Overview

overview

4

Static

static

3

000.exe

macos-10.15-amd64

1

Ana.exe

macos-10.15-amd64

4

Bad Rabit.exe

macos-10.15-amd64

4

Desktop Puzzle.exe

macos-10.15-amd64

4

Memz.exe

macos-10.15-amd64

4

NoEscape.exe

macos-10.15-amd64

4

WannaCrypt0r.exe

macos-10.15-amd64

1

Resubmissions

08-05-2024 16:15

240508-tqnx6ach3w 10

08-05-2024 16:07

240508-tkr3mafa54 10

01-05-2024 18:02

240501-wmf49acg3s 6

27-04-2024 08:46

240427-kpfeysff8s 10

25-04-2024 21:25

240425-z9y55afb7v 10

25-04-2024 21:16

240425-z4pphafa97 10

25-04-2024 18:27

240425-w3929sde33 10

25-04-2024 18:17

240425-ww4a5sdc8x 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Malware.zip

  • Size

    6.4MB

  • Sample

    240425-wn1kaadb91

  • MD5

    2570272f3d1d089334463f58135099be

  • SHA1

    c3c47f1a8420d11be52cf69f2cafcec450b36b36

  • SHA256

    2a45e44be359fba4c85591e7b13d1ec772ed181adc41254d8b00d31b2d15878e

  • SHA512

    4921f1e3fa8dc8b019587aad62a67b449175fe6cfb8e7b01474a3eb5683c1c475f34247e4a6b248bea3e432ed413721519a52b2d1ef0f3f088876cd98cec31f9

  • SSDEEP

    196608:Pjlmaezq3Z39giBgtmHmZMXQ/4LQH6TBAyigHRHu+MKiB:PYaIwgiKt2O9/rH6T6yigHRHGxB

Score
4/10
evasionmacos

Malware Config

Targets

    • Target

      000.exe

    • Size

      6.7MB

    • MD5

      f2b7074e1543720a9a98fda660e02688

    • SHA1

      1029492c1a12789d8af78d54adcb921e24b9e5ca

    • SHA256

      4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966

    • SHA512

      73f9548633bc38bab64b1dd5a01401ef7f5b139163bdf291cc475dbd2613510c4c5e4d7702ecdfa74b49f3c9eaed37ed23b9d8f0064c66123eb0769c8671c6ff

    • SSDEEP

      3072:eaLA1++iCeFj0im6X/AXpT8vVMCcHVcdhghUuz1o9Y:fLJlC6j0CX4XmvWHVcd62uO9

    Score
    1/10
    behavioral1

    • Target

      Ana.exe

    • Size

      2.1MB

    • MD5

      f571faca510bffe809c76c1828d44523

    • SHA1

      7a3ca1660f0a513316b8cd5496ac7dbe82f0e0c2

    • SHA256

      117d7af0deb40b3fe532bb6cbe374884fa55ed7cfe053fe698720cdccb5a59cb

    • SHA512

      a08bca2fb1387cc70b737520d566c7117aa3fdb9a52f5dbb0bb7be44630da7977882d8c808cbee843c8a180777b4ac5819e8bafda6b2c883e380dc7fb5358a51

    • SSDEEP

      49152:OwVYlfBUDiZx8Fa/Q0NuB3btlnCItWNSwoy:OxPUDQmso0NuBZlnCItM

    Score
    4/10
    evasion
    behavioral2

    • Target

      Bad Rabit.exe

    • Size

      431KB

    • MD5

      fbbdc39af1139aebba4da004475e8839

    • SHA1

      de5c8d858e6e41da715dca1c019df0bfb92d32c0

    • SHA256

      630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da

    • SHA512

      74eca8c01de215b33d5ceea1fda3f3bef96b513f58a750dba04b0de36f7ef4f7846a6431d52879ca0d8641bfd504d4721a9a96fa2e18c6888fd67fa77686af87

    • SSDEEP

      12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR63:vT56NbqWRwZaEr3yt2O3XR63

    Score
    4/10
    evasion
    behavioral3

    • Target

      Desktop Puzzle.exe

    • Size

      239KB

    • MD5

      2f8f6e90ca211d7ef5f6cf3c995a40e7

    • SHA1

      f8940f280c81273b11a20d4bfb43715155f6e122

    • SHA256

      1f5a26f24a2bfdd301008f0cc51a6c3762f41b926f974c814f1ecaa4cb28e5e6

    • SHA512

      2b38475550edee5519e33bd18fea510ad73345a27c20f6457710498d34e3d0cf05b0f96f32d018e7dc154a6f2232ea7e3145fd0ed5fb498f9e4702a4be1bb9c8

    • SSDEEP

      3072:r/3qftCdbSFtY8Zf8pOk0rHitNWIekbnfFPsr24Cv/Eng9m3ihlCeKH6Fb6aX3WA:WoI/rC0k7ar68nimCYHe3qZr0SlC

    Score
    4/10
    evasion
    behavioral4

    • Target

      Memz.exe

    • Size

      14KB

    • MD5

      19dbec50735b5f2a72d4199c4e184960

    • SHA1

      6fed7732f7cb6f59743795b2ab154a3676f4c822

    • SHA256

      a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d

    • SHA512

      aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d

    • SSDEEP

      192:sIvxdXSQeWSg9JJS/lcIEiwqZKBkDFR43xWTM3LHn8f26gyr6yfFCj3r:sMVSaSEglcIqq3agmLc+6gyWqFCj

    Score
    4/10
    evasion
    behavioral5

    • Target

      NoEscape.exe

    • Size

      666KB

    • MD5

      989ae3d195203b323aa2b3adf04e9833

    • SHA1

      31a45521bc672abcf64e50284ca5d4e6b3687dc8

    • SHA256

      d30d7676a3b4c91b77d403f81748ebf6b8824749db5f860e114a8a204bca5b8f

    • SHA512

      e9d4e6295869f3a456c7ea2850c246d0c22afa65c2dd5161744ee5b3e29e44d9a2d758335f98001cdb348eaa51a71cd441b4ddc12c8d72509388657126e69305

    • SSDEEP

      12288:85J5X487qJUtcWfkVJ6g5s/cD01oKHQyis2AePsr8nP712TB:s487pcZEgwcDpg1L2tbPR2t

    Score
    4/10
    evasion
    behavioral6

    • Target

      WannaCrypt0r.exe

    • Size

      3.4MB

    • MD5

      84c82835a5d21bbcf75a61706d8ab549

    • SHA1

      5ff465afaabcbf0150d1a3ab2c2e74f3a4426467

    • SHA256

      ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa

    • SHA512

      90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244

    • SSDEEP

      98304:QqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QqPe1Cxcxk3ZAEUadzR8yc4gB

    Score
    1/10
    behavioral7

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

5
T1564

Resource Forking

5
T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks