General

  • Target

    a4627a4f45e2a5a6eddab83f83e00f96915a335afac2041abae312dbe4a11ba2.exe

  • Size

    1.1MB

  • Sample

    240323-cw1qgaeh9w

  • MD5

    3bea4f9ae6a335c7f55a2424053fd448

  • SHA1

    3fde1080061cdceb17475edaebb8d58b631e98a5

  • SHA256

    a4627a4f45e2a5a6eddab83f83e00f96915a335afac2041abae312dbe4a11ba2

  • SHA512

    068be9095ad3188e619f40e009314f85a30af3a0518e1b9597e503e47b5c5b7a94c516b14d71f39eda56f48a3fa613b360ebd3ee60fd0608b122208cf94e3a84

  • SSDEEP

    24576:OTfbeKb//pJgddHkXCm5lN7pVq9PgUq1RkNbXuoQv:ObrbJJEESmN7BlTSbXs

Malware Config

Targets

    • Target

      a4627a4f45e2a5a6eddab83f83e00f96915a335afac2041abae312dbe4a11ba2.exe

    • Size

      1.1MB

    • MD5

      3bea4f9ae6a335c7f55a2424053fd448

    • SHA1

      3fde1080061cdceb17475edaebb8d58b631e98a5

    • SHA256

      a4627a4f45e2a5a6eddab83f83e00f96915a335afac2041abae312dbe4a11ba2

    • SHA512

      068be9095ad3188e619f40e009314f85a30af3a0518e1b9597e503e47b5c5b7a94c516b14d71f39eda56f48a3fa613b360ebd3ee60fd0608b122208cf94e3a84

    • SSDEEP

      24576:OTfbeKb//pJgddHkXCm5lN7pVq9PgUq1RkNbXuoQv:ObrbJJEESmN7BlTSbXs

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      Corticosterone/Macquereau/Phytosociological/fortstteres.Tri

    • Size

      58KB

    • MD5

      3af40ace5ec3012044c88f66f1e52f93

    • SHA1

      3a4c43b3b4b019686795f85fa23c8422928109df

    • SHA256

      983cc07bbaaa0ece314d99ff8e96b88404993c20b5bdec931f6c72462a370008

    • SHA512

      444c21cb887b05e62aad267bf77d512c8c9e3ab09c3511988f4c6c21f230b8b58699b9f056676e916a146d45846cee44080e3dc355cee6e6622aca8dd118249d

    • SSDEEP

      1536:brwtOmtq7mBnWMDfcndWJv2s+IPi1xl6WKy+7z+rap:f+9nWM7cW2svml6Xy+7zOK

    Score
    8/10
    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      Nazis/Moderatestes/Grond/Glumpier.deb

    • Size

      1KB

    • MD5

      76de2d8cf74f4347837f989b070b87cf

    • SHA1

      a30002d6d2fa6f67a8df28f9cc3ce07ab340a0d9

    • SHA256

      8d380165f1bb8a3e646e07c3f7bbf0c1a887e0734f654a5116c88158c6c27d66

    • SHA512

      7a89063ece68d47870d958328aa94f98b9f74cbdb44641a2cd2547728b0e079733d6f0d696878a3a68327985d8582fdfaa4ea00bc6208d66592ffef29fb519b8

    Score
    3/10
    • Target

      Septemvir162/Lotted/Biochemistry/Ishtar/depopulation.asp

    • Size

      1KB

    • MD5

      9dc829c31369a1fb285618a4c58f3181

    • SHA1

      2706b324245b3ce469c3f9d8d35d97f392594d58

    • SHA256

      45820ae7562dbe707f7393eb65caba8ff3ab61f9c76a650afeca5202cb53200f

    • SHA512

      b260627dba4be927fe11616b1068b485d5d984d791b024ac0cfca0754ca01593e92d0e769876e5b35eaf5260ee03689af56e4a12f08b4f2378dba8955568539a

    Score
    3/10
    • Target

      Septemvir162/Lotted/Biochemistry/Ishtar/tropes.doc

    • Size

      1KB

    • MD5

      9549f27d380527ded73a50063892a61e

    • SHA1

      2db5780e6e0cecc70fc55ece9fd0c51f9fe16647

    • SHA256

      a1ce933545dc9b475bb5292197086b3311d2b89d6109740ac5d7a846e58602bc

    • SHA512

      ddf2406808f68034c5b761c06dab0278f9e7aff3412628c3dbd6bdbcdfcea907f0b15c8d69710fa90520e4f5e20a982b73c47e0b575ee2e369780ede0ec57d4b

    Score
    1/10
    • Target

      Septemvir162/Lotted/Biochemistry/Ishtar/udlovningens.app

    • Size

      1KB

    • MD5

      19efa8d6cdc602a55a4ff019facde55d

    • SHA1

      a045deca2f76b2a21e3ddd0f9a725a7524e5b4e9

    • SHA256

      56387d3006e1cf2422296aaeb3a6428f9c3cbfb734d66e5bb2b4d26981a03507

    • SHA512

      bd18acb252a7ae98ae1dc92bb7e5f88b3696f6d5e2eedd83cc8be56ebfb9690d5d4e56ceb7c8e2cc26373a919afd2460b7b3c3aeda832346f5d0fbd17b68c9e0

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks