General

  • Target

    RoSearcher.zip

  • Size

    26.6MB

  • Sample

    240516-wwc4yshe57

  • MD5

    aaccc1d4e80570e756f73ec3351e94ad

  • SHA1

    078dee178d0e64fc089a09d0b892df515d9b92ed

  • SHA256

    8211dcf3931144188bfa0956b4c3b871f593ffb889c9990516152a35052df87b

  • SHA512

    a7ce51ebb0c78a9455624d96c426100729bc9f52451e0643993371fd044fd1e6e9743ab25b7d923228ba30cab1365ab7bdf64e4d0e290b87b3d32c59db9181b6

  • SSDEEP

    786432:lV5Vcxn47Nrf3buUQpqSDAO+Rncp7rOOlOSW:7fcViNrTcpqkpOb

Score
7/10

Malware Config

Targets

    • Target

      Bootstrapper.dll

    • Size

      226KB

    • MD5

      1baad52f7c988dc6126295119b3c13eb

    • SHA1

      e3dc39aa1299f13fc50a3d5cdce82adcf22be6ba

    • SHA256

      e5d739338c9e54565cf0b8dab3a2edfd0f38ba98fd1b0207203ce5ad16c24d2b

    • SHA512

      eeeb5f48cfc6e43c000d0a0ac5a347f5204125ff69584a79e147592deb5a9665cac833d51b3fb1f643d37d82ece216de70b5c4c4b9c0d468294fad69af02842e

    • SSDEEP

      96:r22222222222222222222222222222222222222222222222222222222222222i:i

    Score
    1/10
    • Target

      Rosearch.dll

    • Size

      61KB

    • MD5

      96ef8effeea2fc85aee6bcd78dd472d9

    • SHA1

      82647a772c6ef4b630e887f26e00b928ebfd956f

    • SHA256

      7224c7e0d8aa20ef0b34056c120dd36717c9ca13d3349d8d7d1b05b97ff61e87

    • SHA512

      4ed11104172f13d01e0e87836cef70b3f543474ca47fb5155637bdea4ca07e061586dc8497fffa9b2dcfcc2302d4fc4e2268740bd921e6adad87ad1163683733

    • SSDEEP

      96:r2222222222222222222222222222222222222222222222222W:b

    Score
    1/10
    • Target

      Rosearcher.exe

    • Size

      26.8MB

    • MD5

      69111d3bf682912106356706e1f94534

    • SHA1

      877b8bb3587ecf51b2093257c97b732ebe25622b

    • SHA256

      cf0f3097081d1c96a136bd4271ab20b1ce8173c7528f162abcf4dfdb77f1eb86

    • SHA512

      22a1da39621452528f9613ba0ee943b7bfd6dfc6c2fc8736e1101a4ec815a03e72b18cef5f8b5f9ae32c7c1b609cee00fdd24a6120785ff61a306117f5713eff

    • SSDEEP

      786432:S9/QTkuRFdbqzcY873C2aTN4bjbb0BGEmC:k/QwoFd+E7f3AZm

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Testing123.pyc

    • Size

      73KB

    • MD5

      5bfe589ea282ac8cadba5c5f98752048

    • SHA1

      299d5a7bf659829ffb879519158f5c2614e62734

    • SHA256

      020383b5d9d79e28526e073e78a3c901c7f7b815e7573a6d9ba9916eb526e854

    • SHA512

      ffcc7e74df4dc620ecf6bf3ae54890b5320371ffb916b5ef58006e1f87980e69ecf0ccb8d9ea563f0ab0057d4812fb1865660951f7fd51e0f8f2463cca231ea4

    • SSDEEP

      1536:Xfsfk5OLaQ7OQMSU0O4OoRVgdXXmsd2/K8I0Ay0Z:EsOLaQyQgToDGHTd2/K8I0AyS

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks