d727ea777edd1fbe830045338ba4801dc3a6b50e491fafa242b081e36fd56f88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

qabatytyzer.zip
Size

227KB
Sample

240305-p6qz8sfc6s
MD5

665e2e33ec3bc418cb194091fb4ea459
SHA1

6b9853b7cfec4786b9ddc99e4d06442eb1398053
SHA256

d727ea777edd1fbe830045338ba4801dc3a6b50e491fafa242b081e36fd56f88
SHA512

339833767dced6fcfa0178a835f42dc8879f4ecb4997fb72e6c9236dc067576cdcabb164d7e67c8632aee432510e24b331f12baa1a241bff73086a47f61ccb7d
SSDEEP

3072:Fm+qQfI6ZgUmbZAsX9glhepGK0jdpChFOiYAYdLWY29eJkQ1njoiFkmVNd3D82Ub:FBq0mOo0hd9jk+d4811ncOPe2s

Score

7^/10

android antivm linux macos

Malware Config

Targets

- Target
  
  qabatytyzer/assets/js/zymelu.js
- Size
  
  2KB
- MD5
  
  1af670ff00bee1a2bf558c79752916cb
- SHA1
  
  77cd2d2d81681f2b6d4b6adad9d33b30445c3285
- SHA256
  
  79e3fc508ca0c8984529b5ec44c235fbb1e3b3f214b675eadf2ff9316c0a97e7
- SHA512
  
  cb7c00833e0b4d4076bdd504fc84829043ebb4efbc313a7e691153f5ea2a662c47de40f128c094c37b88f64ff29efa09117e2d5ce8ac24465411cb079692025b
Score

7^/10

antivm
- Changes its process name
- Checks CPU configuration
  Checks CPU information which indicate if the system is a virtual machine.
  antivm
- Reads CPU attributes
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5 behavioral6 behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8