2cbc5d76f5ad27603e6e4d546b223c41981d6fd61133e29be3d197a2cf48e180

Sharing

Copy URL

Twitter E-mail

General

Target

win-x64.zip
Size

53.6MB
Sample

240311-2tesnaag93
MD5

32226294ce930ae7ba574b5148fa7dab
SHA1

81a36e6b81dbdcf7bb454bcd4fcde12c8583116d
SHA256

2cbc5d76f5ad27603e6e4d546b223c41981d6fd61133e29be3d197a2cf48e180
SHA512

28848a8f9acadb8602a52b9a02aada6d67cf61ad126b911517f84afcbbdd463e58e71270f70a1d5613e4e8c9763996e33aa73c7634b5887dc2a0789802be348e
SSDEEP

1572864:O/y2yBm1hozv4ouww/5p9UtqzKwqNxMQCpebKXfSbB6jD:XNBm43uwwn9UcKtPCwbKaF6jD

Score

3^/10

Malware Config

Targets

- Target
  
  Microsoft.AspNetCore.Antiforgery.dll
- Size
  
  118KB
- MD5
  
  08ede7626e6606235a493b52e835fa85
- SHA1
  
  794ac37e23a92bbed2476fdc0f0e815d464e60fe
- SHA256
  
  a406119fdcf896e868d5f0fc4e6906874721f28dfab69d7dffbc14c0f1fae919
- SHA512
  
  6ade41d4a5037880d6b1296a8991f6e803de23148690047bb11fd4b9145a2131903a2d7f6f4ed8b6ab5f32079878fe0fa6e3191a586b8236f3f5d1b8176d394e
- SSDEEP
  
  3072:lt+coA2GrBNPhPYe6UEh+A9FzlVk4jnH6A0:yRA2GtNPrqr7i
Score

1^/10
behavioral1 behavioral2
- Target
  
  Microsoft.AspNetCore.Authentication.Abstractions.dll
- Size
  
  66KB
- MD5
  
  428698375156a197e76632eba072d9f3
- SHA1
  
  6ad008e24548afdb387b741acaef40fb2898e0e6
- SHA256
  
  1f41a51a4dab72434c87080657bc081ab21febb7633c4463ac535c1afe6d487e
- SHA512
  
  289120299e05acfd160e8f17166bd569e8b15cfff1d0454f18b61faf1885f028830be994959f69c62481a0247c143a5b2408b65cd1adea6efee4d7b832543cec
- SSDEEP
  
  768:tGI5etvBdCZDLoBHC12fF4kOq2Oq2jnJ8qkG5Lqk226KaFNDmE/2K3AZSZOUpuQ2:tjkeABi1qF5avDtuKIXQmvibfzrV6
Score

1^/10
behavioral3 behavioral4
- Target
  
  Microsoft.AspNetCore.Authentication.BearerToken.dll
- Size
  
  70KB
- MD5
  
  c3b62e92e03949f9b4050da4706cf83b
- SHA1
  
  c348f486da9afb049c4fbfc9da0c68d34c1f7d4a
- SHA256
  
  9c3d6fc2f10d60c297a841f667e6572db26e697697e729742a455b24590ab5a4
- SHA512
  
  e30e18ec7feb45abe0d9c60db8486bd99d531fb68a147655f8b160b0ec61e59a778dc225c6aee363489b909a452d60df39d92c09302f67cc6316a89e04cfce60
- SSDEEP
  
  1536:LKfJTjlYs6z1SDJQdtWcsWP4vAmgOzkBBi8vpzA:LKfJTjes6zy2dt6WPAXgvXU
Score

1^/10
behavioral5 behavioral6
- Target
  
  Microsoft.AspNetCore.Authentication.Cookies.dll
- Size
  
  110KB
- MD5
  
  14529a9fce0c9cc4893dbdc5ad38768e
- SHA1
  
  8fbfd6441883812b71e4df6e54f14bacd5f46ba7
- SHA256
  
  ce984d1f5453329465654d4d027d3ebedf05bf47936d2f6103a8f44e1fc89df6
- SHA512
  
  0eddb0d197f65dbe6db54aeb698b9f10c57f9f3f86b855d3ee07dbcccc2d28491507126a4fb694ae4a1f16a0d502c9af92c149061152b7726dca220f67c4574a
- SSDEEP
  
  1536:AOhV4FY17Ct4mboz0CFhtfdZ5Wg8rQ8G6RYxLSVjNqz9f:AOyM+SmoFwVEi2xG9Md
Score

1^/10
behavioral7 behavioral8
- Target
  
  Microsoft.AspNetCore.Authentication.Core.dll
- Size
  
  90KB
- MD5
  
  502534d4496be2ea1da586d5b60f6701
- SHA1
  
  b142e2ed861d6387f3c302a3c78517aeb0937e2f
- SHA256
  
  3fa6d8ceb5b99e39c4ab8418c897bd9ad4b869d84b279e4c94f34f5098f15fe4
- SHA512
  
  2ed923e5b6d2d572ae671a8ad5c46e5005b744cfc8ad7c1516917b570410412b800a3fb8cc6476ce45a45213c030bcc4ca7123f0d79b55c69be13d97b19da769
- SSDEEP
  
  1536:idsfjkFbIdD6rnAG0Fk2m1uydbRRuVUCcKiBGpz8:iDZIdDgAG4m1u0b3uVUCc2pA
Score

1^/10
behavioral10 behavioral9
- Target
  
  Microsoft.AspNetCore.Authentication.OAuth.dll
- Size
  
  98KB
- MD5
  
  205bc89e5411a5162c1ee4f0a28b8f42
- SHA1
  
  7c15ff1aa1828fe8acbd4211bf22f9bc42d2506f
- SHA256
  
  e3bf63dc9ba4beb04bd52667d5ade140d8f9706e1b4b8a35171815d3cfbcbfc0
- SHA512
  
  0f924113af2148ac5cdc9ae4044e145bddfcee3e7fd1f3033b7bc5efb79a9cae83d6c1ac5f9895bf975468891e19f5ec556ed173eaf50b5dd61179bc5ddb1104
- SSDEEP
  
  1536:5qolYIJLgqzhlVA6IaIykDQ/+PGZfb+R5bANqLW/521iCzaz:5+kA6RJb+5bANqLW/grWz
Score

1^/10
behavioral11 behavioral12
- Target
  
  Microsoft.AspNetCore.Authentication.dll
- Size
  
  154KB
- MD5
  
  6ac3bab66d8afb62ff44179b2653ad06
- SHA1
  
  a6e64d03727e8987d7d9739fccf587d1f3066334
- SHA256
  
  d280c368b25cdb7a6974cdc55a205ce981a63605bc8dcc394800465ff5eb2563
- SHA512
  
  c0e94a566e6e60869507534f5b9d13e7c490f441c63ed2dfefcbf9b366444fa84e2c8fe4077ec46b58abc2026517b5ec3eb751580f8eebd7853bbfe7c4fb5a90
- SSDEEP
  
  3072:sWr/TLQfWwuXYlHsb9Ts+vvEQyygctoKqW47EplPZmPJDypS34ReaXEfHri:F/vaTY9TRvEQyygctoKqW47EplPZmPJE
Score

1^/10
behavioral13 behavioral14
- Target
  
  Microsoft.AspNetCore.Authorization.Policy.dll
- Size
  
  78KB
- MD5
  
  0bc10fba2ce9593b11babfe6261bf940
- SHA1
  
  0c4f66da026952c73dcfe313ce1eebfc91639c2a
- SHA256
  
  363a38b82b04b2e833b8f8c70558f4ec59ffbe8dca63f4cf02264171ad6e1b76
- SHA512
  
  ccb7385e29db59786ca99342e0cccde131c0f207326ced8fa99034252a474eb4ceccaaebf099bde23e77ea0a5b03d031d6c7449b772b39d6d7e15c69c18cbc6a
- SSDEEP
  
  1536:JeL0Q59YCl3agO7epprm1UJVpbYKP7DiMZqiGtvpzqOL:Jc0Q59pl3JpbYaviM6Dmk
Score

1^/10
behavioral15 behavioral16
- Target
  
  Microsoft.AspNetCore.Authorization.dll
- Size
  
  106KB
- MD5
  
  16744e66e8551d335058ed61ea8867ce
- SHA1
  
  b6dc1d77a07f0f2c3d5a022999e8ed4a3f4a4ff4
- SHA256
  
  5a438aeb6e1c7cc0ce19d77aaca83f6e6f4a49fae09c56d3d614232297b36edb
- SHA512
  
  6bcb5c8e7a4f52672241ed67a8e142be09f73af20580741121f57072352ec4ffb36f873b1c054d8540426320651adee9f04d7504fbb3702dcd19de147a73f4ec
- SSDEEP
  
  3072:cThQBxqLZqXRF8ZzulKpF5ssYamn1Ni31OJL:MixyQ8ZfmsYahON
Score

1^/10
behavioral17 behavioral18
- Target
  
  Microsoft.AspNetCore.Components.Authorization.dll
- Size
  
  54KB
- MD5
  
  443cfe12c2a2ce2515ffdf2611b1b154
- SHA1
  
  d0e4ca3ef1317259fc14476570c8ffe315ed0d24
- SHA256
  
  d456f1d1e45afd8818d3eb4f526378ffe2e2cedf2f271cbcdd2a99d9f9e82d6a
- SHA512
  
  2a9514f5a388c1a6ba5d28bffdebc6f4803ff96660cb66a73020b8dd54bb1d1575f5bbc9b58bed973059ec8bc56c6fc183b8cc8b4beee96863fb3212c6d971e6
- SSDEEP
  
  768:RNpvNUmjhesUdltrcXLvYi7sMZ650ZkMt7OEo/OXM/i4O69znL:92mZUvRivYgkMtS+ciwznL
Score

1^/10
behavioral19 behavioral20
- Target
  
  Microsoft.AspNetCore.Components.Endpoints.dll
- Size
  
  702KB
- MD5
  
  efd56773c03334fb0c37825c097a794b
- SHA1
  
  527ffe00c5e65ec08b3e655cbe484e8af237528e
- SHA256
  
  45137ac9114239a67f1a4e34dbef205a717b8552363012e193791fc18ae48b07
- SHA512
  
  f9c588be99f518d5009a623e1b84fcdd9d2d15d8053ab41211b008a0561bfde47d32cbfcaa733f41b4e6716497bcf6a2e7c027c0040dc877c66a836d5f29bf24
- SSDEEP
  
  12288:8j1/q4HQ1qi/dT4reL39V2ob73phHShXTXbb5EYb:8yIiF3NMobClXbbp
Score

1^/10
behavioral21 behavioral22
- Target
  
  Microsoft.AspNetCore.Components.Forms.dll
- Size
  
  94KB
- MD5
  
  c4ed7265ffc52740cfa476321505e1f5
- SHA1
  
  367dc6f8415c8a95f0a2f14ee4b6245ae1d250f2
- SHA256
  
  e952f8bf7838fd0149eea7b4ab7505c6c235133984f84e498da79e26eb0a9ea9
- SHA512
  
  67eddd628aad61f4f140552a6c16f5a5870fd1a8c50be4ec99bfb15165742a3f4a32e85d935d9cea2d2920b8371cc868c94c674fa1f05b1ff9dabecca7a43346
- SSDEEP
  
  768:qErg20IS9lxcuA/9i90jBZRTSQsSEOn1PAnfblzfwZA892vO3rUu/GjPUJfB/ixy:qkBAo9Df4Qs/O160ZAWyEBixJzg
Score

1^/10
behavioral23 behavioral24
- Target
  
  Microsoft.AspNetCore.Components.Server.dll
- Size
  
  846KB
- MD5
  
  3b777632769d03a3f7507470b95a19ff
- SHA1
  
  ed153ea6bd5e8058d62cede766256e5b1fc9af12
- SHA256
  
  b9eaa323e89c7047d229b3db699463736eed16de8de58e3c8c9bc941bc4d77b5
- SHA512
  
  73c879f1a579f2f6d668463e28aabf29356c695b4bb4be1969600cad364915c9eac219b7c5a90da8cbb3412aebb2beec37c22fda9a49d4892746b1cd17ce8120
- SSDEEP
  
  12288:2hqf1J2YtXXIUf+8xTEr7PTavuu6yrFOvCUCOLjlUWwiT9:2sf1ftnIY+8x4VuZrFOvCUCOLjlUwB
Score

1^/10
behavioral25 behavioral26
- Target
  
  Microsoft.AspNetCore.Components.Web.dll
- Size
  
  378KB
- MD5
  
  7bd1701745cb6aa8dab06556122dcf4d
- SHA1
  
  1af173cdae45e04d49cb56fca9dbddc33c1ca083
- SHA256
  
  2f65fb768d975501f4c1e80b45e120ef17d7411ad9955a906c61c0dede69e916
- SHA512
  
  91240ba95899d96d19847da5e951b7050a6a4a9ab8452009a96f403e8fa8ca2204b75ae519f789dce549e0b6b0dedf3af56c4a630e54e0cd47fe73d327628a04
- SSDEEP
  
  6144:pZI1tvxIoKNg0lNPZ1O4ishRT3BF5yl3A9pOGE2Pyj/W8M:pZI1t+oKi0Pq4Vhp0l3cpL8M
Score

1^/10
behavioral27 behavioral28
- Target
  
  Microsoft.AspNetCore.Components.dll
- Size
  
  790KB
- MD5
  
  6973e6242ecd37b27b6086b5cba5838a
- SHA1
  
  3e42f97f9c664a25e909ee15ac5e8e61762ea1b3
- SHA256
  
  629148cd25eb8454fac4e0695352925db2b93551bc01779775162382d128f9f9
- SHA512
  
  c52182ac782b31304c137b1ad69257ff21110272d1a5a50495d9cfe9a74f861f2340fbcb8139fcd721a7f7bea29e3c118de15b67919a5f3a4a2acd64ab3a2a39
- SSDEEP
  
  12288:AOHdAO3uAp1MWrE4tHwWLDsWmIEDZUIb1q7QRirqO9tYo:zAO3wWLDX9eWIb1q7QRS9X
Score

1^/10
behavioral29 behavioral30
- Target
  
  Microsoft.AspNetCore.Connections.Abstractions.dll
- Size
  
  66KB
- MD5
  
  26376ac048df9241afca6eadcb82c0de
- SHA1
  
  7b229e3ae7c18dd2344cad41e2bf2fd1414e2abb
- SHA256
  
  795bff2267919c6b702109228032337c5c711ec431b35d1766cb9564c9857d91
- SHA512
  
  fe5627fddd38fc7e5c015e46980edac0390b53606d739ce99c9f278ed2698151220a64eb8e1786fd271e1b9cff48bbe5422a275267b25eb0d01263169cfa5924
- SSDEEP
  
  768:yxRSWOP79tkIvS8AMXkA96FloaMom4LXNtt1D+dZwVOHadI62KDO/ip9z+e:y3DX8A7yomEXbzDKZw06dI67aiLzR
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32