Overview

overview

7

Static

static

7

Release.rar

windows7-x64

7

Release.rar

windows10-2004-x64

3

Release/Bu...re.dll

windows7-x64

1

Release/Bu...re.dll

windows10-2004-x64

1

Release/Bu....3.dll

windows7-x64

1

Release/Bu....3.dll

windows10-2004-x64

1

Release/Di...PC.dll

windows7-x64

1

Release/Di...PC.dll

windows10-2004-x64

1

Release/Loader.exe

windows7-x64

1

Release/Loader.exe

windows10-2004-x64

1

Release/Lo...xe.xml

windows7-x64

1

Release/Lo...xe.xml

windows10-2004-x64

1

Release/Loader.pdb

windows7-x64

3

Release/Loader.pdb

windows10-2004-x64

3

Release/Si...UI.dll

windows7-x64

1

Release/Si...UI.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Release.zip

  • Size

    3.5MB

  • Sample

    240418-p9fcxadh93

  • MD5

    2794166c9ddcb72846c4d9967feaffd7

  • SHA1

    1b3878c15a1688a417b3a859dbf36b80f67f945e

  • SHA256

    275ea14a7479b277d772617a5effe9739a0c1fa7884cb1fb82a23c8607bd2b2d

  • SHA512

    785a4613788d608a817056b7cf4d2f5dc826697e1826b0af770c82dcce7e79266d04c0fbc83fa2c223ee410f3ebdba009ba81976cc62c1fe9e74c0a262be4376

  • SSDEEP

    98304:Oh9fwTagPOX93KSEpJdZAnQ2Cw8p1PLiJNM9BLLmvIh8Bf5:O3c7ON3F4PZAQY8DBNoIh8Bx

Score
7/10
agilenet

Malware Config

Targets

    • Target

      Release.zip

    • Size

      3.5MB

    • MD5

      2794166c9ddcb72846c4d9967feaffd7

    • SHA1

      1b3878c15a1688a417b3a859dbf36b80f67f945e

    • SHA256

      275ea14a7479b277d772617a5effe9739a0c1fa7884cb1fb82a23c8607bd2b2d

    • SHA512

      785a4613788d608a817056b7cf4d2f5dc826697e1826b0af770c82dcce7e79266d04c0fbc83fa2c223ee410f3ebdba009ba81976cc62c1fe9e74c0a262be4376

    • SSDEEP

      98304:Oh9fwTagPOX93KSEpJdZAnQ2Cw8p1PLiJNM9BLLmvIh8Bf5:O3c7ON3F4PZAQY8DBNoIh8Bx

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      Release/Bunifu.Core.dll

    • Size

      2.5MB

    • MD5

      d9f830dffedbb2bc371fa60784c01221

    • SHA1

      d6a778249e05ee04c2e5e386c31f88598338ab84

    • SHA256

      5f72650f6d3a4a9b77bcdd74159282fcf724bd34afb989df6b6e075ea1dd6bc3

    • SHA512

      e8e7c712638e0aace109e0587cc4421697e1c6cacb64ff5d56efbe570615d72e72b5dd3afadd468e59116b1ed1326b25c459d5f2110b9d643bfca750825efd61

    • SSDEEP

      49152:9mTi+XhlhlFZ5vG+2PkuAc1B/xWCcieUuebO0Syigfihlh5:9azHb9LcFW5ifLq9yigKhlL

    Score
    1/10
    behavioral3behavioral4

    • Target

      Release/Bunifu_UI_v1.5.3.dll

    • Size

      323KB

    • MD5

      e0ef2817ee5a7c8cd1eb837195768bd2

    • SHA1

      426ea1e201c7d3dc3fadce976536edce4cd51bce

    • SHA256

      76e1d3ec95fdef74abaf90392dd6f4aa5e344922abf11e572707287d467f2930

    • SHA512

      5ad95dd7f0e712d543acfe7fd4539695f7e894988c0a2c44231c43e5ee29e743cb1ffe6bdf1fbdbdcfd3aa374f036113bcc6a1befd0114954093520bac47234c

    • SSDEEP

      3072:cF7t/92eSp+nuthzYeSRwwdrmMaXyXL5NQKCZIWD144HcH0CbBxyKfoYA05bC61h:eOthMswV7aXyXLSO4HcHByY35b9DYr

    Score
    1/10
    behavioral5behavioral6

    • Target

      Release/DiscordRPC.dll

    • Size

      84KB

    • MD5

      696eb4e3427fb28b1b19465ee9609037

    • SHA1

      d35b5c6d4bf4dd15efe73bf5684642170ba64e88

    • SHA256

      db2e9346343257ba243adf620630f223dda14117cef4159228660395065e17a5

    • SHA512

      a8ee6a772e56642a6f0710c02abf20db024cd9c0c380f776cc1eeb8c16cb685814c2b4a58a8dfc29211b26c54666c415285ac2944ceb9f584964b7d3758cec78

    • SSDEEP

      1536:qsettJkKPb2F2xqXl6C4owjL++mvxsSFaLCj:qsAJkibG2xqX/4xjC+mhaLCj

    Score
    1/10
    behavioral7behavioral8

    • Target

      Release/Loader.exe

    • Size

      2.0MB

    • MD5

      6b39e8ac3dc84b7364e941897a0aea33

    • SHA1

      f5bb05c5edb1e2309318646cb566cc2f7dcca9b0

    • SHA256

      1142fce9c3308f4937ed1b3e84a603619c1ca6eeeee3310aa2304c4f54e61d24

    • SHA512

      bc13e28c7ffbd710eb570f9cbefab569891d96ca38c79ebb9e0e340d2deecbde51085045be8eb03289c8c916fa012983fe3fe11823564cbcee7d90d782ca9576

    • SSDEEP

      49152:k3p373Vy68bIO5YbCsKm8uVxHTt+n/CknSDwAOU3:k3p373c68lY2mzEn/He3

    Score
    1/10
    behavioral10behavioral9

    • Target

      Release/Loader.exe.config

    • Size

      1KB

    • MD5

      c0911d7b16e774d79b85d170e367dfee

    • SHA1

      36761b772e82f4f7cef9f92c8290e7bb5ae05695

    • SHA256

      0f5b7f517b6f7858b412996be3777073e46059c40d5334ce9e3b5e5c2c62dbe0

    • SHA512

      e1078d5688969ee4b54e00994e6f84a1ed1153ea2749028000ed0403c3303fb00f7291e220991a61b44673fab1189e088008345c458fdca0e0b4c642b19d6007

    Score
    1/10
    behavioral11behavioral12

    • Target

      Release/Loader.pdb

    • Size

      125KB

    • MD5

      117ce9ff2ad21c33ab9d05a24200d575

    • SHA1

      98e23df0954e04c10989ec9f9bdf95cbdc6e9f5d

    • SHA256

      69f1fab7fe19d06adcbdb24ae16f6d4a6eb7270b5d9ad6774c460ea859ba3944

    • SHA512

      46a816529c60e25ad1d7288540b52c596cbf98c371b9e84cb060764d0049746b44f486e6daed919892e4707faabf743787ae498c223fb6f22caa5acfba77da10

    • SSDEEP

      1536:limPEdfN2jmmvBap8SZA8+www9kjOqTGIgwxzsgm0T7wxzs:lw98jmmvYI7jfGfwxYM7wxY

    Score
    3/10
    behavioral13behavioral14

    • Target

      Release/Siticone.UI.dll

    • Size

      1.3MB

    • MD5

      750c58af2e56b6addecffcf152520ab8

    • SHA1

      14995e7f1d12498606d9d209d78d55fe6fd87802

    • SHA256

      27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26

    • SHA512

      2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5

    • SSDEEP

      24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb

    Score
    1/10
    behavioral15behavioral16

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

2
T1553

Install Root Certificate

2
T1553.004

Modify Registry

3
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks