081b2455cbf464eee43082d023137137eaf43b7a6e1f475feeb75b7cdaaa4cac

Sharing

Copy URL

Twitter E-mail

General

Target

081b2455cbf464eee43082d023137137eaf43b7a6e1f475feeb75b7cdaaa4cac.zip
Size

26.9MB
Sample

240417-bd6ckaag6v
MD5

7c9de4d2c78e006f11ad8f1c44966fb4
SHA1

93e54785137b1471ed7530ae0e8da5640dd0cdb0
SHA256

081b2455cbf464eee43082d023137137eaf43b7a6e1f475feeb75b7cdaaa4cac
SHA512

6463c5dcae47226146dddc159105ecaba762fcfb27c330f8d721e742d948a939c0419104d69bc0ee3812b1b0aeaa22fe8edfd75682f2707027c9f9d7adf98a5d
SSDEEP

786432:lBr8b3ZUrQ6cc59A8Y6/EW1H3XDPs1S693nokIuWjw:lqkQ6cGm8Y6nnTs1lnPIuWjw

Score

8^/10

Malware Config

Targets

- Target
  
  Sora - OpenAi v1.1/Sora - OpenAi Beta v.1.1.exe
- Size
  
  153KB
- MD5
  
  37932fd952d6d845927f25f42cb3c628
- SHA1
  
  d0d7e1b7cfb13a0999ef4c4733b83275a1de2440
- SHA256
  
  cb807472bb6d4d1113fcbc209d6a08fa80ff9e53c83b1aa37f9d6f549affd68c
- SHA512
  
  403dce223d9cbb4241f21a773cfc55501e4141b161c3ba60397c75d533c3abbd420a8f526f6aac7f2a0a5b7b91361ed013641f0d40afc00680428db3c1dbb49b
- SSDEEP
  
  1536:UJSV1Mq4KjdA0ejIB+7YeEsczbruUdwpiOpiq3hlV:UJKMq4KjdA0ejIB2sbbiUqhrV
Score

8^/10
- Patched UPX-packed file
  Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  Sora - OpenAi v1.1/WDSync.dll
- Size
  
  15KB
- MD5
  
  a0aae6000f5d7a2abc603afe54d284b5
- SHA1
  
  e31070d51d5b26b2d7816b751b2af70a75d60999
- SHA256
  
  12e633b25946133b8c6bdb12029a6705dbde6a0b58a8fb028dbc80697c2f14ba
- SHA512
  
  3eaa559fd2c7ab9f1554227db0556d68dab6eecf20475529f772370c3599ea1a245091c01130cc522b946cf005b43b7cdfb6d6ed1edbaf7fd56ed298ed011977
- SSDEEP
  
  384:sxXhv2UdFlm6KAEmIQ3j2l5IYlV1d49Ye8L7NGA:sBhv2U/Amj2l2Yl3sYlL7N7
Score

1^/10
behavioral3 behavioral4
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_bz2.dll
- Size
  
  64KB
- MD5
  
  2e83d3a008f9d9bf6c6785d4feba5c75
- SHA1
  
  cd634271c56ff3b6c4c141adadb724a581378410
- SHA256
  
  d1457076b72d629f0af7e98cd6fe5be4fb0b18fb9c15675f2995b4c5e88a8106
- SHA512
  
  09fd9dba3e625dc38ec4587478988252a2ad1916f395a6d84ade09ea1a5f6c2b1353f9cd80455c22d9a0a30285a197801b3dca29664dce43e125ede9f8f379a8
- SSDEEP
  
  1536:Y+cozxhzmyk0iNGsyYOUagW8CoekqwM3B34g/YocIoq3jSc0GGsSXif5a24ijyB1:YRoTzmykmf1d+/5s+xuv8Tfao1
Score

1^/10
behavioral5 behavioral6
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_com_dotnet.dll
- Size
  
  69KB
- MD5
  
  e6356bb0442e22f4c833c8f3faa12e54
- SHA1
  
  aa7867e7b0275e43b162a97ee9ff9417daa60887
- SHA256
  
  e7acc59480842e662351c2026f08ab67971ee33c34c663ce509a4c9473e643fa
- SHA512
  
  abdff0cac197d1fc73ddc74ce677556bd798e3e2c13f12eeb050785873dc43908f137d95f02f7eceac38dee39ed391b0b820837db97c7c0a96fa414c08ef7de1
- SSDEEP
  
  1536:hq0Y2tQjB+6/wUOQB3EXg2eQmtI79KB73pMN21R:hq0ntQjE6FzB3EZU73pMN+
Score

1^/10
behavioral7 behavioral8
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_curl.dll
- Size
  
  393KB
- MD5
  
  c8cce26e1f5c4ebcaf7d4f6f9cf6f994
- SHA1
  
  b174076a6b26e160954572c675cce067ba6582c8
- SHA256
  
  05c99429e208bc9f345c791e16dd3f68ec628186d64e2acbc7f2f6dcc877bf11
- SHA512
  
  a078e5c1cb37857a8e4f1f8430823466a30b51e22b1136afeb4542091e17c79e278a4fc081dac9ad0f85cfd18a63333aec39ec272b1cbcf78037b85af2fa50df
- SSDEEP
  
  12288:rSBvP5GSIn7jEIWIgFXR3js4ASneRKJ8TNrcP:WBnU6IgP3Y4ASxqTNY
Score

1^/10
behavioral10 behavioral9
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_fileinfo.dll
- Size
  
  2.7MB
- MD5
  
  f53c9423bd798be924215b6d50dd57e1
- SHA1
  
  3453ae45f830d878825e739d1364dd8d9c657c6d
- SHA256
  
  1132e7e1cd973f0d44da001bc64ac36a061b69192c9d8ea175cd73e94100bcc0
- SHA512
  
  3b8e773321820e0a2e18532692ed027756e2c28ff2452c0e35caf3554e55d8a5510835be6916befd5cce74ea63b40c986e67f9251c722f5a7748a5795ef1a37e
- SSDEEP
  
  24576:Im9LJdTBxc/L5hVVBtGK8+cMaWKO+TWthXu6tqasKvNdPgsD7Hyeca4:
Score

1^/10
behavioral11 behavioral12
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_gd2.dll
- Size
  
  1.3MB
- MD5
  
  6b5a11b8724dbb00f921d0d3adddc0f8
- SHA1
  
  16736b897a691c1298eca0a9df70a82eac69c7f2
- SHA256
  
  ddc10933f9d057fbb929f59997f5913182ce928dc8ffad8963eed74c2ef50256
- SHA512
  
  729c2cea71d89177473f738e0b342817ce12508dde857b5eb1226ab7fb90d4c64a777a9ed04b083ce57c9129da916e062b1084ee93058593e99487ae4eab4da0
- SSDEEP
  
  24576:DYRTpO+VefFtu/olxF/7AhMDMo+qeLdeYc4w8/sXhaLHZM+o:eKLU7hS+HgYc7B
Score

1^/10
behavioral13 behavioral14
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_ioncube.dll
- Size
  
  779KB
- MD5
  
  c57d5f4ec2992e6b06e891d09dcc3e32
- SHA1
  
  f1627024fe4a922a43e2163d77da987918635ca7
- SHA256
  
  4b6f679ab3da317ee310d5bd482b41a77f5ebf1fc0d514d3595c3d16db6e7327
- SHA512
  
  ed30da1c8950865c380b6d13468af1075e4161a052199ea77d071851d297c14c041e082377935d5a8deb3807df6a6bb375c63d3f017c91b425b63a22c82f6151
- SSDEEP
  
  12288:8g63h4h0gJBCq4l8D2HVoiFMAIW08gsMJJiJKoRMYBmXml:8g6R40wI8D21onA8DJioXXml
Score

1^/10
behavioral15 behavioral16
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_mbstring.dll
- Size
  
  1.2MB
- MD5
  
  91e97c0ebbe5a7053b9396b1e376283d
- SHA1
  
  1906eae6644797e905a1f54c558e83c550440320
- SHA256
  
  6653e52f3a7d12afc5e1d5922a73d56a9d914864a1f882004e986ea210005b61
- SHA512
  
  3e4e03e4932cf3cdadbc29f0163e81ac430f94e4497f805b31cd0ab12e3975f8152347b78ab1efe1a1feb24101925e671585b8d7080316ac86f4a6d78de9e790
- SSDEEP
  
  24576:iWObDO6zJAgrbNn1XHOOBuqtzfnjEzPLmo3jK:PuDBrbNxk0Ln4PL
Score

1^/10
behavioral17 behavioral18
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_openssl.dll
- Size
  
  86KB
- MD5
  
  7b404ba96f7f535fee77b97e0e45de2c
- SHA1
  
  3fa2897c6af4d9e2fa7d88748220816cd50c9e06
- SHA256
  
  673596e0945d61b3f5ff71d293ff8c2cc38464142bdde00387a87ea9af646aed
- SHA512
  
  10368f80234a6d7330616dc94d35238aa3215b3ae95e26ba5cde54eb2d99ce5585a138e2c8f97f52713809199eb15bf7b3555dd92ec9be0dbde0cabd118eb30f
- SSDEEP
  
  1536:wBjKeiGqhbnC6362A9onu6LfaxWfVLtuqr9mXHijWMLFIaTBPzE5qEBdzG6gQq7X:wB+JVnC2cLx6/0XHitSqj57Txh1M
Score

1^/10
behavioral19 behavioral20
- Target
  
  Sora - OpenAi v1.1/__MACOSX/ext/php_pdo_sqlite.dll
- Size
  
  475KB
- MD5
  
  233fa83055777dfc5602c15e049e381b
- SHA1
  
  d0d5bb591515a1a96e1acd486741c1b041517377
- SHA256
  
  8b46ab99dad214f30ff11daf08d6b77041165875a04b3d4dc16cdfcfe73ca625
- SHA512
  
  401143a7770e429289980b5ef072a630d3246806e77fcbcfa86aef1abbb447aa7b15b29b7a467824580f8c4c2de4ff897c8ed70386f965514ab309cdad14a5d0
- SSDEEP
  
  12288:ffAkBzZJikaM1DRUTVPZU9OdG+3Sp0J2v4/ULzDpwHUNxQm8e:dnJjaMV2hxQIt3dJ2mULBwHUNL
Score

1^/10
behavioral21 behavioral22
- Target
  
  Sora - OpenAi v1.1/__MACOSX/libeay32.dll
- Size
  
  1.2MB
- MD5
  
  d02143376cdea15b313a398a4caf3735
- SHA1
  
  6ed82e6c999974154cccd1b0809e518bf234eafb
- SHA256
  
  fe5ceefedcec83d40bd63a7cc2d4ae4012b3f59f1098638056fdc1a477d405f7
- SHA512
  
  d9e9e547e21bf3ad0f4474e0d05132c36d4865b8e796dfce888b9f81f5332e3dfe9126988dce938564f1030d069f30d4b912285205f77977c1b4bfee68707624
- SSDEEP
  
  24576:x1EIUsgnWi+3YhVl/lISyzMwIxboqM//+CsUwGBUgPrNg3tPP7NrhPMLwX/:1gnHc/MwI9oLjVjNktPP7NrhMLwX/
Score

1^/10
behavioral23 behavioral24
- Target
  
  Sora - OpenAi v1.1/__MACOSX/libssh2.dll
- Size
  
  163KB
- MD5
  
  73f95c1b2a23be7a80aa75250b8f25ad
- SHA1
  
  20dcce600d126479bd2f0226ae4b8981ee1f147b
- SHA256
  
  ed0db696c2ae8b896eab6fd8c71e5fa4c88e6a90b98fffc354593288d59fe119
- SHA512
  
  5ee88e0b0215dc7c970e085068f24baf3d7d1df247e7ed56d052dfa20d7dfd603353f036daa0d60e1514277e27d49449fbd9708a5e1c690eb1b90699e7f0e42f
- SSDEEP
  
  3072:n0GqDrIKZruzzO3K0n/fpti2qZhZNTBf5s5G/3:n0kKNufE/fpti2qZhZNTBRsQ
Score

3^/10
behavioral25 behavioral26
- Target
  
  Sora - OpenAi v1.1/__MACOSX/msvcr110.dll
- Size
  
  854KB
- MD5
  
  4ba25d2cbe1587a841dcfb8c8c4a6ea6
- SHA1
  
  52693d4b5e0b55a929099b680348c3932f2c3c62
- SHA256
  
  b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49
- SHA512
  
  82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6
- SSDEEP
  
  12288:TmCyHcMpK7QdgD+9Tr8r3FmJciMgLFWkA8qTWu+FVlofpJCjNdr12iqwZeq:TmCyHNIQdTryVmCipIkqTWu+Fr
Score

3^/10
behavioral27 behavioral28
- Target
  
  Sora - OpenAi v1.1/__MACOSX/php.exe
- Size
  
  63KB
- MD5
  
  a1fe2fe70b38f91230cb5f4ca22b2c0c
- SHA1
  
  736bb400f69925493e4fb573e7222ac483ec3b32
- SHA256
  
  702d09e982e2af6bf5d828bb1d27bd3a48efcab7cf8837b023953354c4026550
- SHA512
  
  1cea0f50aceef5240c096bebf0d58f48e8b6313d71b0dd230b6aa465678e650c91e8e3ccecb7c73f7dc0c4a81eef5c3d14dbea1139543e2907ccca9e31d85dc3
- SSDEEP
  
  1536:KvLTGH8bOOZNrOOoeG3Fhdq0VQCs4H35ECTI:wOHUNrSeG1rqyaS35VTI
Score

1^/10
behavioral29 behavioral30
- Target
  
  Sora - OpenAi v1.1/__MACOSX/php5.dll
- Size
  
  6.7MB
- MD5
  
  0f9246f67611db06b9082a03e2680aba
- SHA1
  
  12d3ab77f06921aa9d7ebeda5410cc34455df7fa
- SHA256
  
  36179be42a85e363099ab57852f6fd1cd12e602e1475841ab169d13fc8955065
- SHA512
  
  d10d35febcbf0c036ae12be57cb168841e47f8f171a65b8b11ee625ced9ff0a33fcaa6467e690f8e9880bf8fdbb0f3dd77f5740453fea06ca8292dfdae86f0aa
- SSDEEP
  
  98304:shtl0ess7frbkTMxA077IafPxZA77VnKoGkK+ZW8eXJOM5xOkCJAumkDvJrKBAUp:Wrb0077IafPxZ8VBzJrKVO
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Patched UPX-packed file

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32