8b56d75369b933d12b1468863c0fd035a36e0781c928683d2e315cd05fbc05b2 | Triage

Sharing

General

Target

Release.rar
Size

1.6MB
Sample

240604-pglzzsgc57
MD5

18f5e8a2942ceb42136470a8b07e60d2
SHA1

81bb9cbf8d3bd5827868d4a85041ac74d11dc8af
SHA256

8b56d75369b933d12b1468863c0fd035a36e0781c928683d2e315cd05fbc05b2
SHA512

67945aedca781c21684e9b467913da59e32a87a4ded1a81264fce6c56aeef80e64e39b89d4bf28057e5ea9eec38900e2ae097e8716b731cdf8370ffb61defb7a
SSDEEP

24576:cWLVkYE5635ZOH/qJq0uX5NVs+xCl6bp4zEgVcHpfXEQwHn0bbeP+mp1UDPG5n+9:pKYnkHCE0WVseYYgmJfU19d1UsTtN6

Score

6^/10

execution

Malware Config

Targets

- Target
  
  Release/Phantom.exe
- Size
  
  1.5MB
- MD5
  
  77447f97bedafe2dc903866ad18e25d6
- SHA1
  
  aef3c31376a39c2fff32a5c0ee7807257e9f6108
- SHA256
  
  2d32e99c12044e303025702f893ff65cf9a1a3cbc4991129f8188ee055d943f4
- SHA512
  
  8cd0760429bc259fe3ac7712af143e60e432e27be958f9ff0a1d73ad1d8298dd45137ba06bdda506f3fba930dff905a2c7b814045a25ca081cf930f565976475
- SSDEEP
  
  24576:Te2Jb4/U8mGWArwSZ6Ffxk/oKdpyuw5D9wJWopfw+Jwz/S/6R:nJbV88ovZt5gt52Wuw+W7SCR
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Release/Resources/AESStub.ps1
- Size
  
  1KB
- MD5
  
  7e904e4b72b02ea7a8d119fe058098b9
- SHA1
  
  3ebec34540891c5bef7b7a8699ce292273186def
- SHA256
  
  dd4bb9fb223c012bc3b3dc7379eb28613e3d695fb20cab6b28fcc1232aaa26c8
- SHA512
  
  2aeaf3b375851ff98d82c400fd3bc003dddc1871cd7f512d6ee541d5a48e5a1a12e47f15a073b81a7671f47fa5b92a62e6ad56f00599a95dea5926a7e7a73905
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Release/Resources/Stager.exe
- Size
  
  165KB
- MD5
  
  ac33ed2caa0a7731a71c827e45548490
- SHA1
  
  ed360eaefc76c530bf286e3b8926e85eda4c40df
- SHA256
  
  92b75bd39b35dc47f200ba8dae10e9f4d748c1d075834ad3da8cc15eb89a0623
- SHA512
  
  ff0dcf504f65d154a6036059c07446550795416e64f93c966ff102c5121967b9b8ea79e4a3ca7ef4587e367dbba90e290b2536f1fd93b9137d419e7e48614a5c
- SSDEEP
  
  3072:onK3bgpcSTNwqWmBGvRrPDk+RdjcZhyLupN7vxyI/5x/pVNO6AdPuf/l/1mlcS7d:oebmcSxwpRrPDhiZhyLiv3/5FZ3AdP0m
Score

1^/10
behavioral5 behavioral6
- Target
  
  Release/Resources/Stub.cs
- Size
  
  18KB
- MD5
  
  9ad7154e37d5fe66b6b0bfb22494aa4f
- SHA1
  
  a989c06fc77b8dc20f7a893b8815b60002a6edaf
- SHA256
  
  5f77c3f3b268981404debedce190cd198d8ff6c8916e409574a269f005d40a36
- SHA512
  
  b2664baf86e767af9c16154861e4f239fa73a3843c977adf0b1443152cca70dab2a54834874fff06a0709a8b9450aded589e403de288d92d1142d5c050d13968
- SSDEEP
  
  192:EM7MwF5aB7xxdLHkzjhABa4j3QD08hQIXTKLdLXFjKLHYp:EMB4xxdHADjhQIaL5p
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Release/Resources/UAC.dll
- Size
  
  106KB
- MD5
  
  acfc38a006933ac2d7c84d71b117d37e
- SHA1
  
  8a7630cb0c760c0c70e6bb75afd8d05d4fa40840
- SHA256
  
  cd394322e3b8948786845519064e1b476caabb4f856e884083c7447be9c34cd5
- SHA512
  
  11633900577d3af785191ab3cc362dda22c1eac8ff6507a10df7ae8ce7ef699f48c2c15cf841e2ba259ec63d53a01a8355e9ce830029162ee658e525bce2caee
- SSDEEP
  
  3072:KXoXvMozBkYzYCqljFqr9RPmockPxiTUUCVXZ:w+rNkKYCkjF+VXZ
Score

3^/10
behavioral10 behavioral9
- Target
  
  Release/Resources/UAC64.dll
- Size
  
  137KB
- MD5
  
  064e92695a1af94c39c2d1f936fa183f
- SHA1
  
  25653e3665fa5beee5f2eb4c6cece23b7b0a660a
- SHA256
  
  6de1117c5407b0e061856351da89328bf6ef3f09ca59633547b8ea095f36625f
- SHA512
  
  138f3c0fae05f342a10be4be35876c286a47020e90aea036ffd8e450a1a07ceb7d1a1a9aee53665e52ea3ae571dcd3212c6289f1650313c95ad6d9903f71d369
- SSDEEP
  
  3072:LVVTOhqDnT193DO9YXUCuEy7Yh6Jd2maK1FckPxiTn/FSGj:LyhqDnx936aX3A7g6JhIcG
Score

1^/10
behavioral11 behavioral12
- Target
  
  Release/Resources/donut.exe
- Size
  
  242KB
- MD5
  
  2a516c444620354c81fd32ef1b498d1b
- SHA1
  
  961d3a6a0588e654dd72d00a3331c684cf8e627c
- SHA256
  
  ee68d7deb7cefdfca66c078d6036d7aa3aa7afcc62b282999034b4a1faed890d
- SHA512
  
  e8e4bc395997eb6e83e147816faf00ae959e091acba6d896b007781bdc9146157d049d958f9ff7b71a746ed681bd4dcca2fd84aac3eb76c4afe41d49e9f7bd2a
- SSDEEP
  
  6144:ZiF3dWaGNQzmzbgONa3sbMMnl6ysB8X7+AAAAAAAAc8:gFdWaGNGGLUWl6JB+A
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14