Overview

overview

7

Static

static

3

MaltegoSet....0.exe

windows7-x64

4

MaltegoSet....0.exe

windows10-2004-x64

4

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

v4.6.0/bin/maltego

ubuntu-18.04-amd64

3

v4.6.0/bin/maltego

debian-9-armhf

1

v4.6.0/bin/maltego

debian-9-mips

1

v4.6.0/bin/maltego

debian-9-mipsel

1

v4.6.0/bin...go.exe

windows7-x64

1

v4.6.0/bin...go.exe

windows10-2004-x64

7

v4.6.0/gro....8.jar

windows7-x64

1

v4.6.0/gro....8.jar

windows10-2004-x64

7

v4.6.0/gro....8.jar

windows7-x64

1

v4.6.0/gro....8.jar

windows10-2004-x64

7

v4.6.0/gro...or.jar

windows7-x64

1

v4.6.0/gro...or.jar

windows10-2004-x64

7

v4.6.0/gro...vy.jar

windows7-x64

1

v4.6.0/gro...vy.jar

windows10-2004-x64

7

v4.6.0/ide...pg.jar

windows7-x64

1

v4.6.0/ide...pg.jar

windows10-2004-x64

7

v4.6.0/ide...ov.jar

windows7-x64

1

v4.6.0/ide...ov.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MaltegoSetup.v4.6.0.exe

  • Size

    153.5MB

  • Sample

    240324-dmfjlsha38

  • MD5

    7dbbb1a0cecce4a83d7226e7853318a5

  • SHA1

    aa929c4f69b8c5794c6dd04687cdbdd75fcd802c

  • SHA256

    611b014d7e6d599b972852d88e055a1b83d78f94a4eb6ba0901c966b5b6cb40e

  • SHA512

    55c430bd489441880caa05b3b149768efddaa688d3a0049b81a49bccc6cd64fa3eb700f50f205dead6493e65ee0698cc5049a04a026733391b4971f93ead98ce

  • SSDEEP

    3145728:Ayr4zQcJxO1tisITIaul50GAGmURl04wn0V8dzO/im89vrN/ZlWRo+:JrUvTIa6wUPvRVd/iD5rNxlL+

Score
7/10
discoverylinux

Malware Config

Targets

    • Target

      MaltegoSetup.v4.6.0.exe

    • Size

      153.5MB

    • MD5

      7dbbb1a0cecce4a83d7226e7853318a5

    • SHA1

      aa929c4f69b8c5794c6dd04687cdbdd75fcd802c

    • SHA256

      611b014d7e6d599b972852d88e055a1b83d78f94a4eb6ba0901c966b5b6cb40e

    • SHA512

      55c430bd489441880caa05b3b149768efddaa688d3a0049b81a49bccc6cd64fa3eb700f50f205dead6493e65ee0698cc5049a04a026733391b4971f93ead98ce

    • SSDEEP

      3145728:Ayr4zQcJxO1tisITIaul50GAGmURl04wn0V8dzO/im89vrN/ZlWRo+:JrUvTIa6wUPvRVd/iD5rNxlL+

    Score
    4/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      d070f3275df715bf3708beff2c6c307d

    • SHA1

      93d3725801e07303e9727c4369e19fd139e69023

    • SHA256

      42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7

    • SHA512

      fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d

    • SSDEEP

      96:h8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/H3lkCTcaqHCI:yZIKXgk+cx6QYFkAXlncviI

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      2f69afa9d17a5245ec9b5bb03d56f63c

    • SHA1

      e0a133222136b3d4783e965513a690c23826aec9

    • SHA256

      e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0

    • SHA512

      bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      6c3f8c94d0727894d706940a8a980543

    • SHA1

      0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    • SHA256

      56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    • SHA512

      2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    • SSDEEP

      96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/splash.dll

    • Size

      4KB

    • MD5

      1fb3af30d19bbed6c48a62786339b670

    • SHA1

      6862cfa4448d2281f4768a6171a30bb0579df770

    • SHA256

      20dd6d18ab68260e42c913bd0da988816ab2def4c7cb4894a1e0318924a22c48

    • SHA512

      5329b6bdf7f634b34e755cb9c39b304dd277c1149b44e141565a17932d67f5879172f1befffa6461c908419e6cca1ca757ffc00050ab24cd837bc8c4fca40851

    Score
    3/10
    behavioral13behavioral14

    • Target

      v4.6.0/bin/maltego

    • Size

      6KB

    • MD5

      28c9f461c5fe5afd017499087c76efc5

    • SHA1

      989a2d7c78381ab18b15eeb301d9b58557bf26c6

    • SHA256

      cb11c543367ad3f234cc9105ee19565311b8293d530a4526214621ea00418e10

    • SHA512

      a8def7c2adcebe0cbe26c4ae00165e29c7dc257e019c0cf4ddf389d7ca3ef7c5ee6447d5dca074988292daf720a1f0c84c0aba584b0fd5726f83d5e48b176e78

    • SSDEEP

      96:wUkkqCISsATgrYlEla0Tyjkke7lkziWsqp45zKJtyJySU3Zk3nAer6KvSGYsft:wrkNTAaGyjkgiWsqp45zKJt2YQySYsft

    Score
    3/10
    behavioral15behavioral16behavioral17behavioral18

    • Target

      v4.6.0/bin/maltego.exe

    • Size

      232KB

    • MD5

      14a9e1466f2904b9984273da3ef67a67

    • SHA1

      897ead84306fc2ee3f9dc7df731de885b8cefbca

    • SHA256

      89911c2c7ec01388b87cb92dddbe5b6610cb9bb45ff78dd242cd9a1d860456d7

    • SHA512

      56ae856a06dbcdb95afa4309b391ddeb46b0bf19bf435e59f013939d04740ba26faf693f99348ba2e1822d4f07116068d9ed3d581e0cbb6dfa3899dbb2c460b5

    • SSDEEP

      3072:3xBZMzszrxx/ePbBpNFmnL+pSnlgvwn55+OTtUkcETCukgraorADg5:3xrMzszrv29pNFmnX2w9TtUkrqoS

    Score
    7/10
    discovery
    behavioral19behavioral20

    • Target

      v4.6.0/groovy/modules/ext/groovy-3.0.8.jar

    • Size

      7.6MB

    • MD5

      adb6080ad937294752daa7b89534d74a

    • SHA1

      43a7ecf3b8a9d7dd9fc8d468ae96b97cff4616df

    • SHA256

      fa498879e6f46c63d4c37341f6f539a9d0c5be1153b60eba75b4929263549b04

    • SHA512

      fd900a61d16663fcd52bd13377c4e3c00c6a0effad90564474761a6c6ddb38a8adc446936080ab03176eff9173457f9032e3252956a646342e28070c7a9bddd3

    • SSDEEP

      196608:o7+NRWjPVlBANt6K5fIw7yzVVVVVVVV5k08PtoI:y+N4WttVIw+StN

    Score
    7/10
    discovery
    behavioral21behavioral22

    • Target

      v4.6.0/groovy/modules/ext/groovy-ant-3.0.8.jar

    • Size

      85KB

    • MD5

      06d07e7277dfa15590e3590d79423a00

    • SHA1

      3077166ed6635f777064ad79c8ca080ab8dc3247

    • SHA256

      1b0889e67bef955120d8267346d30019ff767efd233ca5441ebbbc8e4a052933

    • SHA512

      4a5cb7d08c573fbfc09494c1e7b8fece032c0f8f99bdf3795df7b374bf8a3140cd585f301f123a0d4260a1c5b19ca497f4a12e0e6544421e3a1718e3a5f4c2c5

    • SSDEEP

      1536:QRrhpNxttH9IXAvgLuB175XXHXU6hZ83aRFfUkrJJ3YdwgO9gHU21ZbdRP2zV2iZ:Q1Nxt3IXA3TXRp7JVgxUwv2zV2rqJ

    Score
    7/10
    discovery
    behavioral23behavioral24

    • Target

      v4.6.0/groovy/modules/org-netbeans-modules-groovy-editor.jar

    • Size

      1.3MB

    • MD5

      62997d0c627738fe2593073211e1b215

    • SHA1

      cc4e172e73219cd4783c3ce34cc78ca552178052

    • SHA256

      a31d8996a0677fbf88deb94bd2f2005483836a531ae1355f5a61585b841e5a2f

    • SHA512

      faa83db77523729332968bde8596befce02162bbb03b23d4503b30756369b2b5ce0852f0ae34a60e5cc33d0f644966e381674ac2a48654daa5fd5ac76c506554

    • SSDEEP

      12288:ARBhHfHPYVA7IkmgygpritCcEYxwTUBzl4nUWEpn1kjlro8+ac:YvSRktB6Wg1Vkc

    Score
    7/10
    discovery
    behavioral25behavioral26

    • Target

      v4.6.0/groovy/modules/org-netbeans-modules-libs-groovy.jar

    • Size

      28KB

    • MD5

      a0f8d09e8ed1a3a621937d8abb286066

    • SHA1

      18af90df506f441a0958cf0e4083d98bebfcd490

    • SHA256

      ce455328090ca4ceb3688e7b9dd403645e2e5b4c283215ae6111cdff4d3396c0

    • SHA512

      3f2168542206689d0185d0ad7100a0b99afd5cb22bca943bbd503bc6dd8f9b043ec381eb4ff82bd84a73d504026c527c1822541f09417d0cf5a38814ad2d60fc

    • SSDEEP

      384:mY/n9vlKM1zJlFvmNz5VrlkTS07Hl+KT6djqI/h7fA7TJ:9/n9TzJlFvAfxk1rsfVZcp

    Score
    7/10
    discovery
    behavioral27behavioral28

    • Target

      v4.6.0/ide/modules/bcpg.jar

    • Size

      321KB

    • MD5

      498ac36829826fe4b0d12af9550b5b0c

    • SHA1

      56956a8c63ccadf62e7c678571cf86f30bd84441

    • SHA256

      10acaf221fc4e49d4a4067b02316271698e8742ef4b23cb5f2434a0e3502b7b4

    • SHA512

      c20a213896f87f3fcafeddd93c4a0dab3d98e69323035bcbd48f3203f61e0b610b57ca08eb882c1bcdeab6c820cfde0f40a7b6bf6b6c0bbcdcc8f90f6f527ca8

    • SSDEEP

      6144:G7aChJ0Neahsu9LfUAEY9Uq9NR7KmFZetLoiVAZj774Pv++ih1zw:gaCTuh94pGUqvdjn+LoYAZj77qv+++1k

    Score
    7/10
    discovery
    behavioral29behavioral30

    • Target

      v4.6.0/ide/modules/bcprov.jar

    • Size

      4.6MB

    • MD5

      1d172df000184d005b49bc6d30892a05

    • SHA1

      1467dac1b787b5ad2a18201c0c281df69882259e

    • SHA256

      a4f463ce552b908a722fa198ef4892a226b3225e453f8df10d5c0a5bfe5db6b6

    • SHA512

      a5a0671342c6496e0266fe194423285201ca7dcad732b498d206330ba0a754860ca394f0e873f7c837bb705db679986e4167096a5d1898846812bffc33986838

    • SSDEEP

      98304:RdUhA7ZF2vV9VlO9FeiucNUECG/djTf/x6DKdTjdP0Dv/9n:RdIMqV9VuTCs5Wv1n

    Score
    7/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
4/10

behavioral2

Score
4/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

discovery
Score
7/10

behavioral21

Score
1/10

behavioral22

discovery
Score
7/10

behavioral23

Score
1/10

behavioral24

discovery
Score
7/10

behavioral25

Score
1/10

behavioral26

discovery
Score
7/10

behavioral27

Score
1/10

behavioral28

discovery
Score
7/10

behavioral29

Score
1/10

behavioral30

discovery
Score
7/10

behavioral31

Score
1/10

behavioral32

discovery
Score
7/10