bfc547b0faade13333723c2d613d681065880570c9c6887641526ab580b7d84d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

backup_win...10.zip

windows7-x64

1

backup_win...10.zip

windows10-2004-x64

1

LICENSE

windows7-x64

1

LICENSE

windows10-2004-x64

1

backup.exe

windows7-x64

7

backup.exe

windows10-2004-x64

7

main.vbs

windows7-x64

1

main.vbs

windows10-2004-x64

1

config.yml

windows7-x64

3

config.yml

windows10-2004-x64

3

Sharing

General

Target

backup_windows_v1.2.10.zip
Size

27.4MB
Sample

240419-v31yxsaf99
MD5

3bcf4312e675a852aafc57d101ef1a10
SHA1

e04a1c539ec9df980d69c33ffb6368647d566505
SHA256

bfc547b0faade13333723c2d613d681065880570c9c6887641526ab580b7d84d
SHA512

dfbec2d02a953d0ed3432b564f90ac5d1e01224c712e89efad042829d244a54d4a384f0f03f439a02bb9fb10b7a4c0b73c19b286fef8b995250a31c569abde54
SSDEEP

393216:cleX8tQz+eUu+WHXM6RK7Mv+bboz+J+LkSJ75Ayrw3jMacFTPPkJKLUNOuWzXrEP:cleX8twUubLiM+ZUkSJ75Aykjs7MsnXC

Score

7^/10

pyinstaller upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

backup_windows_v1.2.10.zip

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

backup_windows_v1.2.10.zip

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

LICENSE

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

LICENSE

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

backup.exe

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

backup.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

main.vbs

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

main.vbs

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

config.yml

Resource

win7-20231129-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral10

Sample

config.yml

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  backup_windows_v1.2.10.zip
- Size
  
  27.4MB
- MD5
  
  3bcf4312e675a852aafc57d101ef1a10
- SHA1
  
  e04a1c539ec9df980d69c33ffb6368647d566505
- SHA256
  
  bfc547b0faade13333723c2d613d681065880570c9c6887641526ab580b7d84d
- SHA512
  
  dfbec2d02a953d0ed3432b564f90ac5d1e01224c712e89efad042829d244a54d4a384f0f03f439a02bb9fb10b7a4c0b73c19b286fef8b995250a31c569abde54
- SSDEEP
  
  393216:cleX8tQz+eUu+WHXM6RK7Mv+bboz+J+LkSJ75Ayrw3jMacFTPPkJKLUNOuWzXrEP:cleX8twUubLiM+ZUkSJ75Aykjs7MsnXC
Score

1^/10
behavioral1 behavioral2
- Target
  
  LICENSE
- Size
  
  34KB
- MD5
  
  e62637ea8a114355b985fd86c9ffbd6e
- SHA1
  
  1eba7caf09a39110ad2f542e3ed8700d1a69c6d3
- SHA256
  
  230184f60bae2feaf244f10a8bac053c8ff33a183bcc365b4d8b876d2b7f4809
- SHA512
  
  714d66c4a17e6dfc1553521af2be03f4579fac64048c0b96c592177562b01fc70a8e184bb21725e11ef96a54bf466ae1abd4992b8940f0fe2c0859d6a166a2ef
- SSDEEP
  
  768:l7Y+tNdSz3ZlqXOWoInuzx3Y8N3WiYD9I:lVtNIq1uzZY1w
Score

1^/10
behavioral3 behavioral4
- Target
  
  backup.exe
- Size
  
  27.7MB
- MD5
  
  a49142418f2f305a43622c38db40a739
- SHA1
  
  74f0f4f880d57913986b42fff073e4a343b4ab5e
- SHA256
  
  96500feac0ecb51d9b546fbc960351b79ca8841ebbcdecebb25a913b3f0be3f9
- SHA512
  
  5f85fed73525b94af63d4088d09d9883a14da903ce6cac4ad0b4e743880a50d878b6a66828cc65d478b04343953c350343302a01707813dcee4d3ddd36061455
- SSDEEP
  
  786432:mZUdM3MQzJ3KBzcY87AwyKSuJJW81og1:m2M3MQzJ3K9E7AwykWcog
Score

7^/10

upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral5 behavioral6
- Target
  
  main.pyc
- Size
  
  7KB
- MD5
  
  5a97cc6abe08fd3bcd3a9c9557ef94e0
- SHA1
  
  8d619630d9c7a9df05f185b2c616c0c14d786398
- SHA256
  
  9ba7d3e3571b101a36d823fd64354ea366e269e07d7556988148ac07beb74656
- SHA512
  
  a7793d62c0fcd3c114e96072997d923a0058758804c0ead1a8362f4174d34f2613ad60ab08475237750d6413805f7619482e686d33628cdcbec7ca2b651bcd81
- SSDEEP
  
  192:QEcvvTy7Bnm+eMtA9aW9k6cJz2BJSy8YlWw4T3:+9aXpwJSybt4j
Score

1^/10
behavioral7 behavioral8
- Target
  
  config.yml
- Size
  
  347B
- MD5
  
  9eb68918f22787cb38251c06ef031362
- SHA1
  
  df5bd359ffaac23a658bd7b5a25394c83069ae50
- SHA256
  
  bbaa2d844df22d4e978e22fa1ccb9679776207aea187fe310d3acfa25f635be5
- SHA512
  
  5a055d0ae604d9b372d2652c659810cab94e9761c4ebfbf86da5f65ec44ddf818ab57b48f75e82011b9ec825dcc6385229e76988cb03b5c2fda0e16136d521b3
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

© 2018-2024

Terms | Privacy