70cae58ab108d76a7c824e2a6550c29a00ee599c7fc86bd8ca6ccea08360fe71

Resubmissions

05/04/2024, 21:46

240405-1mqqxaec37 7

05/04/2024, 21:45

240405-1l47xadg2w 3

Sharing

Copy URL

Twitter E-mail

General

Target

oblivion.rar
Size

11.6MB
Sample

240405-1mqqxaec37
MD5

bc82d0d1a203d1abf06f3756ecbbaa4a
SHA1

2a7a4085841727a045af943172468b63003f434b
SHA256

70cae58ab108d76a7c824e2a6550c29a00ee599c7fc86bd8ca6ccea08360fe71
SHA512

e22eb1b05929a00316c9f0032c3e7b11f48b112e87cc8faf8ef4244c28bdda9c9f9f2e6e54637a988f83cda0e28d9eeac24243ef441e33559243c2a998f83499
SSDEEP

196608:6ZFhKRkkt3m5U3mJkRJaMifZmPQuw28yvRT3U3CnRAJM3714bYsxlLJZ3lLxc2au:63jkt3m5gmJO6B8QuN8K3ICnRAJQ7ibh

Score

7^/10

Malware Config

Targets

- Target
  
  oblivion.rar
- Size
  
  11.6MB
- MD5
  
  bc82d0d1a203d1abf06f3756ecbbaa4a
- SHA1
  
  2a7a4085841727a045af943172468b63003f434b
- SHA256
  
  70cae58ab108d76a7c824e2a6550c29a00ee599c7fc86bd8ca6ccea08360fe71
- SHA512
  
  e22eb1b05929a00316c9f0032c3e7b11f48b112e87cc8faf8ef4244c28bdda9c9f9f2e6e54637a988f83cda0e28d9eeac24243ef441e33559243c2a998f83499
- SSDEEP
  
  196608:6ZFhKRkkt3m5U3mJkRJaMifZmPQuw28yvRT3U3CnRAJM3714bYsxlLJZ3lLxc2au:63jkt3m5gmJO6B8QuN8K3ICnRAJQ7ibh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  oblivion/x64/Debug/vc142.pdb
- Size
  
  1.1MB
- MD5
  
  1f6e56db86dcdc9560e134d0d53d7aff
- SHA1
  
  13e4cdf95fd93641aa34a4ae354bf762d0b748b4
- SHA256
  
  56240847b5c2ab14d9a6a7f49e18925067192c5caa6bf34a7e0a05d3b6ccf427
- SHA512
  
  0ad8f8de4b3afde57a213b9f6477ab2dd9237a47a13c0032b2cc0cedc81bc31cf7f263a3cc2f816dac4e8b12d18746ea61482a4994e7fa0c60d58b6d6a0794af
- SSDEEP
  
  24576:D31mwSV6rCJMEnhYJykEetKh+XmY1n9XJrLFwtYu:s
Score

3^/10
behavioral3 behavioral4
- Target
  
  oblivion/x64/Debug/vc143.idb
- Size
  
  851KB
- MD5
  
  81eb5a73f680138c72920928a3c5f7f0
- SHA1
  
  d2689c221544acc185b005cac91106d143557559
- SHA256
  
  0430123e38f662355e61127e56126477f44bc12cdfdc54f3098388ad20149181
- SHA512
  
  5f8f09ed49cf48ad2aeb95dbb15f52e18b987945eabc4fa1ded54d07509f552625e7b582e361b25e47d3e492dd235c98ac839537bb375c02c7864ca72ebfc8da
- SSDEEP
  
  3072:PLwhVaCfjNhNF6NQf9eyos91/zZ6h8lWYzqNi+cH4qL5mPf2q/N:PKQ4NbF6H8lWMccHjmPfbN
Score

3^/10
behavioral5 behavioral6
- Target
  
  oblivion/x64/Debug/vc143.pdb
- Size
  
  1.4MB
- MD5
  
  f8669b0bcad1cb880898b0026a33c5db
- SHA1
  
  46d5c43c8db58b9acdb4e1d0dd24cf5665b7cc3c
- SHA256
  
  912c37e1dc2eff29939d9591e8a3548783870f8f53c6dc5359ef3d37c3a8e16e
- SHA512
  
  ad6ba3030b04c52a5fc5244e2a6ab27f8ef27f94581d267b0d5cb4888d89c4b9472b148853c04ddacc38f8ab33430e7426871ba0903420bbad491280e76f1750
- SSDEEP
  
  24576:rJJyExRbJ6JESUwGzP3DD6mKH+WmoIAA9/jXwHKJFl+1h7:7S3MH
Score

3^/10
behavioral7 behavioral8
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/CL.command.1.tlog
- Size
  
  20KB
- MD5
  
  545bd6864a71bec26e6b0770a63c18ee
- SHA1
  
  ea91c1a91583368802a5d264053e0f9191d5e8a8
- SHA256
  
  b3358831a12c7c87cb86eb9363d7ecc1cf835a57f6e1656cdf497ccb8424d2f4
- SHA512
  
  29908b24fe6cc76409b4c405ab36df5241e3aef335c2fbe92ef7024f5072e3c21ea211aebcd3dcd438e27a3811ed96964c72cca524450431a3fba434e90cae49
- SSDEEP
  
  96:9UifGgIifGUzifG95ifGfdifGTmifGGMifGozifG9fifGJQhBZMOhBZeChBZSJhG:U
Score

3^/10
behavioral10 behavioral9
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/CL.read.1.tlog
- Size
  
  241KB
- MD5
  
  79a6b879f41c7feb89cfe9574d75e886
- SHA1
  
  9e8569e3d779d57d0d535813aa3feedb514fe369
- SHA256
  
  cd3e5119ec66556cf021440e8d4eb63cc3c203324b69bee6dcefbda73053f579
- SHA512
  
  b1c4e44373343a8bd5a98e3f11bfbf5d2440c3ee34dcd2e1c4b55d5951ec65dc7299fc82bf8c2f6cdddf2f761418f94a4468e5bfd5552a2724b788057be33a38
- SSDEEP
  
  384:W4vLDRDgPOtycvLDRDgP5BvLDRDgP+dvLDRDgPTj3XvLDRDgPFjtTnCELDRDgPMy:FuPOvuP/uPouPTjHuPFj4RPMj+
Score

3^/10
behavioral11 behavioral12
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/CL.write.1.tlog
- Size
  
  5KB
- MD5
  
  d3edc35216e973022dea9b5c544477e3
- SHA1
  
  1711c77dbd214dc8686c37562342a9e70178e4ff
- SHA256
  
  0e1bd2ab88229fe9eb7b4136547d2de312b270af4d69c1250c6e3d220331473a
- SHA512
  
  cba9c797d463a0ebc37d04e67319a08c6352514524db625d494fd13a606da53e8f23842b894345411e70acdee9d5508d4dfe3b5b29445ef12b8a6900b52182d6
- SSDEEP
  
  24:QLof+ofQofsof/ofWiofRofjeofIof/ofQofh8ofjofYIofbxofOof+tofQofboy:qg3LuMUQVPo
Score

3^/10
behavioral13 behavioral14
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/Cl.items.tlog
- Size
  
  1KB
- MD5
  
  5f5c55ab8cb4c40f4f22ecbb61da9a8d
- SHA1
  
  3d7c73c56f34c194848bc229a744af3919263541
- SHA256
  
  5fa3dc8e5189a420d59021c711ea0553830d9d861cc4855a7c54141a78f2d788
- SHA512
  
  1b37bd7275d4b526ac3a20ecc1602c546c22d2453bf15c70aeab00fb24bd3a66801174b11de4f36026bd3460497d2141a0fca0e0dc87c61fbb474183891533ed
Score

3^/10
behavioral15 behavioral16
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/ImGui Loader base.lastbuildstate
- Size
  
  163B
- MD5
  
  9dcbe8ac3cd6d5847cec223a609d9390
- SHA1
  
  c7a5717ed753334a020c17cc4a512038cfe89889
- SHA256
  
  e43c187bfeeea83c339055ba24b39b064edff8785ededa8826946a85c9f5843b
- SHA512
  
  b9d582cf33c4f9b6bd431a289ebd95faf42a184ed7accd32bafb94a619e9936bb263a2a92ad31596bc3e137bea56155487e2d63cf2760347f85ea87008c09881
Score

3^/10
behavioral17 behavioral18
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/ImGui Loader base.write.1u.tlog
- Size
  
  9KB
- MD5
  
  0038f513801ec5f4375e29233e8e367a
- SHA1
  
  17fd21be89a5fb912b3a74f308d539eb5e272582
- SHA256
  
  4d33bfe755dbd901e252e9ca0f04c8018de16bf471a6a3d8d083a89b663ab9c5
- SHA512
  
  f75a391082fd6506183a0b02baba29170390b83389d452535eeac72e6a6b56696c9bb7f23fc58a8a3d126677fc21767a67b8793c077d19d2bb39c6ec87359bff
- SSDEEP
  
  96:dGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEBGEs:w
Score

3^/10
behavioral19 behavioral20
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/link.command.1.tlog
- Size
  
  9KB
- MD5
  
  5e5acb3243adafa0aa94a4ad7f2dc798
- SHA1
  
  a25d1fde1b81bcd0a3d26dd7c9c0c6679d83692e
- SHA256
  
  f1613fddcca34745ed1481b7a5bb5938f186ac0640b96459e9cbff6bfad6b16e
- SHA512
  
  f3c4d30d3a5346d097e1612ade16fd5d6ddd635b8b47d03ec6e6e7134d6f36641f087785d3ea247670cb8c0290527b25e4d8770184cddbf13eb0794889073ba7
- SSDEEP
  
  192:jHKcQZbfwMZBZDxVMK+rpdQMZBz3r/C0IBjHgMZBxY:jHKcQZbfwMZBZDxVMK+rpdQMZBz3r/Cs
Score

3^/10
behavioral21 behavioral22
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/link.read.1.tlog
- Size
  
  6KB
- MD5
  
  655c7d5e8f02b039399f6efce2b40a73
- SHA1
  
  3b5b1b77ca3bb5dc6d44c4a2ebacf5b7dfbb5057
- SHA256
  
  f9ce85b12d95540d89a9bc4e46040b0f9baf66b11fb113bc0c0595d6085915ed
- SHA512
  
  6e78c02367c29a113437cd8dfa0c3eb162294783754c7eb1ff5588401a894fa804566b978ad46e6c65d884964f655ecca41f0065f83c5b2d1fecf9167bbef1a1
- SSDEEP
  
  96:1r/C0IBjHJwtAZl9tY1dtPpm7RrmcKuxdgODE8PurqXN:1r/C0IBjHqk0ON
Score

3^/10
behavioral23 behavioral24
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/link.write.1.tlog
- Size
  
  2KB
- MD5
  
  2cad3315150de73bd5e11979c9a3104c
- SHA1
  
  01e8a61fecdb36e3448ff60723408ec7b0e62d3e
- SHA256
  
  b034d8a7297c8a8fbbf738d52ea2c372ffa7d8a7331ae954cab6dcd256e83f79
- SHA512
  
  9f84efc902b1596dd7bb71991046c5b1a31f05218e9851447cb7dd04927b4c3c4ec72bd8df767ce3d23cee0585152d24413b6d2622a53baebaecd66361e0599d
Score

3^/10
behavioral25 behavioral26
- Target
  
  oblivion/x64/Release/ImGui Lo.82212CF7.tlog/link.write.2u.tlog
- Size
  
  394B
- MD5
  
  daaa49f2ba950b3596e496809d58585f
- SHA1
  
  12fbc1dacc866096c830f90fe1260f59630f9310
- SHA256
  
  d60a6f2e6c20c9fa1ced320ae9428fd731b43bab3861cfba11849a4441c51d3c
- SHA512
  
  fa46e2c11db9b075ceb6650d6d023183b4bf2d6eac69bdd21b8114a0bdd122e14286470646e02c03a5260045208b63741aafb73428022b51dc3aa9889d4f8fe1
Score

3^/10
behavioral27 behavioral28
- Target
  
  oblivion/x64/Release/ImGui Loader Base.log
- Size
  
  3KB
- MD5
  
  420eb4244b19623558c5262ba90518a6
- SHA1
  
  a41ae0ebf9406e8695c29e8da5e1e91d47679368
- SHA256
  
  705218659150681b0a757c5cab35b9ccb1af526f90dc2c42e7a8ff5e54fa3f04
- SHA512
  
  b6beeed79f9c546e716a6f2700a08ef05bbc04795bf3943dd2f312b399106a97d755f0bf9a816f253dbcb408b074f9f0daebe5e498cd672c02d39f6b15055def
Score

1^/10
behavioral29 behavioral30
- Target
  
  oblivion/x64/Release/ImGui Loader Base.vcxproj.FileListAbsolute.txt
- Size
  
  233B
- MD5
  
  33b0be5b7a4a740a3f4b27b885e4aa32
- SHA1
  
  29040e2aa19bf22da6d21b4eeff14aa4d3c2c9bb
- SHA256
  
  1eea379071e9ae269c8a5ac7987bf440f239010968208a5b2a3e8deb806bbc6d
- SHA512
  
  8c352fc98bd62035e97255ce9b5cf5cabc36846362e853cc42e3cb9ae5a832d107fe6e28d69e1b1f2df059d1c5e6672c1179c261e3c532925919db13ee2a7f97
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32