General

  • Target

    ReYANG-Windows.zip

  • Size

    22.7MB

  • Sample

    240223-sdl3csbf25

  • MD5

    a150089be54a7375f3e9c7ed51a8784b

  • SHA1

    16d741a238f7d1a4e11d71dd0df24d3f91cbc698

  • SHA256

    3682eb85d6c27e72adf2bb1de1888946287d7ab2daa9d4ac58a4c0b2858f5182

  • SHA512

    d1687dcbe3a6c46343d17ed4e0cbffc4a971aaf074c6aefde66817cd37ebe0a2680367cb55a63f003b55c470cea02338a27c4fa1e1fe0d8d09e0f3a6234c60ff

  • SSDEEP

    393216:+vw4wK/gsrlVwgqI59D8exrbwANXSLIPwMeXSD072hGCl+vIZiUt0gCmqlA4k5wC:+oVKrR5qI59woPXlScTeXSYhCqI0UGgz

Malware Config

Targets

    • Target

      ReYANG-Windows.zip

    • Size

      22.7MB

    • MD5

      a150089be54a7375f3e9c7ed51a8784b

    • SHA1

      16d741a238f7d1a4e11d71dd0df24d3f91cbc698

    • SHA256

      3682eb85d6c27e72adf2bb1de1888946287d7ab2daa9d4ac58a4c0b2858f5182

    • SHA512

      d1687dcbe3a6c46343d17ed4e0cbffc4a971aaf074c6aefde66817cd37ebe0a2680367cb55a63f003b55c470cea02338a27c4fa1e1fe0d8d09e0f3a6234c60ff

    • SSDEEP

      393216:+vw4wK/gsrlVwgqI59D8exrbwANXSLIPwMeXSD072hGCl+vIZiUt0gCmqlA4k5wC:+oVKrR5qI59woPXlScTeXSYhCqI0UGgz

    Score
    1/10
    • Target

      ReYANG-win.exe

    • Size

      45.0MB

    • MD5

      b23926a5155fdb7b6a2b346798b3ed89

    • SHA1

      f765081c0ff0e84008f30dcdf75293ae5f79a7b3

    • SHA256

      840a59be8a916081f7f969ece99b1986ba2b46f9c7d3ea23a2e39fee6d16f090

    • SHA512

      94d3a32d4c862079ffa52582ff3357bbdfeffc40fb1761702249e9de461fdfcf1198a95f3589e34ce0c495b4b2ec273122abfb6697d3efa079407fe6d76ac4fe

    • SSDEEP

      786432:fMguj8Q4VfvSqFTrY3KeKv6xugIm7DpZI:fiAQIHSkHb6xp7DpZI

    • Contacts a large (535) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      config.yml

    • Size

      1KB

    • MD5

      98d55c31ac02b32ac3c147cad3a97ed0

    • SHA1

      1d72218c5cdd5cfe65187d66833eeaa16fad9368

    • SHA256

      b61bac80531f43058953c0747218203b4794908db361ed0a032d79f1168f6bdc

    • SHA512

      36e48ab538dc41350ad4cb2a0127a1727db54b136e65f12526ac1648d884e462a28ebf7f7ca85eff37da5e7de9baddac9b28819395e65a7eb3dc83dbdd50f78e

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks