3d16c0b2b646b27b4c97e8faf25cc0fb6163be6c8a06052e35c871ecdc1a2e0b

Resubmissions

22/02/2024, 23:12

240222-2695bsgf99 3

22/02/2024, 23:07

240222-233wvagf86 8

22/02/2024, 23:03

240222-21plfagb6x 8

Sharing

Copy URL

Twitter E-mail

General

Target

betav6_2.zip
Size

735KB
Sample

240222-233wvagf86
MD5

cd2bb9857320b4a4f8616d3efe956823
SHA1

a7e0809e4475257fda01291a27ff1207a996a185
SHA256

3d16c0b2b646b27b4c97e8faf25cc0fb6163be6c8a06052e35c871ecdc1a2e0b
SHA512

8a8e3d27a344203f47133af92c997a27d236e472e167dd246e97ce82613d8e481e6f16bce74d5aa48032585602c6969c782d22d780308e0fec4801ca07233d3c
SSDEEP

12288:ldYUdLAZAJa2h9j8vAXKb7LGme6f2PyWRq7oGLslRZJbEqFQn9ZjOwK0lu:lRsAk2CIKPW6f2aJoKAvFQnPLK0Y

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  dex.py
- Size
  
  72KB
- MD5
  
  7f6b5c695ac2a3543a9921464a0b2001
- SHA1
  
  0e6d2856a5156bd1b344b0c00786c43fc426094d
- SHA256
  
  8698edb79ed0c8025d3e38313e691d3a580aec4950e73028cfbe1aa38427d591
- SHA512
  
  f1d97f72cd7229856d32ad33321f2188084fe82ffa886b387481141a0b4be2090aa231d454556c4a3702c1692c406a3f0b32632246deebc1a270db39977f07ad
- SSDEEP
  
  1536:spm9vXREPgKx+jFhdRvcAAKLg+jDCQX2mdR6QXuV5jmiKjuCtmHyl4ihlCnLje1F:spm9/RcgKx+j/kA9LpKQJdR6/V5yPjuI
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1
- Target
  
  index.html
- Size
  
  5KB
- MD5
  
  0af3046ee6edfda13b9937e605fb465e
- SHA1
  
  019bfa006ea2b31e293c4d212012385a47c79be4
- SHA256
  
  336ef0c1dbcfb6b43e7443c154cdc4f36b7436ec1c370fe49caae080a8df99c5
- SHA512
  
  ac9d7a442ea7a2b1a96baa3fc2c21ecdcc3bf6427f6f3ccd3e47ac62386e1661a02ca3093c6dc14306260b25d5ac3258b745c80809a902ebaf3dfbf8bfea4134
- SSDEEP
  
  48:pqNmNyhJgg3YyriumLvt+Z5prqRuYZAoFjAfFi6UFnQB2yr08yWDot9mq4/uR6+B:ADrfmeBWV0BUKB2yo8yWD+9HHB1LL
Score

1^/10
behavioral2
- Target
  
  launch.bat
- Size
  
  55B
- MD5
  
  eba1cce2735dee5889cd301bd8d6920c
- SHA1
  
  8603ce6f40ca1e7c96e2d0f73bea0c7f2ce060d1
- SHA256
  
  1a657bd8ee49122a706ee9e7f59d53e8c052213d94febb48134b8e64789f5b92
- SHA512
  
  3c40369fe4755196579a1ac2783e6069d0a49bd159641973e3576b295351495ae7de87085915517e7e9da6f8a601d2658affe63dddaeef8e3869f5a44ce9521b
Score

1^/10
behavioral3
- Target
  
  objects.py
- Size
  
  50KB
- MD5
  
  42d811d9a9b6eaf38796fa43856a25bf
- SHA1
  
  e77278eb211dc69608cbf66e0351ccae6765dc41
- SHA256
  
  e20593f5f3c8c51f578b9643ab35ed8e2088d049212336dfb40855415346ef5b
- SHA512
  
  b6fe10e1fc9b6a881cc66551f716e4eb0df96f6f0e23e05eb90a28983ded73ec4f740791588b22b61e3b7065b9cd372ff9dd67d4779be386d86326f294e77882
- SSDEEP
  
  1536:dVYyxXmTPO4WHyjRfzg3PxqbhMHGPm9hSBFung:LrXmzOWLg3PxqbhMHmghtng
Score

3^/10
behavioral4
- Target
  
  olympia.py
- Size
  
  77KB
- MD5
  
  e2d3dd55819057748b87e440ca04aa76
- SHA1
  
  7cb34f7a396c34c217ab2ea167b398d237164bc0
- SHA256
  
  47356f6f2d33a1b7175d0d78efa9914662a09839082b59a560dbb1019fd973ba
- SHA512
  
  2ca54bcbbd2ab1a3bde5ede95e4a9c1ec85a22fccbe68af1c0f3788118fffe97ecb204944ff0cebeb807de40c26634bc7138714a1a668e05f5ccf9d58a281542
- SSDEEP
  
  1536:XxrdMT7gm16DRkIzzBoGtgE2Y5WvT7GA2FJcvQ6KrP2f4qvZ3lqJ163D:XxrdWgmkDRkmGGtnT5Wb78EQvj2wqB1Z
Score

3^/10
behavioral5
- Target
  
  pyarmor_runtime_000000/__init__.py
- Size
  
  103B
- MD5
  
  3e6a43280f67a1dfe527a31b6e6f9f5d
- SHA1
  
  a7ae7c51c3143c36a3d0722b0596ccd954697aa4
- SHA256
  
  dd990b723ec5ea4b18188374279938e3d01a58809526ec26dda9598d67e78483
- SHA512
  
  ddbfeccc5b6215196d0ea41947cdc5072a7255b4ace8ad655864b51af2e07d4bc66ca90c92c54a902a0d5dcb0fa85d46cf47e787d82163c4484f3a7e531cde4f
Score

3^/10
behavioral6
- Target
  
  pyarmor_runtime_000000/__pycache__/__init__.cpython-312.pyc
- Size
  
  231B
- MD5
  
  3d248dc97d67db3a5a70faa1e21ccbc8
- SHA1
  
  b03f1a6526b96818893e8a630bb61da23dae4773
- SHA256
  
  e434702396ab3379ede9b84ce83f0dc4858994f86ad12d8f786719ac6e8622c2
- SHA512
  
  38105c7c08994dde053008b9776cd2ea6f338748569f6c2eb7451eaa6e0b198583c6a0363221e209f9a3ab8dac09b059bc1299c86d1c906443831accf30546c2
Score

3^/10
behavioral7
- Target
  
  pyarmor_runtime_000000/pyarmor_runtime.pyd
- Size
  
  611KB
- MD5
  
  5402a5c8f6f0e3dd761f5d663f95b7b7
- SHA1
  
  fdb9bda4542fb10811b16a6c7ec1863504a0802d
- SHA256
  
  6318874dbd87e717371ad6e66767c85c5bbe1ac7a5719ca1617ea66d09f62702
- SHA512
  
  1df05c4b35dafe3a1fc45e6c73f4bf2442d6ec0b88ed2a8519c99e4c2d0fee4dfe789f67a7208c7725e8d0e6b657f5214ee9b2c328e09023c6d08c4272aa0368
- SSDEEP
  
  12288:jsX4kuP9hXcuFdcj7fUoPNMNu5RnEGHOs:jsOcuFdcj7fUoPNMNu5Rnn
Score

1^/10
behavioral8
- Target
  
  synapse.py
- Size
  
  72KB
- MD5
  
  039b14c26da9cfc8069a963bc79f7db3
- SHA1
  
  eb258e25536eb2f68c7caec2bf8be2644164a42d
- SHA256
  
  0f10da04c8f34ec7b3253312016ad2ca218e7b28eb29dee10f17b2faf04d07d1
- SHA512
  
  5214727c6b67240558ef3afe8385214517b6136c7ed9862849e563009af822055c4e737da8c32b3ab60102ba662aa6da9978294fdd4a313fc3e2b100d3ac12d0
- SSDEEP
  
  1536:XxDef7ua5lO5J5zb/ApV2ux5oExXJDsRtanbgt2nqQDaeFwuAuPcKH8CA3yU5Rye:heDuaepPE0uQE9JhnbgeqbeFwEPN8CAh
Score

3^/10
behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Adds Run key to start application

Checks installed software on the system

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9