96dbace7c5d636a62634f50bba7097e7ce1af45e279e8d2c7947bc40aa418e1d

Resubmissions

29/01/2024, 15:16

240129-snmrmsebam 7

29/01/2024, 15:16

240129-sng66acfb2 7

29/01/2024, 15:15

240129-sm889acfa8 3

29/01/2024, 15:11

240129-sk3npaeadm 7

Sharing

Copy URL

Twitter E-mail

General

Target

Dark_Queuebot_2_1_1_1.rar
Size

116KB
Sample

240129-sk3npaeadm
MD5

33de80ac7f391390f2844ae8ae04a96d
SHA1

7aa23d55a79e90e1990262edfcf39121f0851242
SHA256

96dbace7c5d636a62634f50bba7097e7ce1af45e279e8d2c7947bc40aa418e1d
SHA512

65472e779e7b2a826bd70996af93b4cf3ef06ad6da3b150b2732cf6ae1e23385558d6c933b485eca04ca67fadade08a8f7e1d4c5b16f145af338aef6a12663e0
SSDEEP

3072:eQZQsF9bPacnhoRsRKjpjyYc7OtGPFFNYbFVUOC+gQC:ekQsFFPaxvc7OtWYpVUOC+gb

Score

7^/10

link qr

Malware Config

Targets

- Target
  
  Dark_Queuebot_2_1_1_1.rar
- Size
  
  116KB
- MD5
  
  33de80ac7f391390f2844ae8ae04a96d
- SHA1
  
  7aa23d55a79e90e1990262edfcf39121f0851242
- SHA256
  
  96dbace7c5d636a62634f50bba7097e7ce1af45e279e8d2c7947bc40aa418e1d
- SHA512
  
  65472e779e7b2a826bd70996af93b4cf3ef06ad6da3b150b2732cf6ae1e23385558d6c933b485eca04ca67fadade08a8f7e1d4c5b16f145af338aef6a12663e0
- SSDEEP
  
  3072:eQZQsF9bPacnhoRsRKjpjyYc7OtGPFFNYbFVUOC+gQC:ekQsFFPaxvc7OtWYpVUOC+gb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  dark_queuebot/index.js
- Size
  
  12KB
- MD5
  
  1e4290a7b255d7d454447fb353859449
- SHA1
  
  e3b68d537a0e914998ffea65016bae0b12ef8698
- SHA256
  
  f029066fb75a9a6648cb75f6496547bac29d5635957d65d71fc9ecaec0d300cd
- SHA512
  
  82e64ebb237832a51643cef68b320f6ea0e9a1d51691ef4facf28bc377cb836ef47cbc6180d02ab2f3196a39f43f82a364fe1ddd0e724445c235582c0c195e52
- SSDEEP
  
  384:EkAdo02czlre6Ks/sOs5s2FscsjsFH/sHYsos6ZnBZqAZgZIFbX1rro9kyHCSeXd:EkAdo0PzlrePh31CH2hnIAq6b
Score

1^/10
behavioral3 behavioral4
- Target
  
  dark_queuebot/src/commands/admin_home/add.js
- Size
  
  3KB
- MD5
  
  e90c9df97bd981b2a1989ffc17f9d37e
- SHA1
  
  17dddc686060b7333bc5909185a7e96ded6bdca3
- SHA256
  
  cc6b397dd8d64751bd6e867ae7d653626952df9470ca46d3aee4cf46dd0e80a6
- SHA512
  
  a7dbe3eb09b3bd4b0e09189e5d935129af4fd63d0e786919e8652abca38874dbd41fb5f7151083ccd585f351cb439a5d71e1230bc4566fbf0b755585f9950fb3
Score

1^/10
behavioral5 behavioral6
- Target
  
  dark_queuebot/src/commands/admin_home/addVPS.js
- Size
  
  3KB
- MD5
  
  6ff4a5bcd45684760158fb81e7458fd9
- SHA1
  
  64839614bfdcfef3ee3e9fdb30fcb06d0064bf7e
- SHA256
  
  b990b4efb6388063b2fc1f91b1590c13805d79fb04149b3d9650eadd9d70eb7f
- SHA512
  
  51f08d87167dd787844e3ab1af3b17df43da4942b9088d2a5c5d22a6ee43815db5036004960f9012fa7666a8e37aa0b4fc03b6c95433c719b194959cdb33bbf8
Score

1^/10
behavioral7 behavioral8
- Target
  
  dark_queuebot/src/commands/admin_home/addclaim.js
- Size
  
  2KB
- MD5
  
  7c39105822cef9d58181fa265023f170
- SHA1
  
  6d21807c58c79245ce92bc307e4598fcf34463eb
- SHA256
  
  253675279f3773b64506ec6462d087bae8318df1a6b18c46ac36e8813357432b
- SHA512
  
  bf3d573a317b486067ba6f169d7e9703699f8e5fba0f2298e337acb77853cefa46672e71fc2f481aa3d1bc4746cc2921ef4533a346ca59ae8a9c3c2851d59c35
Score

1^/10
behavioral10 behavioral9
- Target
  
  dark_queuebot/src/commands/admin_home/check-token.js
- Size
  
  4KB
- MD5
  
  9e4ae47fa8266230a6e2f059ba2d122a
- SHA1
  
  7dda77a6b2f044d2e17ce526afd35d5b53007fa8
- SHA256
  
  38807df90725cabd2e7d0d9bf95e6d857e99e015888a62de7da4e64ca2e81263
- SHA512
  
  57f715eef5924619be2c770d7e88eb556dc248829aa3b5ca2686b01b7fd2e5e40d395556572be17130367b825b156a9381115211d2773e95309203cc54c568f4
- SSDEEP
  
  96:P3QKPKhaEJx0l5tiwB1miKx0/yuU/09xDFlyMdclt3jLs+r8bL:POaEbQtZXmBxPWxTdaLrQbL
Score

1^/10
behavioral11 behavioral12
- Target
  
  dark_queuebot/src/commands/admin_home/check-vps-status.js
- Size
  
  4KB
- MD5
  
  5c32c22176fefe9f9b22bec480420260
- SHA1
  
  d75a3469aa61d41e802eceefc8300819df03ba0a
- SHA256
  
  a0ce4dd768ad70127f9eb644fb8ca5b22416aa01dce76b57c5810a1ab427b9fe
- SHA512
  
  b8580e57f322697729b3464fa3135268a2b29fc443f6736ae018788eff11bc36855a2373ef2c2d23808d7edf4f47426d33d4389f7908cccd257f160edb2e8710
- SSDEEP
  
  96:5GaE1PBvZ+5LTJYhlwy64tw5dldHeD+5fI7Xa/XWlyauWwf18eSB5H+K5eR8x0Kk:5+fZ+5HJYYl5/UYI7q/UNsdLMKnY3A
Score

1^/10
behavioral13 behavioral14
- Target
  
  dark_queuebot/src/commands/admin_home/claim-lifetime.js
- Size
  
  4KB
- MD5
  
  65c7c6308d0f938c5c6118d185479f48
- SHA1
  
  a1fd47d8659ca1fc1e87815531657a8e5fe0bcda
- SHA256
  
  b44c9e744e8ace7d739594272b61325d37c9a7b2a6bf4166d33f2f0505154434
- SHA512
  
  251e9290a22657b07e027a77a0df2baceda6081f136c20f6f4333364d0ec6bd1d606adbdab8b0b13e5c9bab85a86df79f4b2f02a520f913f9ed3ba2dfe834a8e
- SSDEEP
  
  96:i5fHxfktl677pTIe55kBRu4/W6orFHbzD4mGUHTj/j+CoFA3gS:i5fHSP677pTIe55kLumMrZD4mDz+Couh
Score

1^/10
behavioral15 behavioral16
- Target
  
  dark_queuebot/src/commands/admin_home/generate-key.js
- Size
  
  11KB
- MD5
  
  7c1d98ac3c540bb55519b8e1db7bf92e
- SHA1
  
  b24117fb6130b0a9f921fc256e8ed23c07791687
- SHA256
  
  0b4b8bbe8a8d6d9e16c7a92ef7060715dac10ad112f67211e1cb6d1ed836a79c
- SHA512
  
  747f1314df8ac56405cf813cfbc93abcdab993c9a5aaf398e91f892527ca982ab7ecf67fe8a2482aeb730dfbc547bfdc002f6808ad6e1a49b72c83dab384248e
- SSDEEP
  
  192:YRIaFeSjuL0HQj73+ULbKUdCmExb5RU1/2GU3Uczky1H6AoB1da3nKjOhEy7chy0:xyeS+0w33+ybXCmkb5R42l3Uc51H6AoX
Score

1^/10
behavioral17 behavioral18
- Target
  
  dark_queuebot/src/commands/admin_home/move.js
- Size
  
  3KB
- MD5
  
  015ba7d0878b2bf4d369e0616b258b55
- SHA1
  
  cde0579afc636b4191bb298745087165c0195b41
- SHA256
  
  d8ff669824d5be56e089d248e603029d8ca363311e2f8d8b0d001742400374ed
- SHA512
  
  8d5b439567bd82c36d7a0c192d0bfac50508ef984a5897e0aba662f451b480404f33875909be9cce5d4f9f8dd98e59be953d94e35ba21ea094029f33ae138505
Score

1^/10
behavioral19 behavioral20
- Target
  
  dark_queuebot/src/commands/admin_home/nitrofoundcheck.js
- Size
  
  2KB
- MD5
  
  ffbb77e524d03dc8aa8da05f9a2be204
- SHA1
  
  86c6095c96a356af1d16032c80ebc1300f966c96
- SHA256
  
  9641c0da162304b4ae69f617ea5964b303d8cc165eb739dba1936428042def69
- SHA512
  
  af32b4ede32d6e241b505fa485424d8042b824763bd4a903e85c21e813c39f127768fba6726473f13cfd20f82ddbcc8b153d19cc67ffcd66f3958e6cb9f62e4e
Score

1^/10
behavioral21 behavioral22
- Target
  
  dark_queuebot/src/commands/admin_home/qr.js
- Size
  
  5KB
- MD5
  
  38dc1c6db82d25f8932f57fda969692d
- SHA1
  
  9cc172333e1d159d16863f46bb1b70cae14e3e95
- SHA256
  
  c5a8348651f176f0b7e582475dd376edc52915fdf0cbf5c1a9c6d508dd6cb088
- SHA512
  
  d9863969521914a53a5e7afb233386251e215d2bcf8daea63052fdebc057c2e88ec92ef53eef1fc68ef6781e50e52229a3ee218c1000bb77c81c697129a3db5d
- SSDEEP
  
  96:gDtU5wTZoaqnjRIDUql5Gv9zQH531BHbX8YM5SYKoGMAs/9BXcfVbbpKSBD9xIMc:gpTZNqnjWIE5Gv9zQH5FlbYa8CkSpXIR
Score

1^/10
behavioral23 behavioral24
- Target
  
  dark_queuebot/src/commands/admin_home/removeVPS.js
- Size
  
  2KB
- MD5
  
  afb85a42d59d61dc02ed8f487ac9be31
- SHA1
  
  2506f083d315aae58e3b6abbd87689a4afb577d5
- SHA256
  
  c6e2d61e6f8ce098124c530c33fe8169826cdbc38b1e2924853613ae9c07568a
- SHA512
  
  dd07c32f320fee89a5b180dab66f73bb08f03ff79e6d9aac4f4601c86b0abb6c61b10131e94b1ad49cd205b6b8a1701f3baa9f390be9606e18a281f9fe94b627
Score

1^/10
behavioral25 behavioral26
- Target
  
  dark_queuebot/src/commands/admin_home/removeclaim.js
- Size
  
  3KB
- MD5
  
  3d6d61ecdc89ca513b8097918feeaf46
- SHA1
  
  fe654052fe7235923037ba14477956bf5cc4715d
- SHA256
  
  09147560c7c1321455900f7ecbc235fbabfec831c75887b1465f5648dad19a13
- SHA512
  
  b74394318e12d733546a36a699e003a3c70c60ff1c6ab27a0c48373c5b806afe6e567f4d202c9d9f024a6a4f32bcdd26941a8561be930b4db343233bf3025249
Score

1^/10
behavioral27 behavioral28
- Target
  
  dark_queuebot/src/commands/admin_home/restart-sniper.js
- Size
  
  3KB
- MD5
  
  218495f99b94cfe2a4bbe8ef889ef6ba
- SHA1
  
  4c8f52e0087e5ed606fc29f4bdbacb7171cf3dc2
- SHA256
  
  4a37e0c01c2274267aa3c893d1ab37af0c4aa8ed5780bb31a90b81976f136266
- SHA512
  
  e5fa41df54040142c1abd98b82b58253c568d8588bbc017c4faac0afa6f074ff5c160341cdd6c6ea58ed19d44541fd7ceeef217f6b4d3b3d840efd6c9297390c
Score

1^/10
behavioral29 behavioral30
- Target
  
  dark_queuebot/src/commands/admin_home/setup.js
- Size
  
  6KB
- MD5
  
  a167d54e90be8c6d08c1e8ac82ce8f39
- SHA1
  
  f1d9c975050cc29c4926aef28aa06efcad5756d9
- SHA256
  
  e3e29f6b06dca68c4573efe2165dd4a9278e7ba9250bd8a914de244c67c52516
- SHA512
  
  ed9166224348e10fb3d5639abb81e5130d6e1706930f2d4ce40972f876e43080e23b22b5b64b85947b25173a0a9380d879b153ad73b3819a650d4791a3c967a4
- SSDEEP
  
  96:Kfc80kn0i0X1uwYZ4I7J5pCXYC+wmnCfyO9dHaTJIRGgFxzMupRqwZR/5lJR/6Ak:Ob0kn6lNe7lcYCpm+K23+1
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Loads dropped DLL

Blocklisted process makes network request

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32