Overview

overview

7

Static

static

3

Raptor_MultiTool.rar

windows7-x64

7

Raptor_MultiTool.rar

windows10-2004-x64

7

Raptor Mul...ICENSE

windows7-x64

1

Raptor Mul...ICENSE

windows10-2004-x64

1

Raptor Mul...er.bat

windows7-x64

1

Raptor Mul...er.bat

windows10-2004-x64

1

Raptor Mul...DME.md

windows7-x64

3

Raptor Mul...DME.md

windows10-2004-x64

3

Raptor Mul...gin.py

windows7-x64

3

Raptor Mul...gin.py

windows10-2004-x64

3

Raptor Mul...tor.py

windows7-x64

3

Raptor Mul...tor.py

windows10-2004-x64

3

Raptor Mul...er.exe

windows7-x64

1

Raptor Mul...er.exe

windows10-2004-x64

1

Raptor Mul...id.txt

windows7-x64

1

Raptor Mul...id.txt

windows10-2004-x64

1

Raptor Mul...ls.txt

windows7-x64

1

Raptor Mul...ls.txt

windows10-2004-x64

1

Raptor Mul...es.txt

windows7-x64

1

Raptor Mul...es.txt

windows10-2004-x64

1

Raptor Mul...ns.txt

windows7-x64

1

Raptor Mul...ns.txt

windows10-2004-x64

1

Raptor Mul...nt.txt

windows7-x64

1

Raptor Mul...nt.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Raptor_MultiTool.rar

  • Size

    4.7MB

  • Sample

    240223-xg379sfb43

  • MD5

    1124c04a788197ef980f95cbdc31721b

  • SHA1

    0e84f7e09740e4486715df88d7ecf651fec7fe87

  • SHA256

    6baa72f1363b421eb90a55654ba36c34521a42a9cddb2ed6a0b8a90c953274f7

  • SHA512

    b9dcd24f6967645706f450c66ff470eccf07b789817145e3868e6b4da54f13cf140d86af4366591bdd563141f0c9d8a6ba7e12795ec8de9a69fe6e2ec5b98ac2

  • SSDEEP

    98304:KhAmwOWmEMiXFZCmCUbDdoRI16c22xxGAFdIEMBQm0OSyHgeLluQX3Q4Nqr:KhbPWmEbHCRIrdxMBQm0OHgwXA2a

Score
7/10

Malware Config

Targets

    • Target

      Raptor_MultiTool.rar

    • Size

      4.7MB

    • MD5

      1124c04a788197ef980f95cbdc31721b

    • SHA1

      0e84f7e09740e4486715df88d7ecf651fec7fe87

    • SHA256

      6baa72f1363b421eb90a55654ba36c34521a42a9cddb2ed6a0b8a90c953274f7

    • SHA512

      b9dcd24f6967645706f450c66ff470eccf07b789817145e3868e6b4da54f13cf140d86af4366591bdd563141f0c9d8a6ba7e12795ec8de9a69fe6e2ec5b98ac2

    • SSDEEP

      98304:KhAmwOWmEMiXFZCmCUbDdoRI16c22xxGAFdIEMBQm0OSyHgeLluQX3Q4Nqr:KhbPWmEbHCRIrdxMBQm0OHgwXA2a

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

    • Target

      Raptor MultiTool/LICENSE

    • Size

      34KB

    • MD5

      1ebbd3e34237af26da5dc08a4e440464

    • SHA1

      31a3d460bb3c7d98845187c716a30db81c44b615

    • SHA256

      3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986

    • SHA512

      d361e5e8201481c6346ee6a886592c51265112be550d5224f1a7a6e116255c2f1ab8788df579d9b8372ed7bfd19bac4b6e70e00b472642966ab5b319b99a2686

    • SSDEEP

      768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum

    Score
    1/10
    behavioral3behavioral4

    • Target

      Raptor MultiTool/PackageInstaller.bat

    • Size

      285B

    • MD5

      9c2ee579f359da27ded92dbec3e1f5a3

    • SHA1

      e9f8baa1cd011d0088629f5ad7cc6f54da46d302

    • SHA256

      869b059ff9549619c56cdca0d54bf7ba59e2ed04830effb23e047025d20a3ad8

    • SHA512

      38faebab083ef29436bca8c4194e544c5bef7a5b7e9a5b207dd4c05b494a28b6539d9c7659ae9238cab3c9e816163eb29ce84798a8c40e31d4567ea79acffc76

    Score
    1/10
    behavioral5behavioral6

    • Target

      Raptor MultiTool/README.md

    • Size

      1KB

    • MD5

      28392c6c637af5dfde2450d28cbd08fb

    • SHA1

      205df530fd2f3e293516874c246930ad92e0a3c3

    • SHA256

      32858abff7dd8079ce4460aa2c19ac996692355135717d3482ed111d98c4a689

    • SHA512

      2c727970cfb82df1b6cb92096a1192f6d27d83632be152a8cdca94ab1677807aa91b5b0ae7e4459fd15d9b2426b94fa14797e19af9f049a4d059992c54999c6b

    Score
    3/10
    behavioral7behavioral8

    • Target

      Raptor MultiTool/Raptor-Login.py

    • Size

      10.0MB

    • MD5

      0dd1c950fc2a4d4e3032caeb40ac11f0

    • SHA1

      77495a7c05ba4e2e532995c4eedc82a62c5eb171

    • SHA256

      e1dd6f14a8a4dab7c48f681e1d82ff8fc5cc38556d37c5000c136fd335cb875f

    • SHA512

      5eb8df2290e06b1f47825b7db20163b5fc4b0301b6c09a8474859499ee73b4ab2205b3bb6a669a726e83dc937a60e85faf15709e5bccf17e34c0a3c838fc8bf0

    • SSDEEP

      768:0RL7qOcrowVw/lfPIeHxONHGb2yafsTf6KFmfm55A:c7VcrLVw/lfPPHxOIb27kf6fWG

    Score
    3/10
    behavioral10behavioral9

    • Target

      Raptor MultiTool/Raptor.py

    • Size

      164KB

    • MD5

      e2c354e44b0767bf9d5df1713ee5875b

    • SHA1

      2ab39c14c778ee857d90319459be9736cf57bad4

    • SHA256

      30a3f4ac8bed4961025c3e5e29ec70f58d09fa58cd4e3b0f1b848351d1f0c082

    • SHA512

      c69b8836e05ad32142ea5a96cbb67072917495f950c393082d6e2843f65a4e7984780ddcca9c93b629e450b819f71462804fd1f50fe26e8b8358884c242390d9

    • SSDEEP

      3072:e+gfgegrQeg4gseiQeepeIQWgmgQgsYNVCQygFghgoQQgRggQIgCN+LZL5L7gbgt:e+gfgegrQeg4gseiQeepeIQWgmgQgFTe

    Score
    3/10
    behavioral11behavioral12

    • Target

      Raptor MultiTool/chromedriver.exe

    • Size

      10.8MB

    • MD5

      87991caad7287d0ea7726e3e2611ae5b

    • SHA1

      ea37551af895f41151566a66ca43949068f96978

    • SHA256

      b4b1ab81c69ea98d5892a45c31aec4be028e697de488aad9a9ccd1786f426afb

    • SHA512

      37bb459378e3a7046239fb9e860cdad981da6db48b5da762996493bf48e3c00eda6e76401b8c6d7e525d013297a0f02381a89d2ec269d45198af9a8d09d20841

    • SSDEEP

      196608:v4zih0s9SoirdXiURJrKMR9WMtJLLmrO0nTXEf4+NYQWXaF/oclJb+LmHPMdnbMw:wmDixXiURJrKMR9ZtJLLmrZTXHLclJb

    Score
    1/10
    behavioral13behavioral14

    • Target

      Raptor MultiTool/nuking/Member_id.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    1/10
    behavioral15behavioral16

    • Target

      Raptor MultiTool/nuking/channels.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    1/10
    behavioral17behavioral18

    • Target

      Raptor MultiTool/nuking/roles.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    1/10
    behavioral19behavioral20

    • Target

      Raptor MultiTool/tokens.txt

    • Size

      19B

    • MD5

      82a1effd57e0fafab997a37ca9c3fffb

    • SHA1

      fabe8837599191b48e7b94249670c318c4926e92

    • SHA256

      51b47296a6db347f3e8e5e88dd5ffa6daed383ee33fde302ee66120dc4b4222f

    • SHA512

      990bd6f30c5a576c6e441b752da867d3ca290fd81a8b96ad39956c79ca67c0f92a7cfee4b9747cef32acc4c719318757b4c81dc61d2fc6c564f851e30e94735b

    Score
    1/10
    behavioral21behavioral22

    • Target

      Raptor MultiTool/useragent.txt

    • Size

      107KB

    • MD5

      99be887cf4153212387cf09e7b2c97e7

    • SHA1

      5695f846a41bc899ac16898ce8572554a43a9377

    • SHA256

      f57689b07b929f2411293362a74a27cb4fa98548a5132c692e9d65c3173b4fd6

    • SHA512

      443c34115be5056f0f990b8bee66da3f68a910ab638403d582b86b7abe9a8e542e13c8af6d7284c9e8c523cd0bc7ddf15a09b3eaeed1c85dcb4941055b233baa

    • SSDEEP

      384:gVyfd3K85+0RGDv8Vw9NF2OJb8d+45kyypFsxKA5tapSfVr+iPLTfrlbFHDz:plQ0mw75gpFIjfr9Fjz

    Score
    1/10
    behavioral23behavioral24

MITRE ATT&CK Enterprise v15

Tasks