f81a7c22f112bef8f2f5da6ba9130f872ce5c5c267609ef2f1508cf64dd86490

Sharing

Copy URL

Twitter E-mail

General

Target

SilverBullet 1.1.2.rar
Size

195.8MB
Sample

240527-zdw1wshc7z
MD5

dc06e2fbb579ce7c6b541bf00e69f5c6
SHA1

1acef42495ada9888743a1ed6f9ecf6ddc6790e8
SHA256

f81a7c22f112bef8f2f5da6ba9130f872ce5c5c267609ef2f1508cf64dd86490
SHA512

469433a6013ad872c3227e203ce1cf14d9ea86ec41477185412b339819660a8a98a053f345328d564bf9d4c102cf0a1b380b3d41e939c5a5fc93e41eb5be1832
SSDEEP

6291456:6QiPDaXl2EEEt4+vEhWo/WKEXiQU68b1K88LW:6HPDaXoEIhUKESQU68b1Sa

Score

6^/10

pyinstaller

Malware Config

Targets

- Target
  
  SilverBullet 1.1.2/Plugins/SilverBullet.Plugin.dll
- Size
  
  22KB
- MD5
  
  b4ee39136bb41b38eca8055983dd80c1
- SHA1
  
  b864bf0bbdab6dc6ae71ee1c3642282dd2c95c72
- SHA256
  
  edc4c8eed4dfa60c22faa02b47da671b9998d872aa9c132b73448ec427a4246d
- SHA512
  
  b626e6accd909c1efb92628f623c9efd8b3df08d86851f3eea3c109f702b71b11b330008b57032e61d9a25e09408603451a49f3b23fb8423309a39993c2498b3
- SSDEEP
  
  384:Hu1YyzVMHOnf4yMF3cPPbVwVeW1LD91GIyAa9Otdf2sRE:ORbEVVRfXGIAEV2uE
Score

1^/10
behavioral1 behavioral2
- Target
  
  SilverBullet 1.1.2/SilverBullet.exe
- Size
  
  2.1MB
- MD5
  
  c38513df845b3fcb4f964b7e23c9811a
- SHA1
  
  b013a1b935d9473bff96c02477fd051eaadca80e
- SHA256
  
  3b724600e027320ed262572604bc31f213bc0e233a52de368d4a8a493f68ec8b
- SHA512
  
  4f7364adddfbdf76efbe7345921339b65083fe75c1ad1e4db7e42f1d87e8c432fcaaebfb512232e661ae39a651b7a23ae76bc6f968371376b5149da188225ba8
- SSDEEP
  
  24576:kuDvh1TfFIH9gYRRcY+32oQRLwDQF4eaE2cZPeAgF7H2oQRLwDJn0H1LOx923QRk:bh/7DQB/FOLDQBc8QB
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  SilverBullet 1.1.2/bin/Humanizer.dll
- Size
  
  250KB
- MD5
  
  b23ec3bf471a12c288f2a46b428bd013
- SHA1
  
  766c5bf33247f5d399f410873f4640c35fbc885e
- SHA256
  
  15e988ab3e8d84900ae90549eb399aac452d55edf0109e06fa1a9b227ddfd4c4
- SHA512
  
  ae49d951be7234a74d0df7b9f508651d199f2116ee9c52f88c70e1d8cc400ed4dcbef6ae851ec73cfe461faada4f5b807f1ab1cf9d5b4ff62489855259c8eccd
- SSDEEP
  
  3072:5r1It35fKhmIt+sS0vurEd2EtvXXVdLA6bYpBOljT6jVLHmPlRhvcA5qm:5RItQrhJurPEJGO96jVUXNcA5D
Score

1^/10
behavioral5 behavioral6
- Target
  
  SilverBullet 1.1.2/bin/Humanizer.resources.dll
- Size
  
  16KB
- MD5
  
  b8deb74353896b2598ee9eaf9e14ddf8
- SHA1
  
  e5020799ae0fd851f6361cdebd734726b9b9d63f
- SHA256
  
  25542713e5294ef929f80ce2be753c2e9dc20aa63fe7cdd9db61a35fc2113234
- SHA512
  
  56da0bf3cdd40648a0eba09b0360113028ebeaeaf80064dfe94b427caca7a76a94fcf37dc9d1d057d32d11eccbb63ffc304082f28ea6aa1ab47603fb3803ff3f
- SSDEEP
  
  192:cnPmKbvyJr07htBtTTPZSZucQZPMH7Tpe1zO/fTJo23pua9sgfxIZHA:CPmIvyJg7ptTjZSZmZPkiy/22UDgf2hA
Score

1^/10
behavioral7 behavioral8
- Target
  
  SilverBullet 1.1.2/bin/ICSharpCode.AvalonEdit.dll
- Size
  
  604KB
- MD5
  
  ecd9c594b35bead0588818206428ab49
- SHA1
  
  65694ab8bfda267bf3a066e1823d837dcca10f95
- SHA256
  
  86ff97015da0c2802b1c1c35d4e9c3c21cb024258557eff9cade16a9d58bd34b
- SHA512
  
  c9740b397ab68406a0a8f6a334631484c4daf61968bb9a1ececb9f797d63d0da5a32956fc9186cad3474d6543171dee01cdd93c077d2563ae99b836b3a44bf3e
- SSDEEP
  
  6144:GYFY292KUWr4025LGh+XlKWE6yPLNE2CXBfM+kVsjXs+glR0jqmV95joM:Nm70E2JJE2CXyFlfA
Score

1^/10
behavioral10 behavioral9
- Target
  
  SilverBullet 1.1.2/bin/ImageProcessor.dll
- Size
  
  185KB
- MD5
  
  e6499840c1141905681c11a632cd52b7
- SHA1
  
  1ce6ac73d1932c17544c83d515ffbbf0779bf47b
- SHA256
  
  eee56a5021b139897a16ad1b1aba061827924c585222b6b71d0b793df4676013
- SHA512
  
  dcf746663306cf1fb96418e32f4ef696e905dd910100944005e4da17b07b31a5049d96dfda061e1f0b84153dc8fad1cf90d1a95fc044a309277f47b34837d13e
- SSDEEP
  
  3072:qxFzZ20pb9s2/lCy7ZsEFH0O7P/eMusO0eVrlDoYDeG5T9CgOUJTIHdwEhhFomVy:uhZTxs2/lCy7ZsEFH0O7P/eMusO0eVrP
Score

1^/10
behavioral11 behavioral12
- Target
  
  SilverBullet 1.1.2/bin/IronPython.Modules.dll
- Size
  
  781KB
- MD5
  
  56c02ca018022884c6a6ecbf21853ba9
- SHA1
  
  e82520170bf37c5c26cf58a88bcd00ee31eac953
- SHA256
  
  87ca4725f12e8c030392be0164a521940ed353bc60cd34725f8bc0747bb7c069
- SHA512
  
  a6ecabdd5e9a75bba2fc4c582b23fd9df533771dabaddc7ac9e6743852f0c850f524fbf767de5550dc7e7bbfc767d484b0411fcb8ef36cd00cc058a00e25ed50
- SSDEEP
  
  12288:Sl96RaosN8DbVUKZp4/w/0sdiHqgTVJo///qYAJKa6Cy4xamJtQS+2X34l8K:89+URJo///XMJBYm3QWX34l8K
Score

1^/10
behavioral13 behavioral14
- Target
  
  SilverBullet 1.1.2/bin/IronPython.SQLite.dll
- Size
  
  622KB
- MD5
  
  33c7a7897ac17c6bb2dd7a70756e8801
- SHA1
  
  acfc7a4b095cc5541494fba59f407cdc98c6dcb4
- SHA256
  
  b530d7ee6b5b5cd4bab686b2a068eaaec1757ad355b0400d2aacc23c4e2cd530
- SHA512
  
  491b4f33bfd1e63d93ff832b3493f69d8ae93b9d2dac5dad9461a76e464dde05212f133e603302964c821207c1f79eeb4bf3107201e5b6d418d0271fc269a8cb
- SSDEEP
  
  12288:uOc3F13Axax72xqT0G/3weuTVSMy3KBzUJF3Me1fFChem:NcwItAc/3Ru0MzUv/fFSe
Score

1^/10
behavioral15 behavioral16
- Target
  
  SilverBullet 1.1.2/bin/IronPython.Wpf.dll
- Size
  
  7KB
- MD5
  
  ebb90f59291a5675e8ab1ca03d563024
- SHA1
  
  dbe17ab1c7ada5439693a26dfd9805b7c6006916
- SHA256
  
  5f32b1d69f5e6e741cb15f5054811a580aded15149164309caa1d0e8caa7d364
- SHA512
  
  a7b3ca7c2c8a9e0ae6296f76e19670d2417b1fe30e4668d980ac2f79b5cffa6e566b8922640184bc68b0c17ce958f479c3ae8f452a88b1cd76047406dbec4e02
- SSDEEP
  
  96:cGR1MPHBFTZmHwCB57ECPSY1/V/8r2KsDlRZ9tVQURdhR1oPRzZ1:vnIBulNS2VNvf7TdL16Z
Score

1^/10
behavioral17 behavioral18
- Target
  
  SilverBullet 1.1.2/bin/IronPython.dll
- Size
  
  1.7MB
- MD5
  
  f80c98a91e564c456dc62a5c5022c792
- SHA1
  
  1e24946058ee93bb1920e672ce99c15f65a02ed2
- SHA256
  
  c0f852fa065b8d7e2f54a1845c4b80a65a05b4cf5ac670cbb5754173b1a86e40
- SHA512
  
  dd3b4bfaa8bc8c6896b379abd129ff2a7c06f19d9f5064de2732e62973f9e253fd9375e183bf5ed66a8cca503a9041ee47a6b309fded8e1ec41465f2802b2258
- SSDEEP
  
  24576:64upM4bxxJOgbUXu5+eBU1Vy0khcgwdiJg9tZkn5qVj++:2dxJAkigwdixt
Score

1^/10
behavioral19 behavioral20
- Target
  
  SilverBullet 1.1.2/bin/Jint.dll
- Size
  
  244KB
- MD5
  
  734c5ce8f9b104d8ad3c7b494e96f9b9
- SHA1
  
  184cd4152b1b65d9531867b06c2e1c215fb872f1
- SHA256
  
  ed618668ae9e7c02c7c2b7332dd09079168cca96432a051044683c996337001c
- SHA512
  
  1e3ac0649e3b7bf9e97681aa7b1346aa44afe96d8c86fc77a6e002b8cf5b14b1a57f19f669ed0d4ae9a94d3f65d4eefa99dcffcf5d74afc8731f913c9c9f79d6
- SSDEEP
  
  3072:hE1DupDOGfyKkpsZa27k5t0f5jjBWV239UDjRFAkqYL36ZmvYYGUaKTUCRaikNrJ:hjyQlGunmvjPa2vRQrXPHNQHsq5+L
Score

1^/10
behavioral21 behavioral22
- Target
  
  SilverBullet 1.1.2/bin/Jurassic.dll
- Size
  
  481KB
- MD5
  
  e34177a06ff6b21f513db7343d285644
- SHA1
  
  bc802296601401bc64d896b8dd907d297a714174
- SHA256
  
  bd60614a8fcbca2c0a28b57da6fef13783c7b6d4d843f83a4b03a01f2bef5468
- SHA512
  
  2da0241f259fc75a05f05d494e4fa4645130dcd2ce9942ee57be64cd8f1d519b2890d52c15dc31eaa5120804bed5a5f50bbb0f1e78033729d3218d4c221e6ba2
- SSDEEP
  
  6144:MM9Z2RgB/Yh3PdMVx/1JfPhSIdCEcNo4T7sAISalENpCw0dCgBIidLEmMPucU:MYHt6/7NhUxxEz8XC5U
Score

1^/10
behavioral23 behavioral24
- Target
  
  SilverBullet 1.1.2/bin/Leaf.xNet.Cloudflare.dll
- Size
  
  48KB
- MD5
  
  d35cb544bc326ce175ef1c1c5587da6a
- SHA1
  
  c1f8cf15423dc0151824326f5e9991321c21f453
- SHA256
  
  8b116eac478bc55007c6a73c831738842e00ddecdb9de10f34ab2dfb017eea82
- SHA512
  
  3da7f675f3f9efb8acaf95b3f5dddd408d5f5db9b9fbcb3df17ba91bd24f1abadfef7bd507acea04721f128a392f397a8bba26fbea7216115db95f21e561bb19
- SSDEEP
  
  1536:72zT/PBeqTEWJ4VAZMElgbMDRHXjyiqOdzxHK:A/P/FVZMElgbMDRHXjyiqOdlK
Score

1^/10
behavioral25 behavioral26
- Target
  
  SilverBullet 1.1.2/bin/LiteDB.dll
- Size
  
  347KB
- MD5
  
  25b242d00c6c32e1f437eb2064ea2e29
- SHA1
  
  3712bd78c80a237dd804ec77c64498defde12e94
- SHA256
  
  e72acddf47586bc0999d598e3bd125a254bb6f4ae151c076993304f6e31fbbed
- SHA512
  
  f1ca54008290f67825f4aa0c8f78476d0e4ebb3b7f50c338f51c87a96b0d25457496fe6062aa57e401c444f5aa80df8e6b97c2e681e699905f3dc39200d235d7
- SSDEEP
  
  6144:mtY8gj5LlWwTjrG6VFNEjqpmzYyfQQG5HdE:t9LlTTjTu2pHyoW
Score

1^/10
behavioral27 behavioral28
- Target
  
  SilverBullet 1.1.2/bin/Magick.NET.Core.dll
- Size
  
  1.3MB
- MD5
  
  51145fbe253beb5dfd082dcdd5f99473
- SHA1
  
  7836d3687600d2d78f95a9e1a236d918dd381116
- SHA256
  
  0145005ff357be81cfcdb22c34140daa51c77590a0034669423a1ebd4a7504c8
- SHA512
  
  193564ca9f977f940e6951474eb443bf9d57784627b8498a4a7e133431848224dcc30870fe2fd4c0e07a1ca3dad14bf6f2f9dee75c4e4b38f0dcca9badb96be7
- SSDEEP
  
  24576:RUP6nXyeazknKKKKKKn/1SD2OuaACajAyCE7ykral6J:86nozw1i2yAC+AjENraIJ
Score

1^/10
behavioral29 behavioral30
- Target
  
  SilverBullet 1.1.2/bin/MahApps.Metro.IconPacks.Core.dll
- Size
  
  18KB
- MD5
  
  d8d0b8d00506ecc95640b7e9cbcb3b8a
- SHA1
  
  a009862a014c4ef067f8c3312fe6015efc04f858
- SHA256
  
  0d814872af90f2f4d956b699f9eb1637de7fa32988773fd939756bb43e8c3d7f
- SHA512
  
  67537e9f5696c8658881fb068bd4a5c130de242567b1ab57bc957d0340aca80ab499d019918ccfa4c6d06abe7a53f15891cad75b41f3c89032a7d361c80276c5
- SSDEEP
  
  384:fjSAbp3Pa7qCZiYuxz6aEBelFY0SyFBipvWFDAFzhQ8y3qsejKQTQ/RRT4AksNlc:gZiYuxb+kQoYjKQTQRN2H
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32