7bf999026503b2e5975ed80d609aaf5bda7e9ffd701a6b67f10cba2216bb1fd8 | Triage

Sharing

General

Target

7bf999026503b2e5975ed80d609aaf5bda7e9ffd701a6b67f10cba2216bb1fd8
Size

4.1MB
Sample

240528-m4sd6she54
MD5

4090567aaa429e6805c8141973246348
SHA1

96f806de863aca97b9eff5f1bf4b070ff008ab83
SHA256

7bf999026503b2e5975ed80d609aaf5bda7e9ffd701a6b67f10cba2216bb1fd8
SHA512

0abeb666ceab6d03a754a305eb818902fcda482c261274109ea188ad56fd4ad4bd8e81bde28b0d8fea9f4570758742dd183f4058dfcef2fc56265ed0fb7971ef
SSDEEP

98304:Y9qontoOT8D/vVKK/xsR9RyI+D4b32H8nUm5J4vUrbofjjFiM7:NMtBT4/vkR9Rq4b32H8nUm5J4vUrbTW

Score

3^/10

execution

Malware Config

Targets

- Target
  
  CGown.com/DynamicShadow 2/custom/about.html
- Size
  
  107B
- MD5
  
  4bc75bd53fbd33a1b5c1ff4748373c9d
- SHA1
  
  49a38d8e815ba94c0f781f7e16cbd0d32ae4ccb7
- SHA256
  
  ce7f4a9f4d7a4bbbf329ec39ccfde4b75d50e5ce8ad0e7ac4660585f017c41a2
- SHA512
  
  1f03a91cd17a8f79d5a74e03c0c976e5fe949be45b1ae02fa18cdb7185f62f7abdf0e392f7fb987977a30a8789302cd9b29a51131b674b9403a5b2129ccf3849
Score

1^/10
behavioral1 behavioral2
- Target
  
  CGown.com/DynamicShadow 2/custom/header.html
- Size
  
  913B
- MD5
  
  825c3f3e303af2060a364045f85d6cb7
- SHA1
  
  8e755bc06d44099304f2387543f8e4c455f247ea
- SHA256
  
  85f8365712d99e6ab406451e9ac023ee3c74d7c1a190d2743fd74ceca30e7519
- SHA512
  
  a7ac60900d3d823903415ff00eba613af6a48e318ac1f4c51dcbbc84f1cdc5b36285b1643996b6b00dd45869ce44f63b45e470fe5ad621c517955646b2c6969b
Score

1^/10
behavioral3 behavioral4
- Target
  
  CGown.com/DynamicShadow 2/custom/help.html
- Size
  
  362B
- MD5
  
  ed49a310f0c902f3282c2e54ef81afea
- SHA1
  
  42994bbcc4e24c751aa3adcbdec78777b8e06b71
- SHA256
  
  315e919a2bb9e399968298a2a02a93451367551489e08bf602a7aa6fed284f4c
- SHA512
  
  cd642936e333263abd74b80fe429e930c4b96012cd0afa1ed38fcf69e6643be6681457b097039ece8a3291dab26e84612002af7b64d07d5850072879c1fbad34
Score

1^/10
behavioral5 behavioral6
- Target
  
  CGown.com/DynamicShadow 2/dialog/dialog.html
- Size
  
  10KB
- MD5
  
  896c63a5f5edf59f5ddd388fae8009e4
- SHA1
  
  7addf14d190f6e807fd229daea2e2b18fe2f3f12
- SHA256
  
  f8d065022f34769e09f8f23e194f721b034ce7f902e24908814c803c20b954d7
- SHA512
  
  2cdb9dba897c3534067cbf4ee4a20b586677fc59397661e6167f4acf7e25b70a4db3ec3cdd128c02d4cb4626664c3f80c65a0b43a0997c92e267cf6d215d61f8
- SSDEEP
  
  96:xSzWhUoYFiunFjYEoaFpwuZjpp2o0VXGCzWx6TtlY0cXpXZ0a5ceA2ANXCMnDr0Z:Q6hhE3XwuZjpwl/6x6P1apXywAzwvV3
Score

1^/10
behavioral7 behavioral8
- Target
  
  CGown.com/DynamicShadow 2/dialog/js/dialog.js
- Size
  
  1.9MB
- MD5
  
  9a02e3a9a2221a6afdea6f653ea4d5ec
- SHA1
  
  c761c04c2a4a137b12fdc269ef529aac71c21838
- SHA256
  
  7675ff205d835905ff959c747ced23c7239a2057690e195f59f1df600477ea3d
- SHA512
  
  fd1aa7c9bd8238ca830076299625357933a1c7dc6663e043fdd7be3b483f0050335b3c1d09cd4815975d60f0fc274a8fb64f3877577df4635dee902a7242c7e2
- SSDEEP
  
  24576:bxiT4hZvvMp/QkKZ6HnkyTx0cqhDfHF3vwN6/PshWkEPaQtxk4:bxiT4hZvvMp/QknkyTLq1ZTwENV
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  CGown.com/DynamicShadow 2/dialog/js/dialog.obfuscated.js
- Size
  
  3.7MB
- MD5
  
  b2e92dd74ea1e22dea5582800cde6c27
- SHA1
  
  5fc8a823ed8dc4256452c211d165576c9c080a52
- SHA256
  
  bcd32d69e55a878d193646bcaeafe8a7822cef369af339c9d2c41e5b93a3fb4a
- SHA512
  
  54421ede3d8f95b84e90fb979e27c503ad9055d7417a0bf07ceaede039ed15c1f8b0cbc833c9bf7488bcee7c5993511eb23714c8581aaff48c1533912de6cb47
- SSDEEP
  
  49152:1FSD1OvYMkJQJSWTxjFpcbC2gNyrWpp/QknkyTLq1ZTzRg401C:/4R
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  CGown.com/DynamicShadow 2/index.html
- Size
  
  1KB
- MD5
  
  aa4165093a20d30f1d4fa325fd25306a
- SHA1
  
  dff7b4b74bbea3693d89de40a152434f9a3dc3dc
- SHA256
  
  32fe38e4c18e5057c34b22f553991c873d255541ef7850663e1592c18d5d1344
- SHA512
  
  1ce8f400414e4b1af5b1aa2a916e7ebf6e02035ed9dde534b14514bc9e04cac9099be9454e2cdc14e9f0bc629680139898ec8dbe07010cbdf58ad9663f1ae18a
Score

1^/10
behavioral13 behavioral14
- Target
  
  CGown.com/DynamicShadow 2/lib/AE/CSInterface.js
- Size
  
  39KB
- MD5
  
  a32d13617ae117d6e1fde01d8fe7a66b
- SHA1
  
  02bbb47b54bfdcbae0e0ba0c08470f4794add7f6
- SHA256
  
  29e8d30c5c3c64d238d94aca9167520c0d48b5f62b004e1254ac2c798384cd85
- SHA512
  
  84a53841f6a2b0b61f14ac363f6284cd7e24c631fc00acd241e627ae9c6ee33b966e82b5169e750519a6981470314dd640f6c438956f9608cec41d0ef86be638
- SSDEEP
  
  768:eSaiy2zhKxkL5wvMCpjZ5hKY/8a/Y5fEz9n+XdnOow9G:eUhKxm0JDh9/8a/mEZ+XdOop
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  CGown.com/DynamicShadow 2/lib/js/Main.js
- Size
  
  28KB
- MD5
  
  058ec46dd17ae9ef0e4d1ee08e4dfe03
- SHA1
  
  9460f2c1af180ce049ddd1284746e3943aa48948
- SHA256
  
  fa87b328ec40e56d8b29703bbe33128c65296e358a293143e4b7f1e1d2461382
- SHA512
  
  fb935751c8fe51f1e2bc9242ca0b3e7cfb7780f5d0db0daae44f099db92aa553e880951be4eacea54b6e63ce5891c99e5da5e12391cd213967f186678b5317ec
- SSDEEP
  
  768:hm/jU0a42GU3W3/vw6ATKycCK3i0i5vFUrdEjHva/d95upxcmpFwosrEZqglIDqQ:q8G71UGoh/c/qqglIDqv5mg/79iDGrWt
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  CGown.com/DynamicShadow 2/lib/js/aesp.js
- Size
  
  1.9MB
- MD5
  
  e2473abd0de882c4ed3e7e7871f92870
- SHA1
  
  92d3a8a473a5dc39495fac0234b5355baba2b11d
- SHA256
  
  53fe89ecb4c02c596398a28e3053802993ace47c277ced755ad761bd1918e95a
- SHA512
  
  c70623e68b012c679833bf82aefdc81484ec245cf661eda82990bbd979413b4fe4ca3c9c2f6cfca1a56b05191a504babd315fffe48a58cae2a32265fa93a9970
- SSDEEP
  
  24576:TxiB4yUkcvvup/QkKZ6HnkyTx0cqhDfHF3vwN6/PshWkEPaQtxkO:TxiB4yUkcvvup/QknkyTLq1ZTwENN
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  CGown.com/DynamicShadow 2/lib/js/jquery-3.6.0.min.js
- Size
  
  87KB
- MD5
  
  8fb8fee4fcc3cc86ff6c724154c49c42
- SHA1
  
  b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
- SHA256
  
  ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
- SHA512
  
  f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31
- SSDEEP
  
  1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  CGown.com/DynamicShadow 2/lib/jsx/colorPicker.js
- Size
  
  276KB
- MD5
  
  68a162b07a05237023f97bdfb818ea58
- SHA1
  
  0b3c8f06850040a3d81048c1ef398ef0e65670cd
- SHA256
  
  51723cacee684481c746e9ca6be87d4e403982a0769df1681b6c1e89eb1310ac
- SHA512
  
  68c39be901f4c2edb1a8e0626c019ca265dce5992578b1126418b6dcf7c71800e2589e6e1dc76f7c1e6153240ad77c79f2062a28790845af43c4ed2b4ed5f67c
- SSDEEP
  
  3072:zbGd/+xCqUOo7cExXiaA6Y0SaM72oclH2sX7WU+v1py3YAXm+6qd/lHwBkIIcT1Y:wqzo79xDG0i2o42eWUk18otdqllAk/r
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  CGown.com/DynamicShadow 2/mikritik
- Size
  
  2KB
- MD5
  
  932a2d291cd97ecb19997379afec2e3e
- SHA1
  
  066b68186a26d858f7b4959eef789f5da60e62ea
- SHA256
  
  84088290032780df2fbd2e9f2358fa1f7d7d8d09d4854d179a35a310d0a4b0e8
- SHA512
  
  57f3ab77145a8e41209bf72adf084ad59ae7a51f7ec33d4d961929a70985153fcd99bb39c4bb09a3a98791751be01014267b412e6cdb3d85da3c9648afea347c
Score

1^/10
behavioral25 behavioral26
- Target
  
  CGown.com/DynamicShadow 2/node_modules/balanced-match/README.md
- Size
  
  3KB
- MD5
  
  542c17f304c9e7e2dbcb23506d9ab583
- SHA1
  
  d9b686c9f82dba6de3bee402c29af7d354151582
- SHA256
  
  428832d502fb64fc3a5c1b58e55d7aae4cceb97418f6e3813b2a923e4905b07e
- SHA512
  
  d5a2ee0300706850ee2a02137b4f5bd2a2c6ee6ddaa4a39ab69f76e7b340ad37c742c47be7981229985a7012b1a1759812fa28b642453b3bdb1294b7af78a5f0
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  CGown.com/DynamicShadow 2/node_modules/balanced-match/index.js
- Size
  
  1KB
- MD5
  
  32722fe5688aa4937b71d77bbd45b026
- SHA1
  
  12161cfaa33be93568ec9a6fd3d9c357991a6a76
- SHA256
  
  06e4d0037715251cb3be2b2db063662f555b3538d9e30a9c517a54374d941cbc
- SHA512
  
  3a7f88d7859f65229ed973d2f7694fadf81eb6c904f9fcca7e270b6fd5f54052af57789c2bbbf4f57d9edef2cd7ffcb011f666f43a0d6e3b776e59c5726a941f
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  CGown.com/DynamicShadow 2/node_modules/balanced-match/index.obfuscated.js
- Size
  
  13KB
- MD5
  
  fc0fc6f3746ad68eaf11ef7ba87b4e49
- SHA1
  
  e97ed0f0c4b072187c48c1ce85d5748dc9115610
- SHA256
  
  1344b77c428806bb794bc8dc8302d3383e39349c7da1ab8a03ca36562d3f7de7
- SHA512
  
  ca09fcf2e51621b0d5016be13b86e0429b2a721bde6bc0132150acce9363559b556589c84d18b22e1c836bc47072229e8c5eb76430f5f00a199594567e2d82e8
- SSDEEP
  
  384:J89wCv27mND4yyZ0z44qxlujoLu/m0ohbrRi1m5Eb5pz5EF2zSWJcpNbvRjhDKeN:O9wp7mZ4yyZ0z44q3ujL/m0ohHRi1m5R
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32