Resubmissions

01-06-2024 21:48

240601-1nsa5age89 10

01-06-2024 21:40

240601-1jd8psff6w 10

01-06-2024 21:33

240601-1elf8agc72 10

01-06-2024 21:10

240601-zz1wzafa7w 10

01-06-2024 20:55

240601-zqex5sef9z 10

General

  • Target

    UnityLibManager.exe

  • Size

    90.8MB

  • Sample

    240601-zz1wzafa7w

  • MD5

    114fd33387b4888d2d62690655cd6dae

  • SHA1

    c9cd2231dd18d0bed606eff81c1c20ff3bdd8bff

  • SHA256

    c35d052840a11e04e79b507fbc5c6e086bc9101ab602ac745d9ed343f2cee488

  • SHA512

    837aaeac5d3fbdf382c8dd5433c8035685a0f1dae1dc88e09e960b933ead20c9cbe6815bd9ae7542d4143242c49fffd10c0423a1090e1fb7a6c9d3985f90d789

  • SSDEEP

    1572864:IUmwDpaW0RuEy0dEkqkktU063DpeyJ7UiGGYYWKq//TjlTkRBoly:FdD6c3pkktk3Dw07Ui59WKY/FTkQly

Score
10/10

Malware Config

Targets

    • Target

      UnityLibManager.exe

    • Size

      90.8MB

    • MD5

      114fd33387b4888d2d62690655cd6dae

    • SHA1

      c9cd2231dd18d0bed606eff81c1c20ff3bdd8bff

    • SHA256

      c35d052840a11e04e79b507fbc5c6e086bc9101ab602ac745d9ed343f2cee488

    • SHA512

      837aaeac5d3fbdf382c8dd5433c8035685a0f1dae1dc88e09e960b933ead20c9cbe6815bd9ae7542d4143242c49fffd10c0423a1090e1fb7a6c9d3985f90d789

    • SSDEEP

      1572864:IUmwDpaW0RuEy0dEkqkktU063DpeyJ7UiGGYYWKq//TjlTkRBoly:FdD6c3pkktk3Dw07Ui59WKY/FTkQly

    Score
    10/10
    • Epsilon Stealer

      Information stealer.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      my-app-1.0.0.exe

    • Size

      169.1MB

    • MD5

      b43efe56dd3c84590056c8c87ad3e6f4

    • SHA1

      9e490bbec3f132b7eb8ac39dd4d001da8b275b58

    • SHA256

      d851af974512dc132e8931f8a5d9f443af614e7eb45c140fc8c8971dbb960d78

    • SHA512

      0800a75016ba6b81de945aed51cac599b21fc24fd416ed360599f585d95a20781b7fa11cd9d7225a30b544ae768f0a38da1f427a42d406e21024b1a742fcaf74

    • SSDEEP

      1572864:kKrstWwz6PqazPK3qyBcr35JBNLDD/FaCA7pmLMzCOtoAJnn/N0wIbyraIjR:8W0qr26byra

    Score
    10/10
    • Epsilon Stealer

      Information stealer.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks