General

  • Target

    MalwareDatabase-master.zip

  • Size

    32.9MB

  • Sample

    240228-2eh7jafe25

  • MD5

    4637eb683e61304be0a24222c98cbd3b

  • SHA1

    f89c7b9c6ea97d4c893477788b4d068a20475481

  • SHA256

    4a1404a8e539cf5895d716114e1e0fcb2916e436e74c83cb254896f76f25a471

  • SHA512

    666bf721cbc8c8be31644b410647fb5b471efb2ea884322eeffdc22445c794e09bd249de56f082c4c48adcdbe7c3bbcf56b8f4ff26c40ff89502b4797894b22a

  • SSDEEP

    786432:uDtcNqOAKm+hsZ7DYfzMRzZH27sgTaF4u4jiwEj7/Ql/G:uDtcN1AKyHiz6ZH27xTaePYsl/G

Malware Config

Targets

    • Target

      IMPLANT.EXE

    • Size

      146KB

    • MD5

      a2bb97bd6c0d0d6301901b37a09d0080

    • SHA1

      e995dc112aa31e4781792d899007206c86cccfb9

    • SHA256

      9ee1bb6304e49d1a3405dd5e7ff4009db248b3ab7b2e35151e6dc28ea931b8a6

    • SHA512

      7286593cdb035bf681d7bf6dd7c482c1f5f16056954df27d082f5e76c8d17c874846c878815662ac7e1ceaa177b1e523f7741325886b1b407f74f20360ae902d

    • SSDEEP

      3072:qdZE0roumKHekqLUxO+a6n6vNMRd3IgfT6xtW1GvhAPWt1MPAeWzDfK:qs0ruL8aLNUJIgfWxkchaojK

    Score
    1/10
    • Target

      CLAUDIA.EXE

    • Size

      8KB

    • MD5

      c3996a10e66e5bf727feeebc1d2640d1

    • SHA1

      06d540ac76b42ce19a3c6f5aeb7b4e7251211478

    • SHA256

      68282fe5dee100e11c66cd352e6cc9940e42c1511463f143e0fd76fbde146411

    • SHA512

      c7a54bf5cc238bad448a5ec73f98e2ddc6a33cc9d0fb72ac068c451152fab658a76f6eff8b4ac4d4e94abbe2fcc22a42f29cd085f1c42a6a8c5a58af4be150d5

    • SSDEEP

      192:iPKjE+lmLy6XIj86c8vO9xRulsAXn1Q00W3+VgmgmvlYgYp:iul76XM68GEH2FbdMp

    Score
    1/10
    • Target

      MalwareDatabase-master/Windows/Bonzify.exe

    • Size

      6.4MB

    • MD5

      9c352d2ce0c0bdc40c72f52ce3480577

    • SHA1

      bd4c956186f33c92eb4469f7e5675510d0790e99

    • SHA256

      d7e6580054525d3f21f86edfc9f30b7a75ffa829a1eb67ee3cab33f0040dba4e

    • SHA512

      c1926d59272df0e049467f4497bcc3631bbc1aa5337e87f4af31bfdba60c9ef460e394380024ffa7e71fef8938761d48d75e9dc93dc7529d2b9c8c638dddae92

    • SSDEEP

      196608:/dAMaWetTeAkLIdx751qFTkub//73lc6u7b5VJ2Yx5xIdk3:naWedh+Idx75QYub//73lc6u7bLMYxD

    • Modifies AppInit DLL entries

    • Modifies Installed Components in the registry

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks