a1ce1dd3197b1292599010cf09eee2d15a367be7f642ef65c26f6e48eb00a242

Sharing

Copy URL

Twitter E-mail

General

Target

171a1a1e4c64fbe3ab3fa54cb94f77f4.zip
Size

4.9MB
Sample

240425-mvjexaaa5w
MD5

171a1a1e4c64fbe3ab3fa54cb94f77f4
SHA1

8365395d72138f764f7d2a6d7fd361868233e3da
SHA256

a1ce1dd3197b1292599010cf09eee2d15a367be7f642ef65c26f6e48eb00a242
SHA512

775290dfef6e9fcfed208becb17c809f12578d27c1822d433d65a36b3fb607a2a31d3b907fbc2b65fb2147c94bad0756baf41f72f4f996126cb5265c0fd37f6c
SSDEEP

98304:/mEXIrun/uAeEIrifhpqiqZzn/LEex0JO73uvuLnbz4tFB+nW/dfn247vtmmJ1zA:nIK/uElXwZjLEex0JO73wuLbz47BKoud

Score

10^/10

antivm linux

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://nodejs.org/download/release/latest-v19.x/win-x64/node.exe

Targets

- Target
  
  Execute.dll
- Size
  
  56B
- MD5
  
  529cf04db0f736467c7583ea80c3aa66
- SHA1
  
  7628148337b1d3d700c8151f76a1595b6f5123b8
- SHA256
  
  67642e56281bc4aa846689bc725f8fcc76e61c20831aa4f7e2e0c8cdba17e520
- SHA512
  
  f612b12e1a7c2021f6c2723fe57f23aba3d1b6588f080dd67e48dc44eeaf88455e4bc6bf9caed088c63c3fb019ad8696eeb44e7bb09f8c81638779f4658ef6d4
Score

1^/10
behavioral1 behavioral2
- Target
  
  Framework.dll
- Size
  
  520B
- MD5
  
  6a08392ecf95df7fc91917dcfaae8da6
- SHA1
  
  480f6a5c761e1a069c0d68f5ac2aabf727791393
- SHA256
  
  0a572ee5508d9310936801a04237d56f118dff4dbaa98f60070988cc4b8ca460
- SHA512
  
  d70c436183a9c6f6d4ce9296dce846f94cd12d7fbb76b24e59d88a77349a95a7a0d6ad8f9f4ffc32a98618b3250e0d35e4cf9ff1e711f4e63ffee425597dfc5e
Score

1^/10
behavioral3 behavioral4
- Target
  
  app.js
- Size
  
  373B
- MD5
  
  3f5daf5315fe8b83fdc8a6d0265008b6
- SHA1
  
  4a08dd25e8fbb547c23e888e3dd009910cdc3cc5
- SHA256
  
  46286370fb97d1b63b3b9ee3b79e8bb0b5072d6e17d11470592e1e0d8586e0c6
- SHA512
  
  93f2700a5e7d5e4b9da7aeb470d261f38a76a54f2bfeb08657bfc5a8f05ce3d583dda2790e441e62acc5de9594fe745f3ae0a6de74564776978c88aadeee86f8
Score

3^/10
behavioral5 behavioral6
- Target
  
  basta.js
- Size
  
  377B
- MD5
  
  38affda935585ad2ddc0abe0a906f404
- SHA1
  
  8379070ec3e9b448499c53c6244c815bc566cf59
- SHA256
  
  f1c6fbb11607690d7de83308bb65b7fdd0679591c2fc5bc927820b654a483eaa
- SHA512
  
  0520a8d53a2bc686a87c530680afa2f12eab198316e3d7419f472515bac0b0d2a3c891b0e4f3112b1f382d799f4655aa06624c57f06c2bc1cc3161ff06aeced6
Score

3^/10
behavioral7 behavioral8
- Target
  
  get.js
- Size
  
  10KB
- MD5
  
  e2bc3600ad058e027ace3294ce01586d
- SHA1
  
  292aa8885f06a5ceeab9178db111f5f490e7f70b
- SHA256
  
  89bc4198cca19c7caa04186e8209223aa0b56efeac5fbb9235bbdb889cf69297
- SHA512
  
  971a1fe6f03060e95c56556942f5d70043f30992e40105b742af0cbbef0ad51096fc35e529dfd518ce5ffe7678771dfd9792868b1f37dcc9af34e598675f4e46
- SSDEEP
  
  192:xwdN/6RnS38gFet4mJ+3ywKaloEli2F2s2s2A2Qj6QkOObv2NonSyjHMsrk0zH1v:mdNanElra2F2s2s2A2q6QkT+NonSyjHL
Score

1^/10
behavioral10 behavioral9
- Target
  
  invoke.dll
- Size
  
  6B
- MD5
  
  b9376e9e3c4d48f5e35a3f355ae1f74a
- SHA1
  
  c65605adf5270f5065089b0189da542274d30db0
- SHA256
  
  90092e5fb861dd4ff34fa20f4b31ca44ebbb3bc367a8d7a35b89a7f89c793fa9
- SHA512
  
  5560101edb289c4a86476bce55648324ef188ff1e2d879a1a3bc10c1298aa643255c35d16a984f30d624fe9a87306304eaa14179863001ddd6e264e8bba17591
Score

1^/10
behavioral11 behavioral12
- Target
  
  load.dll
- Size
  
  4B
- MD5
  
  f19dbf2edb3a0bd74b0524d960ff21eb
- SHA1
  
  ddcb77ff769ea54ca622848f6bedd4004fa4f4fa
- SHA256
  
  8a6bdb6b18da586fe7f2acbd8f1055533f2cd97a3681b3652bcd712224df45c3
- SHA512
  
  f0419117db6330f52eba6e7ef08a5cb096fdb02a40b1dfe4f28dd57791a11b6753e4db0fb63e1c4a22293584dc61908a8e2e99dc59a07f805e097c723329d216
Score

1^/10
behavioral13 behavioral14
- Target
  
  method.dll
- Size
  
  9B
- MD5
  
  38b97710070dbdd7b3359c0d52da4a72
- SHA1
  
  4ce08d2147c514f9c8e1f83d384369ec8986bc3b
- SHA256
  
  675f06af4e7f254d55ac605bbd7da45d9e00207a97f8a8ab7bb747d512776bc7
- SHA512
  
  b11cec0f21dec871163d6c254850d3f807ecc4ae726b143a0c4667a25c3a3fe9283aee3f6850a2389fdce3d20f41d9c3d30f4768171137d6bdc1355a2116189c
Score

1^/10
behavioral15 behavioral16
- Target
  
  msg.dll
- Size
  
  130KB
- MD5
  
  68c0ac68f6104f85261284155e5b2a5b
- SHA1
  
  5a671a50eb4409b9f588d2f32ff450bf228ebb22
- SHA256
  
  3d9d3f0c8ab81532f29a46f0632d0cf80e0b51fec5eeca00cda2e4369e4abb4a
- SHA512
  
  1bb7726a21da860df7dcc5d046e506dd5a15adb8f2bd90cf88b0e9fb71fd36b1437252ea78ea362c884d0989be4c2c0de9c6cd0e822b634e4e94cb7221ec8486
- SSDEEP
  
  1536:BGGezQGLQuIMSR7y/kTz7naAA/BfoFN1JkPSjYkhB4+Yxh7zqUSirroCa2HQb2sr:ko6AplfcH+Z
Score

1^/10
behavioral17 behavioral18
- Target
  
  node.bat
- Size
  
  3KB
- MD5
  
  1beb518fe0cd85f2d6f9101c2e47c7ae
- SHA1
  
  65ab6ae5b983633f60a4404636c0de19b2c529fa
- SHA256
  
  81ae13af20a68b407c4171c498f5140f51d8f0d9cf5bf4ddcf989112e3d31297
- SHA512
  
  880534df1232044cf1cfd5dc83a3d170eac46093c8f38b19e20967cb6b2c5020994d1f3113e72a4e73917ae6f9701c4a08f57f8ebec2471e35a9111362115d5b
Score

10^/10
- Downloads MZ/PE file
behavioral19 behavioral20
- Target
  
  node_modules/.bin/crc32
- Size
  
  308B
- MD5
  
  a708a9c956d6684e5f0b34ab638d1f3f
- SHA1
  
  f6afc28e6be725a561743da9637d26495d7386b0
- SHA256
  
  0d56e35268bce01a4fe268df882e74187ada9034b7b18880637d6811ed3e5a29
- SHA512
  
  e717e3ad37ad04ad37302cbe68faf1883f10093929cb74ac878bb8e01bea2701d8208b7ad17587b2ec163d499d0a9cee1f377863d3165937350ebad439863b54
Score

4^/10

antivm
behavioral21 behavioral22 behavioral23 behavioral24
- Target
  
  node_modules/.bin/crc32.cmd
- Size
  
  325B
- MD5
  
  2a65cf179fbf1729e459e419ff3f4731
- SHA1
  
  1b6c680ef55f5d69cb74d7dfb5514f4431fb4a68
- SHA256
  
  621d4424413d2b1482d5d1cfbff969289650c6ea2aa867d24b90102555b284f5
- SHA512
  
  c122892802d9d3cca69a0d4b57d2cc77daccb460e1d921c995fa96b96ac5f15b9c2e4df6c799022bc6ce26fab1f321f1dd06cd1d0d19ddbdf9ca9897a59e0db9
Score

1^/10
behavioral25 behavioral26
- Target
  
  node_modules/.bin/crc32.ps1
- Size
  
  805B
- MD5
  
  63af27d0ca694253ef7cf78d0603f717
- SHA1
  
  fd7ee6c609b6c7fb5f73ff929e885450997cf36e
- SHA256
  
  b532cdc96c232ea1322754d8b417fbaa02837270cf4935ccac1bb31a27b59b0b
- SHA512
  
  b620d871c655d44e9291dec91bcb40aa3bf9bd3d55e1a0ea7df9e958138f89810c37ae0665595d6b2efd52fa1e77905fe227c6c6bfcf741025779c1d36019e96
Score

1^/10
behavioral27 behavioral28 behavioral29 behavioral30
- Target
  
  node_modules/archiver-utils/file.js
- Size
  
  6KB
- MD5
  
  7a677cd0448d7c56e33f110c37f93ba2
- SHA1
  
  6b6f25c8f30fd244488ae6cdca973050dd9d9295
- SHA256
  
  e8336951ffb89a769d48821904408ed74a2d63e0ceec2e689fc38a171746759b
- SHA512
  
  511c5bf5fd94d81d883bc41c27a9f6071235bb5d4fb76ffb2a6ac353b15f43780ce15afdcfb2d90e5c3c8140dc045cc6d0595aa024732fc54b9f1fe0a95a7c81
- SSDEEP
  
  192:eJIVHIYA2svM+d5uKFWQT7G+wS1RPCiYfAlApRnbo77pZcc+caN:eUIesVlpJYMIRYpZcl
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Downloads MZ/PE file

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32