4fd5453390d3915c066b008dfa65ffb47d3922c124b4d5c098324f95f8a934fa

Sharing

Copy URL

Twitter E-mail

General

Target

consistluvbug.zip.infected
Size

18.8MB
Sample

240601-m45phaaf3z
MD5

f24aee225a6cea3616dd54cb23f52338
SHA1

756e3e192ea0d8849fd293a22f5c4f8cfbb12ffd
SHA256

4fd5453390d3915c066b008dfa65ffb47d3922c124b4d5c098324f95f8a934fa
SHA512

a80dd7d1eb112b71103ae5119a5df98e70456b1804e48109d9f56a466a58b5ed3210b3d13851ebcf0843ec63f57989eaa9e97e7aebfcac5e6f739b0382cd4208
SSDEEP

393216:1MuJKZPnvYX/wAeuG2Vi8rVqwqo6VUmFkIUMBbl9xu9aOQ:1sZAwAeuG1AqwzimIzBZ9

Score

7^/10

Malware Config

Targets

- Target
  
  consistluvbug.zip.infected
- Size
  
  18.8MB
- MD5
  
  f24aee225a6cea3616dd54cb23f52338
- SHA1
  
  756e3e192ea0d8849fd293a22f5c4f8cfbb12ffd
- SHA256
  
  4fd5453390d3915c066b008dfa65ffb47d3922c124b4d5c098324f95f8a934fa
- SHA512
  
  a80dd7d1eb112b71103ae5119a5df98e70456b1804e48109d9f56a466a58b5ed3210b3d13851ebcf0843ec63f57989eaa9e97e7aebfcac5e6f739b0382cd4208
- SSDEEP
  
  393216:1MuJKZPnvYX/wAeuG2Vi8rVqwqo6VUmFkIUMBbl9xu9aOQ:1sZAwAeuG1AqwzimIzBZ9
Score

1^/10
behavioral1 behavioral2
- Target
  
  incognito/autoexecute/test.txt
- Size
  
  69B
- MD5
  
  8117b088670ace343038cc9e404d5448
- SHA1
  
  b293a8ea46badf3268312b03ffdcbd87936070d2
- SHA256
  
  f7a90e5208841b920b622e0c94eb32653daa297c07d3f8e4abd532201dd5165f
- SHA512
  
  574acf89b137f2ea2259ec704e76ac04fab40a4166f1b5957fc5701bffbefb25ea8d5e1efadc5a2c7249acd6bde419c759589b37f073b162b25bed29ee677d26
Score

1^/10
behavioral3 behavioral4
- Target
  
  incognito/bin/api-docs.json
- Size
  
  5.9MB
- MD5
  
  19c541f355cad5fb427a38317479b698
- SHA1
  
  aebc5b3b123ab962606b6072806027d9b6c758e9
- SHA256
  
  6c003208304e585290c9a655c51e5789c4f3e4241a9abc0139a9dbeb5d2884b1
- SHA512
  
  78e3cbe554cdf02457a3892033ebd9f74c5b4446e306248594d682918ea5dc6e52cafe72b3bdf59fda1f9f5b3879576ca1ef2d35cebc66f1d55543b618bcf7e5
- SSDEEP
  
  24576:7ccjk1+ox2ptidmo2KtMTdxsuBqXhGz+rM:hiVuBqXhGz+rM
Score

3^/10
behavioral5 behavioral6
- Target
  
  incognito/bin/incognito-luau.dll
- Size
  
  1.3MB
- MD5
  
  157fd035b2a344a94166d7db3756df0e
- SHA1
  
  f221d28c1deb80b4e8d9201226435aefce6b0f75
- SHA256
  
  8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009
- SHA512
  
  fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d
- SSDEEP
  
  24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk
Score

1^/10
behavioral7 behavioral8
- Target
  
  incognito/bin/save.json
- Size
  
  46B
- MD5
  
  877b13372acbf8bf740694d141d1aeb0
- SHA1
  
  0c764bef8a7c94ef610c129720d3d3d9a66fea3f
- SHA256
  
  1bc3e6bcf3d47756fe6e456ce68165d39ea8358186d1a9bb4b2e5911389b22c1
- SHA512
  
  38a6a7e7bf9572daeabbafb7bb1868d09f9b487e84e17da263f627315623952ab203c8dc5e940b6d59d15183bdd43d153a08ae421f12d085480e73fcbc3b5b82
Score

3^/10
behavioral10 behavioral9
- Target
  
  incognito/scripts/test.lua
- Size
  
  15B
- MD5
  
  45952b4f4540d4ea32b1a56b40dfcb54
- SHA1
  
  c43f61758aede460274cbe0a7a52ed3a8e06201a
- SHA256
  
  819627eee839b974a3a9905ea4f98b1fce63b9ef68a9a1030b39c52ec2046999
- SHA512
  
  5fae4efa4037c96b3012e825e1041ecb419b8b6ce6eeb2f4667228874ddb7be48137d9118dc676e6d1f430e71f68809837e4caea8fd65f6100624e63abb81e8a
Score

3^/10
behavioral11 behavioral12
- Target
  
  incognito/thegreatestexploit.exe
- Size
  
  17.9MB
- MD5
  
  985a7c5f0ee35a1984ed8b0c18847643
- SHA1
  
  2bf0487f62ef4a521d3d51b01a4b8b2625de2a91
- SHA256
  
  15aa7b28eb003b5bfea6679de772a34e59372f2155a87ba8f05ce8c4118e2e3e
- SHA512
  
  9230cf00c8145e199586e478e7db307e75d729b98af24ec1b73e4893348380bd81affe436bee7aea8dc2e1b22d0b7e49af98428756a5832df22f5411e6e7a7d8
- SSDEEP
  
  393216:qtabzFXC2ZKqm6GhXcrRwBsoM8km9XWkdQctnGHS4sak:5blKqm6GmSBs12Gkd/tG
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral13 behavioral14
- Target
  
  incognito/workspace/.tests/appendfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral15 behavioral16
- Target
  
  incognito/workspace/.tests/getcustomasset.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral17 behavioral18
- Target
  
  incognito/workspace/.tests/isfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral19 behavioral20
- Target
  
  incognito/workspace/.tests/listfiles/test_1.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral21 behavioral22
- Target
  
  incognito/workspace/.tests/listfiles/test_2.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral23 behavioral24
- Target
  
  incognito/workspace/.tests/loadfile.txt
- Size
  
  1B
- MD5
  
  8fa14cdd754f91cc6554c9e71929cce7
- SHA1
  
  4a0a19218e082a343a1b17e5333409af9d98f0f5
- SHA256
  
  252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111
- SHA512
  
  711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b
Score

1^/10
behavioral25 behavioral26
- Target
  
  incognito/workspace/.tests/readfile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral27 behavioral28
- Target
  
  incognito/workspace/.tests/writefile
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral29 behavioral30
- Target
  
  incognito/workspace/.tests/writefile.txt
- Size
  
  7B
- MD5
  
  260ca9dd8a4577fc00b7bd5810298076
- SHA1
  
  53a5687cb26dc41f2ab4033e97e13adefd3740d6
- SHA256
  
  aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
- SHA512
  
  51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32