934be49d3344aefac5ece50281a4f28742bba14418ad410c9d630b6ff89dccf5

Sharing

Copy URL Twitter E-mail

General

Target

Captcha-Owo-Bot-Master.zip
Size

284KB
Sample

240224-hsqzrade2v
MD5

7685926525212aa05891f7151a34776d
SHA1

369a86402da3f320448da3cc91e863310517acec
SHA256

934be49d3344aefac5ece50281a4f28742bba14418ad410c9d630b6ff89dccf5
SHA512

ab312f73bd1e63c6ca315832919740cc6a418fe2d42f35c6ea243a5a711d785199ff4f8ca71f407e58803b79de60358ce762b19267555aab12f332f68cb9a179
SSDEEP

6144:FKM7rs0TW0M+7WgE0JfxRBnKZNpIpYkPWjAqve/vbeJjkj:FR/s0TW1sUsTBn6sFPWjAqvabeJjkj

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Captcha-Owo-Bot-Master.zip
- Size
  
  284KB
- MD5
  
  7685926525212aa05891f7151a34776d
- SHA1
  
  369a86402da3f320448da3cc91e863310517acec
- SHA256
  
  934be49d3344aefac5ece50281a4f28742bba14418ad410c9d630b6ff89dccf5
- SHA512
  
  ab312f73bd1e63c6ca315832919740cc6a418fe2d42f35c6ea243a5a711d785199ff4f8ca71f407e58803b79de60358ce762b19267555aab12f332f68cb9a179
- SSDEEP
  
  6144:FKM7rs0TW0M+7WgE0JfxRBnKZNpIpYkPWjAqve/vbeJjkj:FR/s0TW1sUsTBn6sFPWjAqvabeJjkj
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
behavioral1 behavioral2
- Target
  
  HuntBot/LICENSE
- Size
  
  34KB
- MD5
  
  1ebbd3e34237af26da5dc08a4e440464
- SHA1
  
  31a3d460bb3c7d98845187c716a30db81c44b615
- SHA256
  
  3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986
- SHA512
  
  d361e5e8201481c6346ee6a886592c51265112be550d5224f1a7a6e116255c2f1ab8788df579d9b8372ed7bfd19bac4b6e70e00b472642966ab5b319b99a2686
- SSDEEP
  
  768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum
Score

1^/10
behavioral3 behavioral4
- Target
  
  HuntBot/README.md
- Size
  
  2KB
- MD5
  
  cae438bb300819db8551f5d5892a902c
- SHA1
  
  000ad78eeaa9ed90268fc35013f717a0a955cb2e
- SHA256
  
  da437a45b62ebd5004bd798d8f71fe44d085207945a12adb1cf535be73adeb70
- SHA512
  
  5ccc64752d9e1d1316aaff10ffd3d08b7fbd117fc96ac93c945d167c592f3ae7a14c0fdb4e2c7924406c7fe6ff179fcfe5592c418c9efe822b065f32637e43f8
Score

3^/10
behavioral5 behavioral6
- Target
  
  HuntBot/assets/addtopath.png
- Size
  
  98KB
- MD5
  
  98b13c310881170fdfdb1ce007078e53
- SHA1
  
  454c1d69a7a761adfc5f44247729b91dd7fe87ba
- SHA256
  
  ded8f4fad6eebd3da10eb6afe2cf03512702a8c0fdf492da3a19bfb02113f40e
- SHA512
  
  ed930894f5020774374942f9d95b6663680a6f780d82be19fbc219ddf5e30700934c2b3a83fa2c1e3c39bf9ce09f3f364a04eb6f5db5db8ff100850f21b71612
- SSDEEP
  
  1536:IJmfR9ZnSQbft/ylZ+/hmTofIUlbeC+ExdGAKrv1zMhFmXs7:JfVdylZ+Jm8kCVxdiv1Ye87
Score

3^/10
behavioral7 behavioral8
- Target
  
  HuntBot/assets/ekran.png
- Size
  
  20KB
- MD5
  
  1638ca3f6a130391f9122de845129c6e
- SHA1
  
  b7b79bb000f9898048d0811e530f5ad6f7a00576
- SHA256
  
  555be7a62bcd2b2d5ff08447179385c4269d90700a19a0ce11368230a7f352cc
- SHA512
  
  1237b60873e3edd0e16f79e02b1231e85fa594b1229096f20a02942f5b2bc8b64f892638dd199f1ee408a41cf7d20b87ff9298c63dd0539d6edd41f75db7913d
- SSDEEP
  
  384:Tnv9ih9ia24GSFkRolB/Tu2eBkuZp6Bqd77/1T8KIOGXKOllhOJvF:Yh9ia2jSFkQBLun3ZpmEXdYKBGXKmOJN
Score

3^/10
behavioral10 behavioral9
- Target
  
  HuntBot/assets/nodejs.png
- Size
  
  10KB
- MD5
  
  6bfc5831ea553e605d302a7e495ab98c
- SHA1
  
  ed60fb72b10c02132d7a0723df193280925b3317
- SHA256
  
  4141623f989159478d37042f8e84fdb031e51aff8d6b9dad9119756339ead325
- SHA512
  
  639914480c4edf181e6fd202d80e13304f66c3972cc63495749c8a4df85d06e50e85d3a4571e133fc0b057acebc87e2e278542cfb6c6d5a23ed93d13c70d5ae7
- SSDEEP
  
  192:W3xNJAWCvjd+HEz5aLYDiYCPSmw4o6Flm7vjNmQYmf6O8zDb6p+vzm6jy45:O7JUjdZ5zE/wUe7NmQ8xDLjy6
Score

3^/10
behavioral11 behavioral12
- Target
  
  HuntBot/assets/tehlikeli-hesap.png
- Size
  
  128KB
- MD5
  
  f1fac636d0f241aea285908e9af3de56
- SHA1
  
  92f8e751e70787bf7c72f480f7a863b34f39e116
- SHA256
  
  5fbc5362cecd92831fa6c4400bd6cffc45e1c0d74707ca95b91cedb3b6de20db
- SHA512
  
  d55f8c5be2e8f468748193e23f832705dc450e7f5dc675aaadf45a06e792eb03be543b6d338ac04533f83fb4f9fee173ad38357d02f7961b8c4edad4e4db1855
- SSDEEP
  
  3072:zvi/yoySi4meL6Y4SZikvHSfyHqlne5i2FHjubdeEhhhhhhhhhhhhhhhhhhhhhh3:u/RXf/6oZVyfJ2Zod7jZ
Score

3^/10
behavioral13 behavioral14
- Target
  
  HuntBot/commands/bilgi.mjs
- Size
  
  456B
- MD5
  
  9d9274fd3364bc1ef9932d217412545b
- SHA1
  
  432e5c78856ee76e6d94ac638c18d51a3420db4e
- SHA256
  
  67aae75970b6d7e30e7a439b730c32ef05190fdfd5996b67d764cf80e9065c52
- SHA512
  
  e221a94a427ec4c024fcaf639171871a82fc691cb414b6520de6f5ee60551366ce082a5821171240f7234849fd10ad5805b8802c2610cf365ac9a9dca8d88cba
Score

3^/10
behavioral15 behavioral16
- Target
  
  HuntBot/commands/devam.mjs
- Size
  
  619B
- MD5
  
  78d7ac13bddce932896061bf7d99de56
- SHA1
  
  c9afebf54e46156a88a0f3eb109a0b5d49699a6d
- SHA256
  
  f4f091adee2e4ea461ce73e02673f332d89f84b45f456d1657524bc9b6a5bbc7
- SHA512
  
  412cce161ce07d349c363d696af2cdbb91f68860576db1bdb168b6f2b65ffbadd7b360eb1c4be950a4e90c65ca9b4428c335484cdb102e510e257dbbe9f860be
Score

3^/10
behavioral17 behavioral18
- Target
  
  HuntBot/commands/dur.mjs
- Size
  
  517B
- MD5
  
  1a3ba9c94a4e781f2fc38dfe60a5a0a9
- SHA1
  
  79d68fd6ced0b9a8a04aa20681f8e3e15be6b6fc
- SHA256
  
  c1a0055b902fc07ee1bce6d0e1ca50a0fc6194cf70831f52573db4a4216795ab
- SHA512
  
  f3b93a0abab70729183ab7d25a6f26cebe90a6c0843e83417c0777e6633fee279d9628ab3dbd7c0ee92fe8983920dd480df0d55ca8aaa5d46d3fa120d96df51d
Score

3^/10
behavioral19 behavioral20
- Target
  
  HuntBot/commands/durdur.mjs
- Size
  
  190B
- MD5
  
  d72c9f9b5b97290b4a42ed62bb1441d2
- SHA1
  
  ae303e32ba6e795c0bc5c7f779c54f7ad0fe96f2
- SHA256
  
  a8a9df9b6e3b4ba62c68a083d1f4a56c1b190d382c419587a790010435ce66d1
- SHA512
  
  3d3bb1deca9da1b880e766d6790cce0b079f238726111e913f03c678bc7c084b92dac0a60d68d729a5d5f7699549b3e6de96ed064b9621ec828e7fa0688c3f21
Score

3^/10
behavioral21 behavioral22
- Target
  
  HuntBot/commands/ping.mjs
- Size
  
  154B
- MD5
  
  9a85592f515742b53d7bfb46e66535b3
- SHA1
  
  20d20c1b76916b4d948d3f9e8d027122b3bc19d4
- SHA256
  
  f913f4e32dd2fa74dfab1a6d11e97260bd776803239eecd3f4d75621afb6ffdf
- SHA512
  
  f9292d14e65130ace535c01c5730d75d49b7f549a1e9bbb530ba2961babcfc26fa65282cd365083510387ff01e31f43c82fec06d394dfef4dbdefe0c139d9610
Score

3^/10
behavioral23 behavioral24
- Target
  
  HuntBot/commands/say.mjs
- Size
  
  185B
- MD5
  
  cef2f9c4efbe3aeffe485da8a93f614e
- SHA1
  
  52dce8d98b9e261562d1c75389cde7236c204c0c
- SHA256
  
  01e9b2d84aa031e1295c06883c8dce45e351cd74cae77c6b960954bb671315a4
- SHA512
  
  20f3a347a97781e85bc2e8d0b8d42657cd651207c0978310ebd941f8e6c38583df7fd211fb2504226ca0f23c0ba8c87e3025d0c1f3bcc3cba57a2619d083a62c
Score

3^/10
behavioral25 behavioral26
- Target
  
  HuntBot/commands/send.mjs
- Size
  
  1KB
- MD5
  
  eae44644ea02e136d43c4d571490e56b
- SHA1
  
  3b454ea0786e9e38bf86bfe6db06e19170df905b
- SHA256
  
  bf61ef671a795e641f3cbc685cf6e27c0823429e002d3eff4931695178adf730
- SHA512
  
  fcab9eda5dfc72e2773b67f73a9552475bec49e1afe8170d5c87d69f01970f095add8b934defa3b564e3bbbd5e1f67e4d82865c7ff91b82cb9543ea5d9910e8e
Score

1^/10
behavioral27 behavioral28
- Target
  
  HuntBot/commands/yardım.mjs
- Size
  
  553B
- MD5
  
  0f2c95e05a19a82b1c35dc5d11bbcbfc
- SHA1
  
  490518566ffd76a5ebc64995a05a3de6390be7ce
- SHA256
  
  f84c6cbf313312af9eacd0e8834fcf4b4dd39fb535939f8f3db0860e87495d4b
- SHA512
  
  1083e6c687e42eb99622a9f2e0734524447a0e4aa7abecf57f66b01ad8bb973d52ebf2b834451722f783f1d8e6157aecd97f6e5e09e1aa713fe9e35d70f51a2b
Score

1^/10
behavioral29 behavioral30
- Target
  
  HuntBot/commands/yenile.mjs
- Size
  
  360B
- MD5
  
  9bf500c4b12d721e082fef9e5061181d
- SHA1
  
  26ec1ee0a372e09ddbd8ab7b7aad82d23e721be0
- SHA256
  
  4ce8ebc3f7ba9adb07fc5e14891d164f881f2fba996f182195723d3aa6ea837d
- SHA512
  
  342e08dbc99db03a6750ed02585514a4e5737dbda957dd052161581afcb64bc3a83a6fd66f0d70f45be6400c56b32a418e1569ebda6aca9625ecfe26d215e758
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Modifies Installed Components in the registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32