Overview

overview

7

Static

static

3

Release.zip

windows10-1703-x64

1

Release/Bu...ld.exe

windows10-1703-x64

1

Release/Bu...ch.exe

windows10-1703-x64

1

Release/Co...or.exe

windows10-1703-x64

1

Release/Credits.txt

windows10-1703-x64

1

Release/Loader.exe

windows10-1703-x64

7

Release/Re...ct.txt

windows10-1703-x64

1

Release/Te...ep.mp3

windows10-1703-x64

1

Release/Te...FG.ini

windows10-1703-x64

1

Release/Te...en.bin

windows10-1703-x64

3

Release/Te...ty.txt

windows10-1703-x64

1

Release/Te...kt.dll

windows10-1703-x64

1

Release/Us...er.exe

windows10-1703-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Release.zip

  • Size

    2.2MB

  • Sample

    240604-jgwarsac28

  • MD5

    8eb8689953b50ed87194e2501e8bacce

  • SHA1

    0b3ffefe623bb1330f7e4d7dad553f6c1d2fae25

  • SHA256

    21848b3990f941028498dbde1b501b6b45adc21a09291453972ed278661eb514

  • SHA512

    03de0a0f12531d83e99dd1d47a8834613aec801b2eba512ef46e2dd7a03fb4564f8ec9eff75f9dd4a6f3aa200de326ae67fedc3fccb3197f8c7d71e13c0985e1

  • SSDEEP

    49152:gzrYVxHrIqvhEoSRlic9IfWhhNWcUic9+JJ7KLG3VYic9Jv0W4Lg:goVxUqpMsc9kUEchc9GJ7KLGvc9Rl4k

Score
7/10

Malware Config

Targets

    • Target

      Release.zip

    • Size

      2.2MB

    • MD5

      8eb8689953b50ed87194e2501e8bacce

    • SHA1

      0b3ffefe623bb1330f7e4d7dad553f6c1d2fae25

    • SHA256

      21848b3990f941028498dbde1b501b6b45adc21a09291453972ed278661eb514

    • SHA512

      03de0a0f12531d83e99dd1d47a8834613aec801b2eba512ef46e2dd7a03fb4564f8ec9eff75f9dd4a6f3aa200de326ae67fedc3fccb3197f8c7d71e13c0985e1

    • SSDEEP

      49152:gzrYVxHrIqvhEoSRlic9IfWhhNWcUic9+JJ7KLG3VYic9Jv0W4Lg:goVxUqpMsc9kUEchc9GJ7KLGvc9Rl4k

    Score
    1/10
    behavioral1

    • Target

      Release/Builds/Core Build.exe

    • Size

      426KB

    • MD5

      ee7451222a8d395f674cf6b1e77070cc

    • SHA1

      12fae352c304c3d942366fdc5721603b13810716

    • SHA256

      2fadbd898b3a93ec83bedc9a8e98e2e79c535ddd77dc97eed0c2036950c468e8

    • SHA512

      3b99476f835a3add9909f4f8a11885e10d4c6b9f47630d2d2a8faad7f5c198d01db4a86584cb2ffbf73f080e502a51a12e4a5f295e542ea8420e326010076acd

    • SSDEEP

      12288:iPJNfafITmHk8DTVLlYxw+KAGK6J+YHOu83:ihUf2+k8DdDhlJi

    Score
    1/10
    behavioral2

    • Target

      Release/Builds/OwlFetch.exe

    • Size

      445KB

    • MD5

      4453b6c7a03d8ebfee21632049e01eea

    • SHA1

      ad9c4815339c9c28c5fc3c394decee2f7d152041

    • SHA256

      774b1b65e68b01d641ce2b01ad8eca1aa0fe2a8f7e6dfe20db1f8f3337c3ca5e

    • SHA512

      fb86452f4fc5223b045893d77b51e31f49e7ab9cb70b768e8e687ce00e28c23d9ee5872a36cf9f598294accbb8e6ac464a09f627acbb9d987f49c68e1072b3e1

    • SSDEEP

      12288:VPJNfafITmHk8nMX5zgUYVWhW+yoSSYL:VhUf2+k8MpcWyoSSYL

    Score
    1/10
    behavioral3

    • Target

      Release/Configurator.exe

    • Size

      533KB

    • MD5

      cd963503431230fdd565f791eeb0faf4

    • SHA1

      c7a2367f6453d5eb03b30ce1c80efe57e62ab7b1

    • SHA256

      2f1a8e144af2a7eddc16dc0af60b8c81940697d08eda9c69e103338553d214ee

    • SHA512

      99fbe437fe365ea568c6dc197c5b92caba56ff96798e4d67f9788e4181f66514b4783c29938620c97dd7c54c8fc0fd9a18fcb37759fff4a3ad1ffda7f1a76fc0

    • SSDEEP

      12288:mCTisUc9EPMv3JRW8k1zNhS1FfYtVH+xNiWNWp4MbsofZ:jihc9EPMv5EfmRGVyiWNWp4Ms8Z

    Score
    1/10
    behavioral4

    • Target

      Release/Credits.txt

    • Size

      57B

    • MD5

      3b8587434bfe053ef3326b01fcaba3b2

    • SHA1

      8516503df999b37296c542749edc6b0e48353b0d

    • SHA256

      fe2fa72290e2318c8ea4602788262435f7156e55077e4e6decf80185124ea260

    • SHA512

      df6446d4f5879acf829adb1d3fb00cb5aad515e4fc9f02d5a3ea83cc5fbed932399274a3be55d94c58848bf97dbaefb3211e89a50c4b82f49b2c013546f194e8

    Score
    1/10
    behavioral5

    • Target

      Release/Loader.exe

    • Size

      597KB

    • MD5

      e5fa397a54ac8dc3585dbb7b69e43641

    • SHA1

      03585021d3553f92dd18065d4892024e616f0901

    • SHA256

      2de4a1eba0490f3f7ecddc7abb4417aa60ac302b897f7617d140ce763adab9fe

    • SHA512

      41a930ede3e5bbcece036290a1b7eb17549fa7e042f2ee56c5aeb5a5cc88ec4a8199ffc94d87839d53fbb623a012e0f0d10e688787d2d00c5e67a87fd52dfabd

    • SSDEEP

      12288:ICTisUc9EPMv3JRWVNF77KM0Q/LbZXXOOx/ock++4sP:5ihc9EPMv5AL77KM0GJndAcV+4sP

    Score
    7/10

    • Executes dropped EXE

    behavioral6

    • Target

      Release/Readme b4 Extract.txt

    • Size

      648B

    • MD5

      9da1d34477b122113b537e678a999b95

    • SHA1

      4ea9207552c2251b227f162578c5141474cc83be

    • SHA256

      5d9b84191053cf5f77fcd4ec2dd95f2da9bf814523cd55a00535fc5f38d11891

    • SHA512

      8d54fbae8ee6f662430706ea777e3123ba82302a4c84ffefca391bcfe379858a3017cfa5871061ac3c5368b7f199acb0a9fe92d58225a9be9898da1530b44d40

    Score
    1/10
    behavioral7

    • Target

      Release/Temp/Resources/Beep.mp3

    • Size

      62KB

    • MD5

      8c8bf841f6fb59155a375cf57f785728

    • SHA1

      36551f5c72773ad931044e5edbe1c14e1f5b9223

    • SHA256

      2a5af1a9373ac90f20cb200f89e8856e8c513136f24af1b74de312c35d733120

    • SHA512

      dc3c06011f03efc4b0976a9fb01d01032506eae760c3674064176f93b7ab0f6c5a61ac203bd0ddc8d1805c9e87fc58aea6d1781d193efbb5d53e3ef18948dbc7

    • SSDEEP

      1536:mh5jRM5w2Ig8vl8fEzszs0S2aqh9vTEzAQk8s2qcwp1ECCJGZh:uMSpbd8Mms72zh9bizZSfEC9v

    Score
    1/10
    behavioral8

    • Target

      Release/Temp/Resources/CFG.ini

    • Size

      52B

    • MD5

      679dd1caf9bd4a275300a38d0b89cc24

    • SHA1

      89f9b779546e191903799dfcef420a01af3691e5

    • SHA256

      f9255d33c598d96e448886ec967e6e493ac0cee1fdcaa8b5e75ca0327b93ad0f

    • SHA512

      ee03df411276f9b8ec619e0d82fa3ef3454fc38f8993036518ae396dd4fb38a195e44c5c845a5375b63c80bc9cbecd7c1608cf05b0f5d9666e299f0bb3bed780

    Score
    1/10
    behavioral9

    • Target

      Release/Temp/Resources/PreZen.bin

    • Size

      87B

    • MD5

      56f11a177a2f397fff06817868019056

    • SHA1

      430dad60448235f218d19aa38265ff67e0f60995

    • SHA256

      779066f1c7c48b93bbfcda1113a2c4526dc3bdc793413823cfb8cbff2a20ed70

    • SHA512

      ae38c891549f0bbcdf32c355a03c1d03696f3bd4ac61003b45bb2b06f17213e4436a0da1f767bb80af4d3f6b1e289875562c4a661f6967ab89335fb4ab625c15

    Score
    3/10
    behavioral10

    • Target

      Release/Temp/Resources/Self_sanity.txt

    • Size

      89B

    • MD5

      4f666c73f01a6576fc1ba56ccde2b3ca

    • SHA1

      6486098b2aed2ba3f4bf259393161b388a52a35a

    • SHA256

      6a8aaab4b33afdb2586ecf0868d806f896ba3d097bafe69a26d6040f70e4a2d9

    • SHA512

      d840b676c22300e69b6f3bddaf8d99c33ad2dbd7c6c98c8334ecf72218a0f2c76c5214fd316f1f087e0e5fa9574e709fe262ecd759f9399ed325501b75c01369

    Score
    1/10
    behavioral11

    • Target

      Release/Temp/Resources/ZenConekt.dll

    • Size

      4KB

    • MD5

      0fee31562fde0aa9da1402fdabb2aff8

    • SHA1

      c92a1778ba498b6dc723265595e6a56963c46848

    • SHA256

      beb81a2650e9d715f68273e1dd9b6b3d12d5fe6a97b658f07205bcd400d10c20

    • SHA512

      bd0d4e55f2acba82583f8070c204ff3064e68abbdd11c2339a37ee4beb4acffeef6c1fb97eab36344ee30d1fecaab1bd1138742dab3aa5c89fe5a70c2fdaa7f4

    Score
    1/10
    behavioral12

    • Target

      Release/UseSafeLoader.exe

    • Size

      598KB

    • MD5

      0e23eeef8cbdd0cea9122ead5a9e33d3

    • SHA1

      84310346cadf57e5bf77d02532d7dbd98cd86f25

    • SHA256

      5d399f24e9108b03920841fe2e0f622498c59104b83007eeb19050f0033fa7e8

    • SHA512

      3c85363249b4e23edf9fb31acab707087afefb67c7f65789f2df9250af3ae7e8c72079532f7208dab8c67399ef22302a40a82df84fbd6f8e7377d95247ce9fc7

    • SSDEEP

      12288:nCTisUc9EPMv3JRWoPAUCfVB4Kc/vxJwLYLS9Uv6cS:Mihc9EPMv5SnevxuLpav6cS

    Score
    1/10
    behavioral13

MITRE ATT&CK Enterprise v15

Tasks