Overview
overview
7Static
static
3backup_win...10.zip
windows7-x64
1backup_win...10.zip
windows10-2004-x64
1LICENSE
windows7-x64
1LICENSE
windows10-2004-x64
1backup.exe
windows7-x64
7backup.exe
windows10-2004-x64
7main.vbs
windows7-x64
1main.vbs
windows10-2004-x64
1config.yml
windows7-x64
3config.yml
windows10-2004-x64
3General
-
Target
backup_windows_v1.2.10.zip
-
Size
27.4MB
-
Sample
240419-v31yxsaf99
-
MD5
3bcf4312e675a852aafc57d101ef1a10
-
SHA1
e04a1c539ec9df980d69c33ffb6368647d566505
-
SHA256
bfc547b0faade13333723c2d613d681065880570c9c6887641526ab580b7d84d
-
SHA512
dfbec2d02a953d0ed3432b564f90ac5d1e01224c712e89efad042829d244a54d4a384f0f03f439a02bb9fb10b7a4c0b73c19b286fef8b995250a31c569abde54
-
SSDEEP
393216:cleX8tQz+eUu+WHXM6RK7Mv+bboz+J+LkSJ75Ayrw3jMacFTPPkJKLUNOuWzXrEP:cleX8twUubLiM+ZUkSJ75Aykjs7MsnXC
Behavioral task
behavioral1
Sample
backup_windows_v1.2.10.zip
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
backup_windows_v1.2.10.zip
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
LICENSE
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
LICENSE
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
backup.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
backup.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
main.vbs
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
main.vbs
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
config.yml
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
config.yml
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
backup_windows_v1.2.10.zip
-
Size
27.4MB
-
MD5
3bcf4312e675a852aafc57d101ef1a10
-
SHA1
e04a1c539ec9df980d69c33ffb6368647d566505
-
SHA256
bfc547b0faade13333723c2d613d681065880570c9c6887641526ab580b7d84d
-
SHA512
dfbec2d02a953d0ed3432b564f90ac5d1e01224c712e89efad042829d244a54d4a384f0f03f439a02bb9fb10b7a4c0b73c19b286fef8b995250a31c569abde54
-
SSDEEP
393216:cleX8tQz+eUu+WHXM6RK7Mv+bboz+J+LkSJ75Ayrw3jMacFTPPkJKLUNOuWzXrEP:cleX8twUubLiM+ZUkSJ75Aykjs7MsnXC
Score1/10 -
-
-
Target
LICENSE
-
Size
34KB
-
MD5
e62637ea8a114355b985fd86c9ffbd6e
-
SHA1
1eba7caf09a39110ad2f542e3ed8700d1a69c6d3
-
SHA256
230184f60bae2feaf244f10a8bac053c8ff33a183bcc365b4d8b876d2b7f4809
-
SHA512
714d66c4a17e6dfc1553521af2be03f4579fac64048c0b96c592177562b01fc70a8e184bb21725e11ef96a54bf466ae1abd4992b8940f0fe2c0859d6a166a2ef
-
SSDEEP
768:l7Y+tNdSz3ZlqXOWoInuzx3Y8N3WiYD9I:lVtNIq1uzZY1w
Score1/10 -
-
-
Target
backup.exe
-
Size
27.7MB
-
MD5
a49142418f2f305a43622c38db40a739
-
SHA1
74f0f4f880d57913986b42fff073e4a343b4ab5e
-
SHA256
96500feac0ecb51d9b546fbc960351b79ca8841ebbcdecebb25a913b3f0be3f9
-
SHA512
5f85fed73525b94af63d4088d09d9883a14da903ce6cac4ad0b4e743880a50d878b6a66828cc65d478b04343953c350343302a01707813dcee4d3ddd36061455
-
SSDEEP
786432:mZUdM3MQzJ3KBzcY87AwyKSuJJW81og1:m2M3MQzJ3K9E7AwykWcog
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
5a97cc6abe08fd3bcd3a9c9557ef94e0
-
SHA1
8d619630d9c7a9df05f185b2c616c0c14d786398
-
SHA256
9ba7d3e3571b101a36d823fd64354ea366e269e07d7556988148ac07beb74656
-
SHA512
a7793d62c0fcd3c114e96072997d923a0058758804c0ead1a8362f4174d34f2613ad60ab08475237750d6413805f7619482e686d33628cdcbec7ca2b651bcd81
-
SSDEEP
192:QEcvvTy7Bnm+eMtA9aW9k6cJz2BJSy8YlWw4T3:+9aXpwJSybt4j
Score1/10 -
-
-
Target
config.yml
-
Size
347B
-
MD5
9eb68918f22787cb38251c06ef031362
-
SHA1
df5bd359ffaac23a658bd7b5a25394c83069ae50
-
SHA256
bbaa2d844df22d4e978e22fa1ccb9679776207aea187fe310d3acfa25f635be5
-
SHA512
5a055d0ae604d9b372d2652c659810cab94e9761c4ebfbf86da5f65ec44ddf818ab57b48f75e82011b9ec825dcc6385229e76988cb03b5c2fda0e16136d521b3
Score3/10 -