53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63

Resubmissions

28/02/2024, 11:10

240228-m96traab8y 7

28/02/2024, 11:07

240228-m7zbwsab3z 7

28/02/2024, 11:06

240228-m7grvaaa72 7

Sharing

Copy URL

Twitter E-mail

General

Target

Julien_and_anarchi_selfsniper_C.rar
Size

2.9MB
Sample

240228-m7grvaaa72
MD5

cc5610e6313e3ae170f1c51397c51ed0
SHA1

8f90b6802b1b290e808920895ba74490d524416e
SHA256

53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63
SHA512

75828bb0e08d8dc2d3ac85974127a059277c084bd76d022eb6679a3231a28adff248e133a53bbd7b892a72ab79836ed69e8506281f67162c65ea2db3b1a44609
SSDEEP

49152:ipGqHPpVT+bzj++y6wDsAeWUyi0ELfl4pUxaiBMt9TOdKfH7ZnptvHi7NWVxAq/a:6GqHxVabz7PAUtLfl4p6QwdKzZpFk0Cf

Score

7^/10

Malware Config

Targets

- Target
  
  Julien_and_anarchi_selfsniper_C.rar
- Size
  
  2.9MB
- MD5
  
  cc5610e6313e3ae170f1c51397c51ed0
- SHA1
  
  8f90b6802b1b290e808920895ba74490d524416e
- SHA256
  
  53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63
- SHA512
  
  75828bb0e08d8dc2d3ac85974127a059277c084bd76d022eb6679a3231a28adff248e133a53bbd7b892a72ab79836ed69e8506281f67162c65ea2db3b1a44609
- SSDEEP
  
  49152:ipGqHPpVT+bzj++y6wDsAeWUyi0ELfl4pUxaiBMt9TOdKfH7ZnptvHi7NWVxAq/a:6GqHxVabz7PAUtLfl4p6QwdKzZpFk0Cf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net-Anarchy.dll
- Size
  
  5KB
- MD5
  
  8eaffbb862c82165d4c0bf606e46c1dd
- SHA1
  
  9552e06b4c26a22f3a9dad3944cd92935b1574d1
- SHA256
  
  7987b8424af27998db69433e24bf8d6f10a6083ffc992b277508f4856b07b32d
- SHA512
  
  bcf8b713c405b90f9f1fbcb61dd79ef7d06355e4333c08a4967202a0c14ed085caac846cac04352dd6dfb66058420a6b8bed6d23ec02ce54c25dc7d5e7b85c9f
- SSDEEP
  
  96:h710UQu1CVfncg7DYitduwuGunEVs+x0V:hbQu1CVvBpMFbnEg
Score

1^/10
behavioral3 behavioral4
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Analyzers.dll
- Size
  
  9KB
- MD5
  
  2805f63831abab6f181fe942d2ca8639
- SHA1
  
  0a252cbf69e3546a543209c36bb910ad04eb9994
- SHA256
  
  96e9caac5cee344cb9f62c43796cb60ae39eba34dbaf553e2442b7e4cd3cd5a4
- SHA512
  
  477a00ab1b49294d0f597db46cada127418f162cd20e8a9a28696f780453aa45fed7224d204fe6f73ab8670bec4efe3e16d9612865bcc78adde90c3980855f5c
- SSDEEP
  
  192:aG7k1XZyGHgs39aI4fol9JIWTR7vtzX1dzqqHwZ:aVX9Hgs3MI9l9JISltXWAk
Score

1^/10
behavioral5 behavioral6
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Commands.dll
- Size
  
  144KB
- MD5
  
  da6fae8f02ff4780603856b883f51d86
- SHA1
  
  f92af91094acac4cb7aa8e0265909b12eb99b5c4
- SHA256
  
  4b21c70ae1ac59a765c8f2c830b3accb459df1574ae40204c27ffbc8776df2ed
- SHA512
  
  08da80d7b77a84a45e081ce79f5f883af3cff9bfcb769d7949b55a63084a52ba2fe7ca672b50aac44a1d9cdf201229f9662c3414d9dad79a8c16c597bbaa05b0
- SSDEEP
  
  3072:lKBMu8rhozywlHpEITaYnsPsWqzQoP+gNH9sNSOhOA/DVSSQJl1DYdI9L5NgpiPN:liHWhO9L5Ym
Score

1^/10
behavioral7 behavioral8
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Core.dll
- Size
  
  803KB
- MD5
  
  4b67261ee622fe515d3d4123cdc8c5eb
- SHA1
  
  d01241756ae7e2e58827c1eeb302607d92a65843
- SHA256
  
  72f0ce52197143b4a6bd5999cec05b0c4ed00db041a62549bb74c7bb2f308b29
- SHA512
  
  4e72659e9a0be45aa8e725e805a2f033691dc0f6076ec2abb675019a2f5411f0ce8e035a43309fb8e3645ba282b0f813da04bd7acaa5003aaa67ffc17c9f79c7
- SSDEEP
  
  12288:i0uzoE5PuDuMT8n/uJug2BBfmZpp58aO0cscwiYyAvgvu1znGOWWi4iYyJ6hsTw+:i0uzoE5PI4/uJug2iZM
Score

1^/10
behavioral10 behavioral9
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Interactions.dll
- Size
  
  267KB
- MD5
  
  e020ec5a6b967db10de0c96b15084476
- SHA1
  
  30ef78cbf6f4bc086d700a1d975d4527b7feb9eb
- SHA256
  
  e5e0fa49a76aef30e4c0c6bdee38c3a31b666ea75b0fea7b98d8ad25a064ef78
- SHA512
  
  0c52c357a64c6ba16224274bac1e232567ec109264484c049e746d4f5177572ef2e08823d09ff9c894e7b2a415308ee1cf2545c5fd968243d51e31da8526b82a
- SSDEEP
  
  3072:QoDPANNm2DKGEcc9+LLBSZ6sQlM2o7J38Z4YQK4W5i3/N/BbkEYmy6Mn2RmQ:RjSv3L26slJ3NBbkT2R
Score

1^/10
behavioral11 behavioral12
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Rest.dll
- Size
  
  1.5MB
- MD5
  
  48b9feaf8664fed26a65983dc74f9990
- SHA1
  
  763d0e545abaede589eca3db447d3abe15255c1d
- SHA256
  
  e84c35581b3b87fbf823f690aa18fa38d1b01ba5cecab162c0da15c11fcc09fb
- SHA512
  
  0ce3b359b7687f57ea03458d7df0076004adba46886572484762e34810b124d910283be8a4c16fd7cff547f7eaf3102ca816423f21509a0bc006e3d73c611b2f
- SSDEEP
  
  12288:9+65TsA6FRmAaPdMebFZBcEDl7ef4nNl/eLBisa8aIn1zlAiTKEMwzRdJ86E7Fny:p5wnGhqsCIelU886E7Fd1CH
Score

1^/10
behavioral13 behavioral14
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.WebSocket.dll
- Size
  
  884KB
- MD5
  
  0d5bbd1205c7d2461f4c5e70935e59fa
- SHA1
  
  32371c6b58ee93fd4d0d9763feaa884f2206f59a
- SHA256
  
  05a8553e2831a02fa6553187e5883e55703a1d8137b4f605d959005b00b6560f
- SHA512
  
  f7b546321138d67a824a6b52e9d7c30ab2c0a7503786b96a87bc369392475754da74c0d84ac1ab8106c246c384636411ad5a2eb6d5ab07560f9fbc4aedf0cc35
- SSDEEP
  
  12288:gwv3zKUtPn2/Zq61oOjmUNuLmNq+qBdSnfMaCKv3easmHNfU8y:gwCxj/NPfMaCKv4mtty
Score

1^/10
behavioral15 behavioral16
- Target
  
  Julien and anarchi selfsniper C#/Discord.Net.Webhook.dll
- Size
  
  34KB
- MD5
  
  870cc1e28844464db11daa43b4d1a677
- SHA1
  
  a5feed76792362d8c3bdbc4096cd321da6f57ab5
- SHA256
  
  89d4db9e66e6f1087cb323e456a820e80ddb6d6550e2d0a9b1712c7fcc8682cb
- SHA512
  
  66547ac3f3963b39091e7d1cfe6e3484c96e6cefd4fda62f54b6952f925e1729025f9ca7ba1019d389eb03fda1557e84ca0e9b81249050cc3c1910317bb47337
- SSDEEP
  
  768:igIILx7YY1Q3wRpnp4Fa2OskQkwfqPUpWXq/NZhUj:XJTp2+speuNZhUj
Score

1^/10
behavioral17 behavioral18
- Target
  
  Julien and anarchi selfsniper C#/Humanizer.dll
- Size
  
  207KB
- MD5
  
  5fc547c851275cc7a1227843c7b35daa
- SHA1
  
  5e22f33bf7dfa5047fc9f661cf7ae069832bf006
- SHA256
  
  40dff6faebcc6e2babe37003853509b2050e806edf3c5f141fbb85fdc0d1bea7
- SHA512
  
  3382ec32d38bac335fb01464337bc0189a1f8cef33fb94c5d99c02655b4c14160fdf02786789a9687c1d651af0ca1a2b55417e8f32570ec5355e44624266acca
- SSDEEP
  
  3072:3EMxgfS3v/xcvZL8i6KHgFgJyEnJi5NV2XpFY7oejVLqoLbBr6h7sA/:37xgf+WlJiJ2XLYMejVTV6t
Score

1^/10
behavioral19 behavioral20
- Target
  
  Julien and anarchi selfsniper C#/Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  20KB
- MD5
  
  1ee251645b8a54a116d6d06c83a2bd85
- SHA1
  
  5dbf1534ffbff016cc45559eb5eff3dc4252a522
- SHA256
  
  075ce79e84041137c78885b3738c1b5a03547d0ae2a79916e844196a9d0ec1db
- SHA512
  
  9f67fd0566eac2da4253d08697daab427e4e85780615d940f086a88424dcbb0563abae7e4824088e64ef7024c1bb3bbf324f2d07bc7ba55f79e4af3c9ea88e97
- SSDEEP
  
  384:69P2wZOXm7YJVHTe+0VJI0vrdaVemxO/f7vWeq/WIdHRN7bg30uw7lGsV9W+:u2zmYrHCV9cIL6TbtCSW
Score

1^/10
behavioral21 behavioral22
- Target
  
  Julien and anarchi selfsniper C#/Microsoft.Extensions.DependencyInjection.Abstractions.dll
- Size
  
  43KB
- MD5
  
  7a9b8793552ce40160a6d273b22f807e
- SHA1
  
  1c302ea0a44f517b97af19252140ec710d5d3bfb
- SHA256
  
  200aba7859ecfb045d43a8e2bf9abce4c929507364b7714388f59affe708fb06
- SHA512
  
  7d5ea03d5815a6f5705875fe6c2d2179c6ee5468d6b19423f04c8982e64226e656bfd7ccaf7a5756c7046d2e6d2c3504190ba642e02bc197d48dad9320fd6bd5
- SSDEEP
  
  768:gQnUmCQ0dQ8d2TN7uxgoXvM4s8w0woFY9SP8:MmC3dQ88Tk+8vM2fBO9I8
Score

1^/10
behavioral23 behavioral24
- Target
  
  Julien and anarchi selfsniper C#/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  715a1fbee4665e99e859eda667fe8034
- SHA1
  
  e13c6e4210043c4976dcdc447ea2b32854f70cc6
- SHA256
  
  c5c83bbc1741be6ff4c490c0aee34c162945423ec577c646538b2d21ce13199e
- SHA512
  
  bf9744ccb20f8205b2de39dbe79d34497b4d5c19b353d0f95e87ea7ef7fa1784aea87e10efcef11e4c90451eaa47a379204eb0533aa3018e378dd3511ce0e8ad
- SSDEEP
  
  12288:WBARJBRZl/j1TbQ7n5WLm4k0X57ZYrgNHgK9C1BSjRlXP36RMGy1NqTU+:WBA/ZTvQD0XY0AJBSjRlXP36RMG7
Score

1^/10
behavioral25 behavioral26
- Target
  
  Julien and anarchi selfsniper C#/NitroSniper.exe
- Size
  
  1.9MB
- MD5
  
  d5e815c37b6ed6465820693673e35da8
- SHA1
  
  335d5b7c1056b6d6010db628963051f1a244ddbe
- SHA256
  
  934d2022814c6dfb0145608d9d270597d46feec5ce833d754576d6a73650a632
- SHA512
  
  e9775eae34493d94bc96aa3adc25f95cba4c45d4b263565f23e834409cbd122ab731f052595382d7ab8857c133c8068644bb100ad03cdd3201e6fc5bdc4280a9
- SSDEEP
  
  24576:yXcQZt0s5xN15uj2hmkj+rXcQZt0s5xN15uj2hmkj+:yXcS0s5xNujlrXcS0s5xNujl
Score

1^/10
behavioral27 behavioral28
- Target
  
  Julien and anarchi selfsniper C#/System.Buffers.dll
- Size
  
  20KB
- MD5
  
  ecdfe8ede869d2ccc6bf99981ea96400
- SHA1
  
  2f410a0396bc148ed533ad49b6415fb58dd4d641
- SHA256
  
  accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
- SHA512
  
  5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
- SSDEEP
  
  384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score

1^/10
behavioral29 behavioral30
- Target
  
  Julien and anarchi selfsniper C#/System.Collections.Immutable.dll
- Size
  
  184KB
- MD5
  
  c598080fa777d6e63dfd0370e97ec8f3
- SHA1
  
  9d1236dcfb3caa07278a6d4ec751798d67d73cc2
- SHA256
  
  646d3b52a4898078f46534727bdb06ff23b72523441458b9f49ecc315bf3ef5c
- SHA512
  
  8a5b4afb4363732008c97d53f13ee430401e4a17677af37123da035f15f9e9409a2aeb74ae238379291fd5de07c3cd4e3de2778da5edf83a42649fa5b281cb32
- SSDEEP
  
  3072:MHutEkGE0frJeOAY1tn/DuunP0F9QFg3QuxvkaHFckod:eu501WY9/DuOP0F9QFgwkm
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32