f9e671551814926e03829a5e62a7f87baa5e7d70eed2c8643a41af4a1c3893a2 | Triage

Sharing

General

Target

doenerium-main.rar
Size

4.0MB
Sample

240404-m4fqdadf53
MD5

d9678508df4e1978e23dd36737fa8e35
SHA1

b9f2fe45b43829c8a178d01abda63f7342b822fe
SHA256

f9e671551814926e03829a5e62a7f87baa5e7d70eed2c8643a41af4a1c3893a2
SHA512

20e5c5825387ff7541233e29fdabc189d0fad736790ae059db499fda1acfe8e339d008ec1f2fd9a7452d3f24d69ea468113c04d46b24e096d92915e1bff9b3f1
SSDEEP

98304:K3K942pcxHtxCoZ3v67yl/h8q76r+y9Uos1RLa5B74lb36jr:v9XoZOyPNS+yydPan4l0r

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  doenerium-main/build.bat
- Size
  
  18B
- MD5
  
  9cebfdd6450565343ceab8fe960bef4c
- SHA1
  
  13635f608f92ea8aeeb9682c3959fda3b5e25602
- SHA256
  
  8f4fa5e0575d26c7e53665880f4dee4d67bdd45afb00d7627c05e9137907893e
- SHA512
  
  3d6de632d1c08cc489e1179926cdc11210043a8b31062e2b2761ad3534ce52bd55edafc4c243bc0e5e3fa5ad20ef40639729f0e39f86de0a7b2ae48193193130
Score

1^/10
behavioral1 behavioral2 behavioral3
- Target
  
  doenerium-main/build.js
- Size
  
  20KB
- MD5
  
  db6373738641c894c03cb800f286000a
- SHA1
  
  c85854f1b58f2dc180c39b389e62ccc3cdedb9ee
- SHA256
  
  a42d45511ee06b2ac5ada3cae29eb57c4940554a2e9020ef6e2dcad7e01b6640
- SHA512
  
  a1fdd5c095600549ab5157e1f4317d36ddf0a55c9429ad21e271c78a3942709ff54899d0bf0abdde74a335a0255081e61bdf83ca45745247f0d8ed8c7fb4fe85
- SSDEEP
  
  384:fb2FhACYjb1Yjb1/0P9+oEMm5b04ANmJxz2TY2HUa7+/De8JJMR41:qmb1mbI9+2GbKNmJMTV7+/DN
Score

1^/10
behavioral4 behavioral5 behavioral6
- Target
  
  doenerium-main/config.js
- Size
  
  353B
- MD5
  
  15145d053e7c890e464f63ee4a0f243e
- SHA1
  
  dd9d9625c68234621f539d3067917cbfa48dd247
- SHA256
  
  313e4f0fdbe18a866355ddf69ac85aabb171516ff35ddfefad482ca1141d7b83
- SHA512
  
  3ad909f064e64608d54699902a26e263978117995b1c7c2665d5475015662e8ac9b9ccd781779cfc6507ba35fe8c6d312fdedf6b933498ee587d0c9a6920c52e
Score

1^/10
behavioral7 behavioral8 behavioral9
- Target
  
  doenerium-main/doenerium.js
- Size
  
  232KB
- MD5
  
  abed1a1baf4aecea6d9ad27702d38434
- SHA1
  
  9acabca4b84495209eba092a3b12352e7f280261
- SHA256
  
  c63710d9d45cbce4249455136c76a06fc29e035ac77f3011d7207f7d9a7cdb6c
- SHA512
  
  aa5493a0a77ce519327c40e1fa0b9d9bc6cfd7a8e1ad1e086dc3f68f86d5e3d5fe9718f245219cbd986f5b4436803a8989548df691b9bf356c321ca022c4d604
- SSDEEP
  
  3072:GoDr0Tw3TxUTx8Tx8TxWYTxcCTxOh6DWQNuy:PDDdhQNuy
Score

1^/10
behavioral10 behavioral11 behavioral12
- Target
  
  doenerium-main/fix.bat
- Size
  
  13B
- MD5
  
  b7a996b231ab85f679adf2d3440bf899
- SHA1
  
  f55846430dad57df9b686db9c94d0f1e10004c93
- SHA256
  
  5fb3969667afc3d286520ec857db4c03edfcb93e6f5a0f4593c53faf36de8493
- SHA512
  
  6b8badb1b3b54b8e2ba5e617240bdb745872e77597bab7b87cd07bfbd0ffd498adb9a621770c29cfbf20f94a9b75884db4d3baa604f8d6d156dbb8e4a9f27314
Score

1^/10
behavioral13 behavioral14 behavioral15
- Target
  
  doenerium-main/fix.js
- Size
  
  3KB
- MD5
  
  fd7a1a0f40739448470dd825db747892
- SHA1
  
  c4f5b72be5f92d93789205ca1afa604f26edbbc2
- SHA256
  
  391597aa0ba7096a680116d29db8bc3b1cc51d7ada97eaa0e4d68a847979f847
- SHA512
  
  dac8a0b426579a4c08b17aa33fa9d9b5953115852523efce695b138e1a7c6b446366eb9f25b189c6385f044bfcfdfd467dcfcd68545afcebe836829df5f8805c
Score

1^/10
behavioral16 behavioral17 behavioral18
- Target
  
  doenerium-main/install.bat
- Size
  
  416B
- MD5
  
  6dc8c23ae12afe7941eaf51c2106533b
- SHA1
  
  0c50199abb24505db9d081e3404037c4f7d24777
- SHA256
  
  5124540a2efa900d21356cbebcb469fe2e700db3e7f3848832bd281319387e6a
- SHA512
  
  56a6d914978f8c23b48274903ed4c0b6eecf1d645d39dabf3d23e07a6396da61e93687587fa8156df56dc8629306af57e027805039258d7baa07c968d5058578
Score

1^/10
behavioral19 behavioral20 behavioral21
- Target
  
  doenerium-main/sigthief.py
- Size
  
  10KB
- MD5
  
  22b126ffe23c248432f4a0ee56c0f771
- SHA1
  
  3d7ef61d3af17e3f784b0a85c3af52147015d714
- SHA256
  
  6458fa3d473548cfde5ea5e7bb4acb4558d087331d45764256ceeddda93531dd
- SHA512
  
  fcec61053354a5d3afaae6f1d418fe691d546175b4aa82350096e5369f78e05078591c97f74bf054351dbbafb2cca2ebd1602b41f1e56a4fc1be74e135dc80b9
- SSDEEP
  
  192:Juj5U9+6E0yWYSF/DwI6CRgRIah/gSSU15AkAJi:JvyMvRtU1D
Score

3^/10
behavioral22 behavioral23 behavioral24
- Target
  
  doenerium-main/unsigned/Windows10Upgrade9252.exe
- Size
  
  3.2MB
- MD5
  
  c0b25def4312fbddbcc4f01c6c0f5ba6
- SHA1
  
  8d16a183d61233e7d6b6af7b3cafc6645ac2acb1
- SHA256
  
  c0424d0ae06ca1e6e0249b40d33ac40d74075856d543ec0924884664fba52b79
- SHA512
  
  8c67619747bb108dae5661688ec8fa4c62bc6ac38ee6ff14a4691aab04d7ddd870fee4262cb30624a6bd85ac1f7595af05311496b0336f979e7e5f797791bc0e
- SSDEEP
  
  98304:GgjXlctych4cCzJ8k2omX8sUf0ht5f/LyXtcH/:JjKtych9CzJqXM32jyX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral25 behavioral26 behavioral27

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27