General

  • Target

    Injector PB WIN 10&11.rar

  • Size

    975KB

  • Sample

    240227-2tzg3adf4y

  • MD5

    c41ac7ac557d704c620e65da87f59a74

  • SHA1

    c6e28d0bc6659a3d98834d6686f0171d723e172e

  • SHA256

    76f096d6db67eeba724c32826df38ba2f65c8efd6e4e9d67fc0e91eb218c4b90

  • SHA512

    e5cae39232ed5ee19857cc84b97adbb538f7e4f26b915956f8cd46699b43398a7873d9ca9e48e6efca326c8a73334f510b50bc934c21ecabfcc0a0c05dce43b2

  • SSDEEP

    24576:iZjImoRgcREoiwzIOOz0D43smKES64NPBGInhYOAf:iZjIpg8EoPIDK43Sd6o4Inq

Score
7/10

Malware Config

Targets

    • Target

      Injector PB WIN 10&11/Baca Penting !!!!!.txt

    • Size

      81B

    • MD5

      0d5071e86e2422a82f8c2e202f9e2974

    • SHA1

      bc38360ae4f840b5c8ac6e93a3743f079b14bec9

    • SHA256

      90072956962dd31743b36e7685e8355a7130eab40afb0ef4775f1ef88c0e3c3f

    • SHA512

      54b317bfb717d1186ed57c65788b106e7e84136f7248528952347b0acd055e92f5666fd484a03f15b5b7b53118cbc3e4f9631f79b77689ec3ff5765842c4f7ca

    Score
    1/10
    • Target

      Injector PB WIN 10&11/Disini Chek HWID.exe

    • Size

      27KB

    • MD5

      dbc4fd754c9208978790d65a2dfd2534

    • SHA1

      78da73e6bc97dd4654f1ca172b8af7cd7a8f2c5a

    • SHA256

      56df5bdf5eab089399b36bfd75927fb4b19074f812657aef5067a54bb0c3e223

    • SHA512

      211d452e298fd4b7f47e7973401e51a76a443303ac9b2acc15fb54e23227f5a2d1f04fcd52c4a1c79f9587c8f66668d900077b825b38d5c54f02538ed6346d11

    • SSDEEP

      768:qdMKW2j6uFSIkxQQu/tfRXMgd07ZqMVWRZa/E:nKW2Z0Ik6Q8tfTd0NpsZEE

    Score
    3/10
    • Target

      Injector PB WIN 10&11/Injector PB/Bunifu_UI_v1.52.dll

    • Size

      220KB

    • MD5

      3764580d568e4fc506048e04db90562c

    • SHA1

      e8d2771a4891ad7b751c4ac153f599d7d58ebd31

    • SHA256

      27c8cea7e793ace737415881a5c16b4e2d98ce46609d272e82c6c905ad2d9f36

    • SHA512

      fdc11be9388034404c9c71a60374486ff15d552bd8e9f7f74ca345e7d40df20dcb992e6d4e7b509e31e53c910e33ed8e275467da92c30193d6fab16934491763

    • SSDEEP

      3072:UYZOzNgqlPPL42pFzo3tgyGkToR74K5BC6u+QVTNDcHaDDPuD6bl4:UYZYgEr44Fzo3tFIEKiJNDcHKPueb

    Score
    1/10
    • Target

      Injector PB WIN 10&11/Injector PB/Guna.UI2.dll

    • Size

      1.9MB

    • MD5

      aed0276b4fe83e9f315d7f9575513178

    • SHA1

      e19698cb57ec89879039491100ede72e3f25001f

    • SHA256

      25ab13005a5b8020f86e59dae31728937cf93de879baee7a12c1b32a9530e564

    • SHA512

      fa6ec94acbacf2fb5c286c731bf0ee98575466233bf06d42976106edc47d2b3e92ad4952989148b2ef92323e58b8284bb686654566cd000332e1086cd8de1646

    • SSDEEP

      24576:rTNgPBPbTkcHYx48hazs9yXQbVzEh621w2C0xpNBy:nqux43YMQZ+621RR3e

    Score
    1/10
    • Target

      Injector PB WIN 10&11/Injector PB/Loader Koala.exe

    • Size

      137KB

    • MD5

      97f20e50480a7381843301364c434424

    • SHA1

      cabcdb1af88624150b86dd7de48e1c10d374dcf7

    • SHA256

      59931d9837af4b4f1b87603a2107a5cbe67de518a78153318ce6f794f053dfbd

    • SHA512

      08d1b3195d4300f55f0ae178184d95a37eaccc0069edb2f68a099c07de2202085322c6b91dce8bf825a93baa38a0d1f3ddabbdd14e0e17fffaa656f47aada00a

    • SSDEEP

      3072:I8b7ytNob7ytNob7ytNE//G5ZE//G5ZE//G5ZAf3a5ZAf3a5ZAf3a5ZE5t1O6TkS:IK5t15ldpESVq

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks