cc24fb493ea2e8b879429b3d4a475d2f9abc4a3ccca61fdbfdbe3a71af16d722

Sharing

Copy URL

Twitter E-mail

General

Target

main.zip
Size

21.8MB
Sample

240524-db9cjsaf84
MD5

99441db67445971ed197c07170f47f26
SHA1

10c2296c06fbf68ce760ce2898eb3bec1f1975d1
SHA256

cc24fb493ea2e8b879429b3d4a475d2f9abc4a3ccca61fdbfdbe3a71af16d722
SHA512

60b7b40f48ead820a2fc94cc773a23c614e1e29acd70c5247ab127e7f62fe58408795ce295da4f84d286f853524728a8a75f0c99840208012660da8a9bba0e2a
SSDEEP

393216:c2ajdxYGKTL3XGsQ8wmk3M5W07p1oZQBnXqf9bOKGpDcIjvlYbkFzRT:c1xYGKP3WsQ8wmk3iW0AUaf9iK64IOkf

Score

7^/10

Malware Config

Targets

- Target
  
  autoexecute/test.txt
- Size
  
  69B
- MD5
  
  8117b088670ace343038cc9e404d5448
- SHA1
  
  b293a8ea46badf3268312b03ffdcbd87936070d2
- SHA256
  
  f7a90e5208841b920b622e0c94eb32653daa297c07d3f8e4abd532201dd5165f
- SHA512
  
  574acf89b137f2ea2259ec704e76ac04fab40a4166f1b5957fc5701bffbefb25ea8d5e1efadc5a2c7249acd6bde419c759589b37f073b162b25bed29ee677d26
Score

1^/10
behavioral1 behavioral2
- Target
  
  bin/api-docs.json
- Size
  
  5.9MB
- MD5
  
  19c541f355cad5fb427a38317479b698
- SHA1
  
  aebc5b3b123ab962606b6072806027d9b6c758e9
- SHA256
  
  6c003208304e585290c9a655c51e5789c4f3e4241a9abc0139a9dbeb5d2884b1
- SHA512
  
  78e3cbe554cdf02457a3892033ebd9f74c5b4446e306248594d682918ea5dc6e52cafe72b3bdf59fda1f9f5b3879576ca1ef2d35cebc66f1d55543b618bcf7e5
- SSDEEP
  
  24576:7ccjk1+ox2ptidmo2KtMTdxsuBqXhGz+rM:hiVuBqXhGz+rM
Score

3^/10
behavioral3 behavioral4
- Target
  
  bin/incognito-luau.dll
- Size
  
  1.3MB
- MD5
  
  157fd035b2a344a94166d7db3756df0e
- SHA1
  
  f221d28c1deb80b4e8d9201226435aefce6b0f75
- SHA256
  
  8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009
- SHA512
  
  fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d
- SSDEEP
  
  24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk
Score

1^/10
behavioral5 behavioral6
- Target
  
  bin/save.json
- Size
  
  46B
- MD5
  
  877b13372acbf8bf740694d141d1aeb0
- SHA1
  
  0c764bef8a7c94ef610c129720d3d3d9a66fea3f
- SHA256
  
  1bc3e6bcf3d47756fe6e456ce68165d39ea8358186d1a9bb4b2e5911389b22c1
- SHA512
  
  38a6a7e7bf9572daeabbafb7bb1868d09f9b487e84e17da263f627315623952ab203c8dc5e940b6d59d15183bdd43d153a08ae421f12d085480e73fcbc3b5b82
Score

3^/10
behavioral7 behavioral8
- Target
  
  main.exe
- Size
  
  20.8MB
- MD5
  
  a18229feee8fd2a2d11caf3334962724
- SHA1
  
  4c1a078607d9cb97103bfb3122be3b45bdeff817
- SHA256
  
  b9c4ebecf944e0e9955f86a7581b3b02187ce64e78011035dedab40377ee3001
- SHA512
  
  fc35eb60b4ab3014c680e4fdb2c54eea08ee7480c6c765402985be532d3465bd28317482b0e4f4cd2e69b4691a5a19974e2e8229b1001269fbd189d14b82c37a
- SSDEEP
  
  393216:qdjJmE6NrDREnCE8odCMiqwmtD/BFZTFjRUpLHfKg4NMaTSzmGg37P:6JmE6hDOnCE84CMMmt7XepL/KQajGg37
Score

7^/10

evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral10 behavioral9
- Target
  
  scripts/test.lua
- Size
  
  15B
- MD5
  
  45952b4f4540d4ea32b1a56b40dfcb54
- SHA1
  
  c43f61758aede460274cbe0a7a52ed3a8e06201a
- SHA256
  
  819627eee839b974a3a9905ea4f98b1fce63b9ef68a9a1030b39c52ec2046999
- SHA512
  
  5fae4efa4037c96b3012e825e1041ecb419b8b6ce6eeb2f4667228874ddb7be48137d9118dc676e6d1f430e71f68809837e4caea8fd65f6100624e63abb81e8a
Score

3^/10
behavioral11 behavioral12
- Target
  
  workspace/.tests/appendfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral13 behavioral14
- Target
  
  workspace/.tests/getcustomasset.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral15 behavioral16
- Target
  
  workspace/.tests/isfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral17 behavioral18
- Target
  
  workspace/.tests/listfiles/test_1.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral19 behavioral20
- Target
  
  workspace/.tests/listfiles/test_2.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral21 behavioral22
- Target
  
  workspace/.tests/loadfile.txt
- Size
  
  1B
- MD5
  
  8fa14cdd754f91cc6554c9e71929cce7
- SHA1
  
  4a0a19218e082a343a1b17e5333409af9d98f0f5
- SHA256
  
  252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111
- SHA512
  
  711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b
Score

1^/10
behavioral23 behavioral24
- Target
  
  workspace/.tests/readfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral25 behavioral26
- Target
  
  workspace/.tests/writefile
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral27 behavioral28
- Target
  
  workspace/.tests/writefile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral29 behavioral30
- Target
  
  workspace/luarmor_compatibility_test.lua
- Size
  
  8KB
- MD5
  
  1f256596bbcde8ed0506e008e9d02074
- SHA1
  
  4d9ff37f8bcd5fbc3ea6929792565575baf69122
- SHA256
  
  84d347276debd97eda22b5f408b0c50baf48d3be103ce941e74f3af5b6583907
- SHA512
  
  8476d5430f161a0201bdbd1a64cff2f17412e614a558cf80beca5ed3deac394d3b53e9c48964bb64197e38e347d385f125bd1734ab74de0c27fc1e31d4073f02
- SSDEEP
  
  96:O4cGBg1Xs6/v/qLVZtVp4qxwqOqxeaYqqxHqCq3RLNx8x97V0ojS8R/f87URbUer:OHGe9e77Ln1YDKDk97KojS8R/oLWKm
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32