Overview
overview
7Static
static
3CyberSniff...ff.exe
windows10-2004-x64
1CyberSniff...ff.exe
windows11-21h2-x64
1CyberSniff...ff.exe
windows10-2004-x64
7CyberSniff...ff.exe
windows11-21h2-x64
1CyberSniff...PC.dll
windows10-2004-x64
1CyberSniff...PC.dll
windows11-21h2-x64
1CyberSniff...rs.dll
windows10-2004-x64
1CyberSniff...rs.dll
windows11-21h2-x64
1CyberSniff...pf.dll
windows10-2004-x64
1CyberSniff...pf.dll
windows11-21h2-x64
1CyberSniff...on.dll
windows10-2004-x64
1CyberSniff...on.dll
windows11-21h2-x64
1CyberSniff...et.dll
windows10-2004-x64
1CyberSniff...et.dll
windows11-21h2-x64
1CyberSniff...ss.dll
windows10-2004-x64
1CyberSniff...ss.dll
windows11-21h2-x64
1CyberSniff...ap.dll
windows10-2004-x64
1CyberSniff...ap.dll
windows11-21h2-x64
1CyberSniff...or.dll
windows10-2004-x64
1CyberSniff...or.dll
windows11-21h2-x64
1CyberSniff...nt.dll
windows10-2004-x64
1CyberSniff...nt.dll
windows11-21h2-x64
1CyberSniff...if.dll
windows10-2004-x64
1CyberSniff...if.dll
windows11-21h2-x64
1General
-
Target
CyberSniff-Uncompiled_1.zip
-
Size
4.8MB
-
Sample
240208-ff7evscg46
-
MD5
710854f2995087ff46c862c925d26b70
-
SHA1
0f5f3e9fbe7e5219de6056886518701849dc244c
-
SHA256
ab459e8edeb68356aa4774bd2329635783e791473943ba42bb33ce40a50a9601
-
SHA512
4fafcd5dc151d3d88c29b03f9492ffb85aa19fde7ed40ea409ac6fba63de0462b3ae7fc7cae7b06d88a37fdad8c46edb2c114d8e4cc663f7622800b2927c3fd4
-
SSDEEP
98304:RZxysZQjr0nYLsNmVII2mlm9k20N1N1eelfEVp5lkKfCTBj6GI+r9WviiuY/rIM6:RPtZkLsNEsmi0tLfEV1kKfCTpI+rciV7
Static task
static1
Behavioral task
behavioral1
Sample
CyberSniff-Uncompiled_1/CyberSniff.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral2
Sample
CyberSniff-Uncompiled_1/CyberSniff.exe
Resource
win11-20231215-en
Behavioral task
behavioral3
Sample
CyberSniff-Uncompiled_1/CyberSniff.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral4
Sample
CyberSniff-Uncompiled_1/CyberSniff.exe
Resource
win11-20231215-en
Behavioral task
behavioral5
Sample
CyberSniff-Uncompiled_1/DiscordRPC.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral6
Sample
CyberSniff-Uncompiled_1/DiscordRPC.dll
Resource
win11-20231215-en
Behavioral task
behavioral7
Sample
CyberSniff-Uncompiled_1/MaterialDesignColors.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral8
Sample
CyberSniff-Uncompiled_1/MaterialDesignColors.dll
Resource
win11-20231222-en
Behavioral task
behavioral9
Sample
CyberSniff-Uncompiled_1/MaterialDesignThemes.Wpf.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral10
Sample
CyberSniff-Uncompiled_1/MaterialDesignThemes.Wpf.dll
Resource
win11-20231215-en
Behavioral task
behavioral11
Sample
CyberSniff-Uncompiled_1/Newtonsoft.Json.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral12
Sample
CyberSniff-Uncompiled_1/Newtonsoft.Json.dll
Resource
win11-20231215-en
Behavioral task
behavioral13
Sample
CyberSniff-Uncompiled_1/PacketDotNet.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral14
Sample
CyberSniff-Uncompiled_1/PacketDotNet.dll
Resource
win11-20231215-en
Behavioral task
behavioral15
Sample
CyberSniff-Uncompiled_1/SharpCompress.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral16
Sample
CyberSniff-Uncompiled_1/SharpCompress.dll
Resource
win11-20231215-en
Behavioral task
behavioral17
Sample
CyberSniff-Uncompiled_1/SharpPcap.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral18
Sample
CyberSniff-Uncompiled_1/SharpPcap.dll
Resource
win11-20231215-en
Behavioral task
behavioral19
Sample
CyberSniff-Uncompiled_1/SimpleInjector.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral20
Sample
CyberSniff-Uncompiled_1/SimpleInjector.dll
Resource
win11-20231222-en
Behavioral task
behavioral21
Sample
CyberSniff-Uncompiled_1/System.Management.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral22
Sample
CyberSniff-Uncompiled_1/System.Management.dll
Resource
win11-20231215-en
Behavioral task
behavioral23
Sample
CyberSniff-Uncompiled_1/WpfAnimatedGif.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral24
Sample
CyberSniff-Uncompiled_1/WpfAnimatedGif.dll
Resource
win11-20231215-en
Malware Config
Targets
-
-
Target
CyberSniff-Uncompiled_1/CyberSniff.dll
-
Size
2.2MB
-
MD5
6bf3a2f9268f9cd99552aecfa10a6abd
-
SHA1
ae49c79144df631328f74d08c806a0d999756eae
-
SHA256
e23b27f3242ac9d3a94717eb06e20acbb229b125673430a3ac3dcfb7e73bc944
-
SHA512
b46562ac5cc657a2166dd4fb6692a14d73b7e439c829c6db7591de767fc2e9c5a95276b785032e1d0a76cd5cc1e89b902a23813cbdf649eaf27bd89bf0ae6561
-
SSDEEP
24576:Gj+JxH3eCsapypA2p7CjapypAZreCbapypAjl7CcapypAPW17:QweCsagP7CjagUeCbagE7CcagGW
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/CyberSniff.exe
-
Size
161KB
-
MD5
8d130996fc33ba685a1c95c06db984cb
-
SHA1
a2dfe8044ee494582cad82a099c14b1819b79d0b
-
SHA256
895fef1d7338661aa3cd4f40fd226262c642310169835c270994904e81380d26
-
SHA512
ff895da3f850adbe3e5e18391480339e521c018b18245254c9c36697481af9c10e4628ece4abfc6091ffde0a19482a7f4e0a692912db5aa4375f08c068cc5557
-
SSDEEP
3072:mguAgTsGLYEZl70PsLko1Gs2T/0oim/JbRZzlZ2pfqZ1:m5twsLko1Gs2T/pPlZ2xq
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
CyberSniff-Uncompiled_1/DiscordRPC.dll
-
Size
80KB
-
MD5
9ed0cc60faa1ca995f75dc8b4bf407c4
-
SHA1
87dc3a8ef47d8b2f6c0c4570adfe91188b7dc960
-
SHA256
acfde5b1463c95832dd7757a0407d7b81584d1f2aa5175095ca88a47535b2557
-
SHA512
9ae2c83aff79dbbde9ac3499a52398241cb9342eb12d3212dacebbaf5dd3d25fb1675b2a27982cbc77f1eb3f025ebc23b28581c40e374979d64fac3aad7c2771
-
SSDEEP
1536:q+nxJexI0myeXrvyBuaekzvaUUozZPM9o+mnxVS49:q+nex5mRXrvyzTe9o+mR9
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/MaterialDesignColors.dll
-
Size
295KB
-
MD5
914c26874567d180a2dd407aa3fb12f6
-
SHA1
bf2f6ffde84453a1fa559c485c2209ed5f6028f0
-
SHA256
aed3efc36186c40c758df954b76f5be4a02eec64486c32aa65a2ca877ea5f21f
-
SHA512
1af5d387b62cdcd03d1236461a82c00435ef00fdbb83fc0adf43ad6b64071d4fcc2384ff8eecc670be8915e4881524d1157190e452b6572b0702024ca45ef0f5
-
SSDEEP
1536:LUNSzgEIbkIbRDu/UQXwQdU7fKoVxbdsuK:LpztIbRDKUok7fKoVxbpK
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/MaterialDesignThemes.Wpf.dll
-
Size
8.7MB
-
MD5
b6b346f60f7943ea6b0d2cd3e37cdea4
-
SHA1
8af329bc72d78a449612bf0d3c9a7744afb71849
-
SHA256
8c32f2872fb86c65c01dfea688afc48c22013672976219bc1ae2d2d16d285d8d
-
SHA512
47174a9f9d70849328262b04d998aed3f01dd6acd896a3a5f1f1a0452ac2bc622114790d6915c1f5a43e040c7d5a3b9e9a4a64a28d06c5699111f333153b95ff
-
SSDEEP
98304:COlXJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fS0:CSnJ45/9iD54+V11bFv4z
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/Newtonsoft.Json.dll
-
Size
679KB
-
MD5
916d32b899f1bc23b209648d007b99fd
-
SHA1
e3673d05d46f29e68241d4536bddf18cdd0a913d
-
SHA256
72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
-
SHA512
60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
-
SSDEEP
12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/PacketDotNet.dll
-
Size
279KB
-
MD5
a6a8334de471f57cea7dfd133b435a59
-
SHA1
c889fd7f49eb8afc5a4f8e8bd3bfbc003d2cde70
-
SHA256
4cff6d1abafbb93b79632b2a2f4990b93bdbdf1c2bb6965629bb9e085ec3e8e3
-
SHA512
e2f98d3417800edc32780c120e05ab0212e5ac0aef301c107d17cd49846c82cf6d5bddd8ffbd93f051bc3f232cec3837e639241ecbe09ab2a9b9c3334929fd2c
-
SSDEEP
6144:7Y2fkCf7xFIPxmdRBqeZ/PAJ3JARB7+iN9L7Y9mYRGj:7ACf7xFjRBqeZ/P1B7+iN9Q0
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/SharpCompress.dll
-
Size
548KB
-
MD5
76cb31819dad5b386cf995b9ca13a76c
-
SHA1
fc526128f986aeebed2829296c4c54108d84551f
-
SHA256
963e2620197e09a3e246ce1e751b042c849f78f84b5e472517510d113b9965bc
-
SHA512
47fadb24407a080fd8434568c798f134b2ff947cee83c938f8ff3e047c864f25e31a7fbd84fff89030037d7e6e0d2a11c2a990a43d4a81073b38fea9ba807cbb
-
SSDEEP
6144:xRNu3An7qcTExl69Jr0ayPkvmadx+liQZh6c7K03BpMXSEoMmT:xRNuwNSl695pDd2h6mVBpmza
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/SharpPcap.dll
-
Size
68KB
-
MD5
0ba9a0e2f4c6122cbd221f9487e6edd0
-
SHA1
bd28b2e5ed1a2de6172b678f40fcf15cad0a4082
-
SHA256
9653c299268b81788ec3d9d30ce75e92f8d14846e8428254d80702c46a857938
-
SHA512
29f85ec19986578feb3890f3c772e4d4a3aee09034cf597e24a77baf53ee001766229cadc1ef623111fdf35f594f63900a25e3157b21a6b62fe6a5f8c2be2f79
-
SSDEEP
1536:S6H0fdjXIxhoM4zlUmOMxMjzijzYjzdjzSZGNfwvC0ZQzjh:RyIt4pUwMjzijzYjzdjzKGNfJ0ZQR
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/SimpleInjector.dll
-
Size
443KB
-
MD5
f41812a9dd2000c8ed266b0fdde6448f
-
SHA1
099b4ad395479dde5948e4a384cd6aa3ba76829b
-
SHA256
b8da962f4852afee72c179695d7bb0de950e6fb55634a38b36433efc19c6b784
-
SHA512
2587c94ecd292f8dedb19228ae9f03c92218f43fc89fcf4cd2a68ff7b5d50627c2d42618bcef924d15ae7d8703a803e8309e082b2bafbb00c53d874d22e31598
-
SSDEEP
6144:HSuyk1Ao4/Xl2+YGAxKeQypviRfW4C4TxHKbdMiPjxUO2:HMkYUEANiBnpKbFUf
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/System.Management.dll
-
Size
284KB
-
MD5
83cda4cc597e6a0b2ebbd1b8f41e94d3
-
SHA1
10415fa323a21d412eb36e583a98385088065d61
-
SHA256
aa474c96b9fd17cb3580d89bb8eb716cb1407c89026b5e8180402666eeeb766a
-
SHA512
ff7d869d416e3c47c082b8bd2d6907bbbe457d17d093cd84f66d42b978d143c088e008388041b440b01f7d82e373dde9b1b5c1acfd9553f98a63fa579d7ec8d2
-
SSDEEP
6144:HG17jgxtTSfK7JK7XUUmhOzZiRZHhGASipzvZhHcx:HG17jgfefK747ZmhOzZiRZH2wgx
Score1/10 -
-
-
Target
CyberSniff-Uncompiled_1/WpfAnimatedGif.dll
-
Size
42KB
-
MD5
bd86598613f23b58a5e11ce0023fb14a
-
SHA1
3fdfc27d65d4c271f40af0bebc88b894de83b2f8
-
SHA256
091c944f2db95521f9190319173f17848d515da8f5a2374a0ab680406ba65914
-
SHA512
26351713cd36f2504d32f0ca980c51fdc5c225b5ae4af1418a2cdf42aac285b82970d902dfbf3eb52c6600878ee594f76deadc30823f0048e689a83b56cc11eb
-
SSDEEP
768:o4F3ZIiQwls5bcabDFfQe/sYKRGbIoCHQyv6UuY4xVqvW:o4F3ZIiQwlQbDJb/sYKRGnCwyJt4Hd
Score1/10 -