d4f13de0520e56d0174c637e16bffc9cb8e879eb3cba5623ef786c3955cb96b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eclipse.rar
Size

140KB
Sample

240602-xx6y4abh9v
MD5

d68933ec83d984ff48a45b23b4d94c51
SHA1

84cb4db92cdcf240e80f9f1058e0031a7b9e1a9d
SHA256

d4f13de0520e56d0174c637e16bffc9cb8e879eb3cba5623ef786c3955cb96b3
SHA512

d7df8bdc9670ddce645cdb8d64636ccca0cc27adff8991576573f7f484dd922673515936dfc5d833257f1fc956ad615694217df2ac201814555961c4b76921d7
SSDEEP

3072:p82vLAPw9xbJB8wqy/lERHev3yUc3McbzgJqDjB76upaWj:p9APIOy/lEyPcxXgIvBmTu

Score

8^/10

execution

Malware Config

Targets

- Target
  
  cprcutor/growtele.dll
- Size
  
  3.4MB
- MD5
  
  402107400e9ad85c5508a710482b832e
- SHA1
  
  be15012a09e79f36205b82b182dac32924c9c382
- SHA256
  
  8d08eb0699e6e02c3e2f55d7c21ac029b228e6d345345a72924453934581f5ca
- SHA512
  
  6f36a79e0ed90517638856abf398048c7589edf5f0de75ae7c329431c9273d6e9c756e96cbf99e544964170845e1e65dadd6d910a93837cba494227b9bb0b845
- SSDEEP
  
  96:Mvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv0:L
Score

1^/10
behavioral1 behavioral2
- Target
  
  cprcutor/open_me.bat
- Size
  
  3.5MB
- MD5
  
  1428e8b5ba2f69994c0b03698a898118
- SHA1
  
  4e893e5f844745e6a8e47e291ed425b5f44f1b53
- SHA256
  
  e064709e65f69feefedece379196d870f2dcc8d5c48c1b794ff8dc6eb96ff908
- SHA512
  
  6474054a1f6441d7445b2e10309a235d1b48d7551c4a9ed422fb1325ac3ca354a204604bd00728ca3c6e063ac910d4a0e442424c2538315c918d6048e9d8cb10
- SSDEEP
  
  3072:UxL9CvZ0gNS67Jvq0tH1obhNsRQNV14IlHDokfe5sio8HpF0twd/Z:U+SgNziGiboiNnNkB5jH3wO/Z
Score

8^/10

execution
- Blocklisted process makes network request
- Drops startup file
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4