507641e3047216809af93a127af70a266e273cd95c1cfaa06605a753b9166388

Sharing

Copy URL

Twitter E-mail

General

Target

Delta V3.61.zip
Size

22.2MB
Sample

240521-rwzkqshc27
MD5

2692ff99a5f94520b6caa33bbd0cf05e
SHA1

0bf675fad129bc61f7c2763177a4314288cce4cd
SHA256

507641e3047216809af93a127af70a266e273cd95c1cfaa06605a753b9166388
SHA512

65d9665d29684325ca27a33ec187be8ccb142f98f662f888b944750ffcfcea43c496403331ab00e5e408dc5b1c3d39d7fc2defdecb1133a41dcc5d00c7c0392c
SSDEEP

393216:p1DbvOskyq5reDYwFpIgDDLB3IwuZcnO7BjOOPhQEFu9QZay7qPF4zjop3Lr:zDbvOPADJpIelBnO7B6OPhjFu9eaDPFj

Score

6^/10

Malware Config

Targets

- Target
  
  Delta V3.61.zip
- Size
  
  22.2MB
- MD5
  
  2692ff99a5f94520b6caa33bbd0cf05e
- SHA1
  
  0bf675fad129bc61f7c2763177a4314288cce4cd
- SHA256
  
  507641e3047216809af93a127af70a266e273cd95c1cfaa06605a753b9166388
- SHA512
  
  65d9665d29684325ca27a33ec187be8ccb142f98f662f888b944750ffcfcea43c496403331ab00e5e408dc5b1c3d39d7fc2defdecb1133a41dcc5d00c7c0392c
- SSDEEP
  
  393216:p1DbvOskyq5reDYwFpIgDDLB3IwuZcnO7BjOOPhQEFu9QZay7qPF4zjop3Lr:zDbvOPADJpIelBnO7B6OPhjFu9eaDPFj
Score

1^/10
behavioral1 behavioral2
- Target
  
  Delta V3.61/Delta.exe
- Size
  
  17.0MB
- MD5
  
  774ffee84d8e760761b8819edd2bc252
- SHA1
  
  74ff2bcc3baf64790181b97dc09ab951d9440379
- SHA256
  
  3c2cbcfb0dc0b92e1a0f15e725a1f8c4756a990e298098d94087cdd3fd491758
- SHA512
  
  935624fdaa9ae57d4515a456a9383c20240988848046fcab69948450413e573167c0f17a456f0f5120ec13e3215759ad11c4857873900606116c3e495dd69650
- SSDEEP
  
  196608:LOM8QZXcqPrn0guhegnueaIN3l4X+yBXeLUpcgwBj9aR:LOM8EmegnBaS1C+yBaUpcgwBj0
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  Delta V3.61/ICSharpCode.AvalonEdit.dll
- Size
  
  598KB
- MD5
  
  b6142f182a86adf382ea845935a327bc
- SHA1
  
  841367a389b4df1207224a26f9e201e593d551d1
- SHA256
  
  7225253a9ca59db879340f9ea8ee4f48006ceadf878d04b446522007fbe3ebb3
- SHA512
  
  a5e4941409b4b06fdf44ec5ebfb5d99cec47b1f348e266e7dc20254e5465deb1abf60d67092b5aa1bd14f52d637b52b380382f838d601b0f3734ea5a406fb068
- SSDEEP
  
  6144:m7zJDqOpyhu6XzDnHYRdioOfP/5GvVTBz/xz0z77OxRmvdM+lNsjXU+9NKsTLO0l:C/9R9VONf
Score

1^/10
behavioral5 behavioral6
- Target
  
  Delta V3.61/Newtonsoft.Json.dll
- Size
  
  685KB
- MD5
  
  081d9558bbb7adce142da153b2d5577a
- SHA1
  
  7d0ad03fbda1c24f883116b940717e596073ae96
- SHA256
  
  b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
- SHA512
  
  2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
- SSDEEP
  
  12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5
Score

1^/10
behavioral7 behavioral8
- Target
  
  Delta V3.61/bin/590.dll
- Size
  
  5.7MB
- MD5
  
  9d947d9f9432cc466f17d6999c82e097
- SHA1
  
  92de10cdb741536c4d143324798629531779a88d
- SHA256
  
  dd220cfb8765304d9705bb162c570fdb48dc07dfe68cd2d2629dc6d5d0460fe1
- SHA512
  
  baf09afa9c164cc8c08e08877b8d0f1f58a7e6d2ecec54b564b27ed73baf6a2c2a2d76bbbeaa3ab9f5f36db2080f27b93acecea0e99a4575bee427af1093af77
- SSDEEP
  
  98304:450ZEc3CPEdzS3iFYcuZwI9lu/lgQ/6SCGeqH:2bPWEiqGBR
Score

3^/10
behavioral10 behavioral9
- Target
  
  Delta V3.61/bin/592.dll
- Size
  
  5.7MB
- MD5
  
  1334786e5f623e65c3b7c4a8272655ef
- SHA1
  
  9dbbf9dc8ecaa9096181ec217468e41acc6c0c84
- SHA256
  
  f91da9a8fafbc3c5933e6f97e75e0c9251dc83c58d4cd419979d53859548fb02
- SHA512
  
  1a988dc15818ac08fedcd0548f1e472ba034ab9a721bc50ac10dbd3dc0995127e3d5b1198f1bf5fea17b3ea3992be2a03c4447e438cc971bdf92c5c761034059
- SSDEEP
  
  98304:zO0rvcHXlDZHYf5vibU6yFA/lgQ/6SPA3WO:zOV3HHbuG4m
Score

3^/10
behavioral11 behavioral12
- Target
  
  Delta V3.61/bin/Fluxteam_net_API.dll
- Size
  
  6.2MB
- MD5
  
  cdf73079a63074805810016f13fbbfce
- SHA1
  
  f7ecbbd392820ea6fb8cbc72911325c440c0c271
- SHA256
  
  c1eb4052b0a9d672595be10d21ff60a79039c5842d8c98e837251a721549c60b
- SHA512
  
  2eb5a41dfe01d6b58aba5d27a4b359f8b6ea2b913e465ca839f09b3c334aabe550d4925a6e786540a5c28c9086ed97b2187722f3bf62c54ae92922550f5e36e9
- SSDEEP
  
  98304:ff0ldnefVuuvtLonWJ7gatg6QrkP6G9qvPpZDI0evx+AquS/gdV7Wme+OEDl:kH6tvP613pZkvquddNLhOW
Score

1^/10
behavioral13 behavioral14
- Target
  
  Delta V3.61/bin/lua.xshd
- Size
  
  3KB
- MD5
  
  e2b537e027b3251fb82e213739e66376
- SHA1
  
  e47888a238dcf90097ecd3c8860b0f9b02ded0e3
- SHA256
  
  5c508701141f851aeb0ad9088759f7da15bc33f9e7459ea8c8d4e1ec7b4eaa60
- SHA512
  
  1e347301cdc75933d709eddeace7cc9d62a7e9685f5badde3e1ec6f3cdbb37bbb8b95c23632e11b283e0464ab4c84e79c644660a1f0c09f51729e30571555f7e
Score

1^/10
behavioral15 behavioral16
- Target
  
  Delta V3.61/bin/modules.json
- Size
  
  639B
- MD5
  
  87b829dbc0f63d72bff5664fa2177dd9
- SHA1
  
  aaee2d27a5a0290af3f14a8a20a84667aff498fc
- SHA256
  
  df98a2a55cd20d372e43356f931a1bd5aad946b44e92f407405e9ac65539458e
- SHA512
  
  e827da6e7e4d85e328b51a2b2c1ed4db7b0b453a5cdca066b210b58c0c8d9c912e90324f45a3682450a4ee2519806eb5295226acd7ec7d40e952ce061f350318
Score

3^/10
behavioral17 behavioral18
- Target
  
  Delta V3.61/bin/vers.txt
- Size
  
  5B
- MD5
  
  8ec516f474a8e25c087b7046e5ce5fa5
- SHA1
  
  47e4e5e5db6430b04cc2b2047c0059540c03075a
- SHA256
  
  9ef2074444610f6b60ee6c9bc840ae83b0dcf1669ce282abf7aecb74d2dfc8b3
- SHA512
  
  e26db8507f89eaf5c689174dd30d2b02e26a120370217a058e28602ce1c92b3469174a98396f37526b44c3d3be7744ec189f2f32e4930d758c765962f5aff0f1
Score

1^/10
behavioral19 behavioral20
- Target
  
  Delta V3.61/scripts/Put your own scripts in here.txt
- Size
  
  182B
- MD5
  
  1131740e8b7ca683a5ef8baa55fe2d56
- SHA1
  
  ebf45af57e2b414d263680ce24fabe5d49e3c494
- SHA256
  
  0b697797652475680239c184c005f5b74bf8e2d033ccfe790a06c62e61ceeb7f
- SHA512
  
  7ee8203b34fce582bba5097b27a3cbc4eb7dcefb8c36bf61ca8a45b47a7f94e382cb6738a3de5aac44ec4e5037282f8b4dc39236fb1a54be7531d874b74b372f
Score

1^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22