General

  • Target

    ce717ce09f6aeaaab7d13f2f1b49fe85.bin

  • Size

    301KB

  • Sample

    240208-d2j6cacc89

  • MD5

    2cf646c6d42cbd8614a73cc04d23fb16

  • SHA1

    b29371a28b5edd459611cf936a63730cd14a0056

  • SHA256

    a63e2543ef07a1160f0df4e653e7059b097c08a9f48aa1c67168a4ad17d7d66e

  • SHA512

    0dadc404abad6317bc403e7b95a8829b0c39586c3225f0c39979c617eed6711002e5c86f55369cb70ccaea30f082f156019c81a66fac4ae958bfe62a4f009932

  • SSDEEP

    6144:XbhEwzjbgVnEbpFEyOmU3GvcUPCruZ0LEnbhBwkAk2XkyJXqwL:rhEwzuEbnEyw3sQP4nNBbl2UyJX5L

Malware Config

Targets

    • Target

      b09c72bf641ac0a02873bc9621c4985b6f9d08f41de614e33b79b91bf1f6c857.exe

    • Size

      414KB

    • MD5

      ce717ce09f6aeaaab7d13f2f1b49fe85

    • SHA1

      55fecd0b70fdee09035105c3dda1d6dd987e61d6

    • SHA256

      b09c72bf641ac0a02873bc9621c4985b6f9d08f41de614e33b79b91bf1f6c857

    • SHA512

      d4e37f82cec810c5c4ea651b63e871b5ce40acd7b74f3a956f4e2d29356493d195dcea634b946509330f1d415168e0761a7597d9909a9d5e0a49d961ed9a3694

    • SSDEEP

      6144:L4t6Lsvq5WSBHh/5cK/vBHc2Z1qkyi9lscIKAhDG4TXAog6cjmSlJej:LkvqcSBHh/5zRHBgkyrKAv5pcCoJk

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      17ed1c86bd67e78ade4712be48a7d2bd

    • SHA1

      1cc9fe86d6d6030b4dae45ecddce5907991c01a0

    • SHA256

      bd046e6497b304e4ea4ab102cab2b1f94ce09bde0eebba4c59942a732679e4eb

    • SHA512

      0cbed521e7d6d1f85977b3f7d3ca7ac34e1b5495b69fd8c7bfa1a846baf53b0ecd06fe1ad02a3599082ffacaf8c71a3bb4e32dec05f8e24859d736b828092cd5

    • SSDEEP

      192:eY24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol+Sl:E8QIl975eXqlWBrz7YLOl+

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      42b064366f780c1f298fa3cb3aeae260

    • SHA1

      5b0349db73c43f35227b252b9aa6555f5ede9015

    • SHA256

      c13104552b8b553159f50f6e2ca45114493397a6fa4bf2cbb960c4a2bbd349ab

    • SHA512

      50d8f4f7a3ff45d5854741e7c4153fa13ee1093bafbe9c2adc60712ed2fb505c9688dd420d75aaea1b696da46b6beccc232e41388bc2a16b1f9eea1832df1cd7

    • SSDEEP

      192:o68cSzvTyl4tgi8pPjQM0PuAg0YNyoIFtSP:LBSzm+t18pZ0WAg0RoIFg

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      b55f7f1b17c39018910c23108f929082

    • SHA1

      1601f1cc0d0d6bcf35799b7cd15550cd01556172

    • SHA256

      c4c6fe032f3cd8b31528d7b99661f85ee22cb78746aee98ec568431d4f5043f7

    • SHA512

      d652f2b09396ef7b9181996c4700b25840ceaa6c1c10080a55ce3db4c25d8d85f00a21e747f9d14a3374be4cdd4ea829a18d7de9b27b13b5e304447f3e9268fa

    • SSDEEP

      96:L7fhfKaGgchPzxK6bq+pKX6D8ZLidGgmkN538:RbGgGPzxeX6D8ZyGgmkN

    Score
    3/10
    • Target

      Graastener/megapode.app

    • Size

      15KB

    • MD5

      6e941ea97a92ac8ee4ac713c354c58f6

    • SHA1

      3f23f03bf6547b2bf4b8a6eb00777a55aaf999ce

    • SHA256

      a3a45b243179f04a923e01a8f360aafa9d628b32354453f08c0b1c31797a534b

    • SHA512

      d2b43f6cf6d7e74c1053416213fcc35c30ca029c0c2f34de9553ad2adb92b923daf83611ba9b7b9d905ad1e60c53434dcd7ea58d3c0bf47ffa8b0e59b6cea489

    • SSDEEP

      384:U5FKcGSrXmxrPAn8EFGftXcMOxFILjA1BoLSw9QVN/Nr:IFUAYDEwftXcMkujKo6/Nr

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks