8a0cd0d9e7eb2ff12107ac3e78acc36e7065a82650b32557ceabb67c86c760ec | Triage

Sharing

General

Target

colorbot.rar
Size

54.3MB
Sample

240419-a4n1jacf41
MD5

321f4ef1c593c76502ad73da3628776c
SHA1

f4b502edaa1a1167237eb878f536dbcd392ae11b
SHA256

8a0cd0d9e7eb2ff12107ac3e78acc36e7065a82650b32557ceabb67c86c760ec
SHA512

22d370b82749529650e31f8bf9ab81a1bcc776022b574be17b58dd408f3b0404c1f8a54a6fa1fe5c59d13167abc20356f7e89d4deb47755a04ea62a2d5e441d1
SSDEEP

1572864:7OHCTKkfv2a1dEsMDN7kJX3Rj702cePqXBt/jN:aOKkfeaT07kJxFW3Z

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  colorbot.rar
- Size
  
  54.3MB
- MD5
  
  321f4ef1c593c76502ad73da3628776c
- SHA1
  
  f4b502edaa1a1167237eb878f536dbcd392ae11b
- SHA256
  
  8a0cd0d9e7eb2ff12107ac3e78acc36e7065a82650b32557ceabb67c86c760ec
- SHA512
  
  22d370b82749529650e31f8bf9ab81a1bcc776022b574be17b58dd408f3b0404c1f8a54a6fa1fe5c59d13167abc20356f7e89d4deb47755a04ea62a2d5e441d1
- SSDEEP
  
  1572864:7OHCTKkfv2a1dEsMDN7kJX3Rj702cePqXBt/jN:aOKkfeaT07kJxFW3Z
Score

3^/10
behavioral1 behavioral2
- Target
  
  colorbot/aimsource.exe
- Size
  
  54.8MB
- MD5
  
  93e69cc53eb8c3d032f202b011c303cb
- SHA1
  
  0cb7b7a76b79d5726b317a6578ea462899dd3fae
- SHA256
  
  69cb1f25fbb76e6c9d80f08b51418480f712a471ce2ac67fdb8af82cf53cc1a6
- SHA512
  
  741970015d29416a3e9b2506359df346c1ad5e530df8cca050a1870841f5113bc78154ea78b3fa281d123b6545a17381c2725f44e1ec2a4f7eeb54ac9ff9b056
- SSDEEP
  
  1572864:CMFP/V4f6Gj53ikjt4jRq2GqFOPV5Yi22qHWB75iUHS5n:zt/VG6RmtCRlGPrw2qHO5in
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  aimsource.pyc
- Size
  
  11KB
- MD5
  
  e8fdc0a0583b7f30231890da1b135db4
- SHA1
  
  5fd543d5348677d8b6657d1d4103527887e98003
- SHA256
  
  987b909166984b8209d0c18e90e516b862930ebd29817dc51f7f359b181c9c59
- SHA512
  
  a464c88044a42a348936eb6729c415192b744a480f18e3a85fc2f42ac4ca7ceb7bc84394e7d50dee3ebebf495dba2cd12c6c12cefa79b9167b07dad388325ad0
- SSDEEP
  
  192:dQgey+cYahH7tR+NTBLJsGOxRapQj+9z0gqWNwoj4YyS88tBN14L1xcNi5RDecbW:6PyOaRv+DLJHwoj4YV88tBNw1x95peca
Score

3^/10
behavioral5 behavioral6
- Target
  
  colorbot/config.txt
- Size
  
  2KB
- MD5
  
  a82ab714be7a38eeb6e3cb4d09e46a1c
- SHA1
  
  d15e37b075c6c9f82659557ff734add03b441186
- SHA256
  
  ef55578fbe6ac256ed4633b1a8fd543ba3ca74bb4de5ebb681aa944b29428e17
- SHA512
  
  d641944b00ba6b1dbe3e1ea0dbae3793c54eef6577b4e3ec911e111089072fda938360ac9c9ec3964b4dd362cbfea85d66222cd459e98fa7275ee7539bb89897
Score

1^/10
behavioral7 behavioral8
- Target
  
  colorbot/keybind_list.txt
- Size
  
  889B
- MD5
  
  e8c3de689dc6a04cf52b3fc2e33f0aab
- SHA1
  
  a588377a5474574588af6e0469e74ca02000c5cc
- SHA256
  
  a755aa88fbfc896c505d8bd81bff8983ad21cfaa792fc91088b2e00a0898c6c0
- SHA512
  
  4097639ef05ebef55b771211d99a293c5bbbd2cc2ed5863f320cd514536636ae434790245a63eaa430bd2d1f05de1ee7920c6351c4f16cb89816942bb2332441
Score

1^/10
behavioral10 behavioral9
- Target
  
  colorbot/lastlaunch.txt
- Size
  
  1B
- MD5
  
  cfcd208495d565ef66e7dff9f98764da
- SHA1
  
  b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
- SHA256
  
  5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
- SHA512
  
  31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12