010ca8edd7f98637dba77df8d545192ef3cd36830b151d35fd76a54062f8855b

Sharing

Copy URL

Twitter E-mail

General

Target

Debug.rar
Size

406KB
Sample

240511-lxc58sbg3w
MD5

cea906116f3dbb3ccba1b8b906201418
SHA1

abd4c2eada5cfdbc824460a9d7ffde4f039d85f1
SHA256

010ca8edd7f98637dba77df8d545192ef3cd36830b151d35fd76a54062f8855b
SHA512

865aa1ef47780956661e912e84c0004cdd77004bc42ea8e76efc97055af37f9360dbc06fe1b28e2753dd63fd3c2d0e2c36e6b48930ef1ed43b091809f1ca39fe
SSDEEP

12288:oA53NAFGcgDN4WPf0A+icha0ylZTG2GIHW/XxBjupfV5HGA:TNfCWngFylZTG287upf3j

Score

6^/10

Malware Config

Targets

- Target
  
  Debug/NetwarePlusLoader.exe
- Size
  
  19KB
- MD5
  
  74660411f5094cfe0393babbbc6a4435
- SHA1
  
  b4fe8499dc60b68279c79eec88b1b2627038513c
- SHA256
  
  5151e005c80dc2d51c1a772c28cf1a59f915fbeca5f785083dac233ae4fec47e
- SHA512
  
  d6a22be501e7c63c7be8e34770d7f7be10a07296c3a975e473f5de6edc248e1baccafc95aa8ba1aaf61f5386d3cd01b41207ce8aad4be783664d890bbc529807
- SSDEEP
  
  384:uLdQHcTLzaPi1+ijLbLtbsKE/GxWvGxIkLanZHDBVU/MMzCeH:EdAcaiDbK0SGxIk4Pq/M
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Debug/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral3 behavioral4
- Target
  
  Debug/System.CodeDom.dll
- Size
  
  30KB
- MD5
  
  a356c38f8c81aa6a320692c953d090ab
- SHA1
  
  0e763c073033fe846c5b4277fdb6a228e0d6a6fa
- SHA256
  
  5dd27b1fb3297d4d9b52431df1b1c14b6275a3a6822ddd1a659e9bab38298159
- SHA512
  
  cb2f26961be3811dcbb76a1d31f4c3ee0cc58c4d07b46869fccb04428fc3e728baa8eeb17242676d078d25e280770946714dd611899762dab5aedc356ad13a52
- SSDEEP
  
  384:1+E8BjFiLMTPji3h8241EEqY00iIcsBxehzsCtZ7U6r1fDUyX/WouW5Tb2HRN7Zz:1zYFi4TWaveEqYchzZpZp/iZK9zFrE
Score

1^/10
behavioral5 behavioral6
- Target
  
  Debug/System.Diagnostics.EventLog.dll
- Size
  
  33KB
- MD5
  
  0d10176ce6842abad10015589f78d580
- SHA1
  
  664f9c78c3f916a63c7fe3cbcd5aee62e8771b3c
- SHA256
  
  d288baf0f1b509c6079337aee4905e162002d22bb6de725b58150c22115386c2
- SHA512
  
  633d8bc550f8ee78ceacd00dd213ad67ae2560541c780d26367b31056ac6740dd31b0b347f345e75d8f4a33f2f379ca192dc2feca36e7715b57a366aaa39deb3
- SSDEEP
  
  768:/7/05oIcTzTO3egGfmAXOaYbo+H/ixe5moQ9zRH:/7c5oWJLbVfiymVzd
Score

1^/10
behavioral7 behavioral8
- Target
  
  Debug/System.IO.Compression.ZipFile.dll
- Size
  
  24KB
- MD5
  
  dcda916372128f13ada8b07026c1b3e7
- SHA1
  
  99d6c187de8510206a93d2eed9c65e65e0c86e72
- SHA256
  
  b5c12e9099643e2eda9b49edd0d98bdaed153c72a7e8e6235d8e78714402d16a
- SHA512
  
  d66de5d61cf7090ce2e11ca8064723a44c2fdbd7ed937f1cf4198ebe13083037941b816ad9022d332bbb853666785600fa8b1faca94c498d2f82de73fe1e42f9
- SSDEEP
  
  384:dK8Y54xRiW3mWeW+mWE3rq0GftpBj52ERHRN7dldBopPI:dKfemqiuEBHoa
Score

1^/10
behavioral10 behavioral9
- Target
  
  Debug/System.Security.Principal.Windows.dll
- Size
  
  17KB
- MD5
  
  be2962225b441cc23575456f32a9cf6a
- SHA1
  
  9a5be1fcf410fe5934d720329d36a2377e83747e
- SHA256
  
  b4d8e15adc235d0e858e39b5133e5d00a4baa8c94f4f39e3b5e791b0f9c0c806
- SHA512
  
  3f7692e94419bffe3465d54c0e25c207330cd1368fcdfad71dbeed1ee842474b5abcb03dba5bc124bd10033263f22dc9f462f12c20f866aebc5c91eb151af2e6
- SSDEEP
  
  384:cEwo6eTs14YY4cWpOW6dHRN7FYpJAlGspU:VwDdT463
Score

1^/10
behavioral11 behavioral12
- Target
  
  Debug/System.ServiceProcess.ServiceController.dll
- Size
  
  21KB
- MD5
  
  5a8e94b2e6bf935b2a52f0bca9e57a9c
- SHA1
  
  8f8dcaef5f1e56a0eb6df05bd695cb10ad67747a
- SHA256
  
  add14415dc179f589116dc8b7574feb7695924ae42b26e69a87bd65df1022b11
- SHA512
  
  101124a7f28dcbb2aa5e2ba9258040d9307f0c3a4f8a2a41d86f2d2da9ca22720bb00ef7ab3a90eb61ff20844419c0515502f3c5e8593519fff57cfa573f9352
- SSDEEP
  
  384:oRiNYHzik2PuxGQ1OvxKWiWV2upaWmTb2HRN7epR9zD441:oRiNIGk22xb1aw/ieD9zk41
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14