643ccf43e00fbe04d46a58e7217ef87d0450a4692ef4dd813b8f870e4

    Score
    1/10
    behavioral13behavioral14

    • Target

      one/Left.asp

    • Size

      3KB

    • MD5

      164a7004867babdba3cd007208e4968d

    • SHA1

      69ed74e11c0e521af92907e5f5dc5cb09de5cd4a

    • SHA256

      143d62c483d309a235379e49ff44573993057e835c429c63a2b706a43bd6280a

    • SHA512

      3fe110de76251a3e13f45dba04707f3355ad58bfcde362fd6608c7fbe0a94e187fad09d23a5641b6b7dd713ed5bbccdd79a0b59bb3afe1fe52afb3b2e4270ddb

    Score
    1/10
    behavioral15behavioral16

    • Target

      one/Main.asp

    • Size

      5KB

    • MD5

      d8931de6f3ad4f37ba6e988244aead19

    • SHA1

      0b8d098d19c928bc07114365c691b6b04c2bfb6e

    • SHA256

      7585745a2c4a6a7d25b0cd39a8aef36076f2eb225d5690b7f892fa4b6c9c24d6

    • SHA512

      cfbd1556ac7a07991a7c63fd9a6af423c2372528e12bff4ab480b72d37ea9968c3c7b96abaa42d1fc73998989a88b08a13c8b0f2a3d8a6dafa6a462d05b208a8

    • SSDEEP

      96:IKwxPLXLTLnBdmVmmk0t9/mkCCCUBG+hf+lZt9Hncb3mJueWEaWIgRBBx7:IK0P7PTHrmlttmLCD4+hf+lZt5cj3EtJ

    Score
    1/10
    behavioral17behavioral18

    • Target

      one/Message.asp

    • Size

      10KB

    • MD5

      66c9757a9981bf39a9fec74b53592b8d

    • SHA1

      1388013c7259d5306c35b5233656fb89a8ad5bef

    • SHA256

      55853ff749c473eecc947e3849a337b43d7d83f61ae7fe7300eaf14ded067ff2

    • SHA512

      87055fa2a565538b7e6f88a798d45bd0a53368d85452e75681128bf07f696c507e781e057db2298b1565338cb88a6f2e6920de727ba7a4648f948bfa6675d867

    • SSDEEP

      192:IPJP7jPsyFt+eDWciXIpfNzS4XhAtqwp87UYBO7HEtIOD96:iTVjDA7qIY6

    Score
    1/10
    behavioral19behavioral20

    • Target

      one/Netserve.asp

    • Size

      4KB

    • MD5

      b9c75c660cea1d5ef7cab2d4d02618c6

    • SHA1

      759a1c42732b5058a80cfc229336772f39ee33e4

    • SHA256

      18099b1edde4907d93548dab22941751a35518eb05aa2b28b59fef139417d74d

    • SHA512

      6909ea1785f896743e9c221320d943ecb7870de19dda292dab413c1d95edf6344b8363ad150c00c4fa94f4db4eccb1ddffba49237611233c203ff2e0943eb5ed

    • SSDEEP

      96:IPw8PLXL3BFm5L+St9q18P+rMSxQ5N4nsA3eWEaWIg5BR950:IPJP7jPEyStu85S25M7EtIOD96

    Score
    3/10
    behavioral21behavioral22

    • Target

      one/Netsys/Comm/Date.asp

    • Size

      1KB

    • MD5

      d6c04a017effadd09904d55aeb94e299

    • SHA1

      e501a20dee9fca8304c252f114cc3ff7a3271f4f

    • SHA256

      8cf70904856032b8512afc5fc59bdb8f6ca59ecc5c7d5795a9e901a05594ca5f

    • SHA512

      de3600abe64cee56f9d424f10d630e930b0b053be2cd4f0e8e519532d6f3c4ea9bd834138836de017fa2356af68cb8bd85e117b8f9263c9e4f6582e73c15d00d

    Score
    3/10
    behavioral23behavioral24

    • Target

      one/Netsys/Comm/Mymodify.js

    • Size

      25KB

    • MD5

      c5e7d7e6f3c9a3b45cb85784d1a9c00b

    • SHA1

      fff25ac0b09822329f75b9a6818aeeb6ef632a64

    • SHA256

      4a94f9461d80024c4c94b003d00efb5c10b86e0c97f9e37c40cfdbcd0a97b646

    • SHA512

      682a20e1187e6cae391634fc40188d2a62b9856e9b64dc9e88f2a5ede13a60daa630e8a9fe7ec47749f0b888f1cf547754994038c13bae300e2b6430e9e11e3c

    • SSDEEP

      384:zU0wUeUhwL6Rd5wdyOyhyugeXqT8Wk72V57zGsUICriXBGFUu:3eM7O8JougeXqT85MzGsUI6idu

    Score
    1/10
    behavioral25behavioral26

    • Target

      one/Netsys/Comm/Netsys_CheckLogin.asp

    • Size

      509B

    • MD5

      8c1c5bdbf3cf7ba9bdc7d646cb20215a

    • SHA1

      647f69d0fad791825235a8bae73203cdbc2bf4d4

    • SHA256

      242b69a1ba6dbf5d47e382cff11dc446ff0934775c7bb4e427ff1ec4cd9d1e51

    • SHA512

      4f663092bd1b118a6587b3309033fdbab8b90bc90f9e31e2edbb4146ba7816ea3ee660efce0aa3fa3079ab3230ab2c5ef01a7ad01ea715dc4bcdacd5c13bfd23

    Score
    3/10
    behavioral27behavioral28

    • Target

      one/Netsys/Comm/Netsys_Config.asp

    • Size

      3KB

    • MD5

      e1be0cea1144f7bc43495ae853ca4f7c

    • SHA1

      ff29dd2ee41ce8020a1011d87a5b555ad436e745

    • SHA256

      46351c07b3a547cbcd07c7d5599d498ebeb24e32c35ef7fce23bb22d4b735c23

    • SHA512

      b90b1f162ea8427d12e9201814fa900c7414444f984aa34207aa445bbf56da3bc8bcbaa3c81ae9b65a98f9af0ef0b86ecddfe903697d5911945468c93fcae8be

    Score
    1/10
    behavioral29behavioral30

    • Target

      one/Netsys/Comm/Netsys_Conn.asp

    • Size

      390B

    • MD5

      afdc0379eed21ef5a5907c67e288a2bc

    • SHA1

      8e3373bf14d7dc27572fc75886627a60f67abad4

    • SHA256

      24214233c74b0ff5cf89057c1dbcf13be7f8a10abd7a059df3021289e459225f

    • SHA512

      657c1bb202999468dfba4aaa9c35edd8937f8cb4831db316eaa2e6ece56a17650422cb9484c19fe7c978d863bf7b97356c84c9f42217a88e04c0a17f36ced08d

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks