General

  • Target

    Alumina_2.zip

  • Size

    13.3MB

  • Sample

    240609-zg53zafd72

  • MD5

    912954d81f387a34ccd68ee0925da2cc

  • SHA1

    3ccaf074c3a1c9aaf6358d0429b39d21c5064d23

  • SHA256

    2a6954b5799a682adf8e85719963dc2e5c7426c5a16ff1460599e8981d25dbed

  • SHA512

    dd42a6d5d73ea7a971094d97f1897549bd3ce02a0379ed1ea5b7c24d9b7807d0ffa2f28e240e5988319c08e1b13da4bdb8515c873f7f5cd58a91e611ffea7b4b

  • SSDEEP

    393216:tdCkolf6v+GawmM4qM+ImWLLCaQrNe/ulF/FurkPu2a5FZ:7w4Gf9pexsGvdugGT

Score
7/10

Malware Config

Targets

    • Target

      Alumina.dll

    • Size

      33KB

    • MD5

      cd594d6f8c45a53c92eba8cee0892b19

    • SHA1

      44ed665467454c424602cf386b15ca4c8fad9cf5

    • SHA256

      92a8f481156f2b9591443c93396fcc0a7c8178825b30e598e4f9be2c1556a086

    • SHA512

      e6316f356e09e05a9f4b8bbe16f5848fc0afbf0b5710deb408585be337de7045f6808fbde7e64976a7836b3e1ba7d2610d19baabf1d25ed1b06a77847c15ec8a

    • SSDEEP

      768:s4jLSGZXRB8LnVl1nTKrZlZ0cunYjZk8caDqz40IfeAdQX:3FXGVl1nTKrZH0cugFcaDe40I2AdQX

    Score
    1/10
    • Target

      Alumina.exe

    • Size

      137KB

    • MD5

      34a8c4c1a43a3aaa85df844d28ebeb1a

    • SHA1

      647d4f18a53607aec807ac98dd8dd4e2cdfc8fef

    • SHA256

      c931ddad142e4f79b323c08494cc35800a7e934e56f02150fb42db8ea0becbff

    • SHA512

      6c3bb690b62d2e73b44ebddde837ffc5bb5e2e5a3db130ce9e663c84e3e2d7780b277150046b13df154448c3eb103f2e9bb93dbedd1150cb43dec2f1541fe510

    • SSDEEP

      3072:sefQZKfOC31VwyY9egNtfNjJvjmqqF7Hb/LMm5MoDn:sDewyY9egLRePYm5j

    Score
    1/10
    • Target

      CrystalAPI.dll

    • Size

      54KB

    • MD5

      b861de6dc603a9c29937256e1bd2f2c2

    • SHA1

      4959f586f3018339ac1c7621c19a8a493012866b

    • SHA256

      fc68f949f1d0ec3b649824b3ec70805e56cc13c97c47308975ba0a1c5a24dbc3

    • SHA512

      03add2317daff996f03b43f0bedf44db874f22c3c9c59af6f842a11447471f124f191ba5c718c1179d6c626607641fc5221bb409aeab22332a5722ab113ae75d

    • SSDEEP

      768:VNOrGXHtf4//3oCcqQxlTnAIkVPNizQnTILi92OxLYPrpJLu30sRvYwiczeTRiy:VCGXC/foDqYBAICFIcuOqJqv1HCTR3

    Score
    1/10
    • Target

      ICSharpCode.AvalonEdit.dll

    • Size

      607KB

    • MD5

      36bafbe39e16b7827e04c2a75e40999e

    • SHA1

      aa677b03098bf2a601e5d8c7c52ce62124d528e0

    • SHA256

      d41138d2e17998e77aeba0a5dcdedaaa08c2601aa72db6a6b7b9b56910372515

    • SHA512

      caccfa7c357d5bd0e0fce3280b6af4fd5a0f70d7b500176df1ea518ed4cf15b2ecf60efebac5bba175af17efe46b2b2fdd0dede10c8ebbdb4510eebce814c75b

    • SSDEEP

      6144:YrbNGioV9q3JxbQ+D0eQ/8NLjdkEJwZCOjka+WPXjWbUORPsXlZjou:8R+q3w+Vo8BdkEJJbI

    Score
    1/10
    • Target

      IronPython.Modules.dll

    • Size

      779KB

    • MD5

      878fceb8e744235fa7e150c188e1966c

    • SHA1

      83a7429c558cce21e044a68f050e660b7432cfcf

    • SHA256

      6318392660459aafe5483c2740746882463e803ef69826e60d0b5272d901de04

    • SHA512

      c39f31b119857ee4930ac062dec7a7266f43e453b8d1486a419885666119e2b3f88a4bdf12fa3935943dd4111e41d85b72426f403bd9df1fb1ecfc75bb7c18ba

    • SSDEEP

      12288:dglLZfXhz/ksSMXb0BgOvlBxKOXl+8B3hsGaVt3zGbhEf2:qbfXhzLSwb4lRy+a2

    Score
    1/10
    • Target

      IronPython.SQLite.dll

    • Size

      622KB

    • MD5

      dfdb53134f7670740d7efc2368ed5044

    • SHA1

      abb8c3fe32ee87ccc4dd3c6e3e417d0c88582f97

    • SHA256

      d0d01e60dc3d4e66a4be29ccfce2968d0fd5abc74c494731a3e4e7222f38a99b

    • SHA512

      ff80081af10b54e7a2a32c60171378de860d5b55cd9626cf65fed81bc8735a34be01a340bb68b3ac9fa96c5c8ce6c93c48478d3b96456a3512b25fc384971605

    • SSDEEP

      12288:bthFb3lVED5jerntyGdb98kKEiDCR1vlNmDNnWe/WiEE/f:525qDsA8VVfWiN/

    Score
    1/10
    • Target

      IronPython.Wpf.dll

    • Size

      10KB

    • MD5

      ec413641b53a3e242d89a2fecc46c421

    • SHA1

      faacf6f98671fec0cd7d1ea3dd53d131b41e6f5c

    • SHA256

      09a43b228df75fc479db50a634a9f10029d21bcc6f60d9463e09ffa520b1992d

    • SHA512

      1e55a3a9c919bfe1581e166238ebbc7e723808097dd9b2611ce2f6e799e963b99007a72e73ad9663e2021820603e4a6b3d1c66111d602643374449825ff005ea

    • SSDEEP

      192:RP0eF3++A1+rmxxbTbngDPH172GMBTqjXZ:ysWTELV72GM4J

    Score
    1/10
    • Target

      IronPython.dll

    • Size

      2.1MB

    • MD5

      359963191a978df680215a1e5ab23a4f

    • SHA1

      fac959c1d7674a035200f0b48175913d3cccc530

    • SHA256

      4ffc9bd5d0c1f8b9c07bf13b222d7568acfc664510af44ac66889b90010518eb

    • SHA512

      5a3fc39af09998801247e815a57193469e51ac28cb1b40ed1076414a7c988ab1c73f85e99b7105e672e912e43fcc969cee0b3805b1293f5589e744b1b1a54686

    • SSDEEP

      24576:Y3gw1dm8uMl19XBsGF1bq6RXzT5gAk6GBbq/0lA+9VAK4OPwoI/8fScj01kfCsXo:AmS26C/Vp9wDDNggnPC

    Score
    1/10
    • Target

      Microsoft.Dynamic.dll

    • Size

      814KB

    • MD5

      979618dee2e9f258cb5da077e3aef0a9

    • SHA1

      af57a2842c4fa39586c7cce05e51052465f61ed5

    • SHA256

      b2969ba949f88e88287b96f997746d32cc42b31360d4f9434acdc4dbddd6c644

    • SHA512

      b8c5467cd39e9cbd1b12c5defa3d9ff2fc3665966cc17aa1539c88e9154c6f8be20c246ac7fcb234e7b40dedae65d03ca8ade2dc688945176bedc7cfd59cbd48

    • SSDEEP

      12288:t8nO/r04/s9jo2+KNKeLCDBc4BnxKeC+Em:t8O/r04/io2tCDB92

    Score
    1/10
    • Target

      Microsoft.Scripting.Metadata.dll

    • Size

      87KB

    • MD5

      42f2b5fcc2bc1a2ea43f6a4c31b74d5e

    • SHA1

      154b3a152151136aed39ba2d15132abd865eb768

    • SHA256

      74f1812c4bac23505cd329b61caa560de9f55bcad2a7db3262222471910bcd0e

    • SHA512

      03d882750262003f6b734aec9e99ab2097c2072911467925f8e767bba45f777febe59410db6596b59b66223e87885391f51d7e4bf1682a9776c6b7fd82b3bc5a

    • SSDEEP

      1536:h/Qvp/w/iG0pHF2k/9HAYxAEFVUF4T0LrdknXgIC/:tQJw/D0y+HtmrdkO/

    Score
    1/10
    • Target

      Microsoft.Scripting.dll

    • Size

      133KB

    • MD5

      883fe2b3280eac11f39ba25fb03b7883

    • SHA1

      3e7b46e744ffcdf61e42a95e7f420375b8c52ee1

    • SHA256

      6e74a54398d91b5457b359bbd3fb5c48d8524229aca1580562e1703d5f0e61e4

    • SHA512

      d928d5c27afc2077facba84d5f141db7fc22e54ea259e3cffd9c611a040730383cd5b7905c6b59daae13c2503852660f52b1a640753db99b24c2109fc9c6a27d

    • SSDEEP

      3072:x0ejHq6O4//9R7tlU6SL8z+cv9GJz0h6qygLrX:aejvRJlwL8Sq9GJDDg

    Score
    1/10
    • Target

      Microsoft.Web.WebView2.Core.dll

    • Size

      488KB

    • MD5

      851fee9a41856b588847cf8272645f58

    • SHA1

      ee185a1ff257c86eb19d30a191bf0695d5ac72a1

    • SHA256

      5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca

    • SHA512

      cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f

    • SSDEEP

      12288:W/TcW1virB3ye+iKzORFNgeA+imQ9pRFZNIEJdIElxPrEIgcvLcglxMwCepM1STy:W/1C4I

    Score
    1/10
    • Target

      Microsoft.Web.WebView2.WinForms.dll

    • Size

      37KB

    • MD5

      4cf94ffa50fd9bdc0bb93cceaede0629

    • SHA1

      3e30eca720f4c2a708ec53fd7f1ba9e778b4f95f

    • SHA256

      50b2e46c99076f6fa9c33e0a98f0fe3a2809a7c647bb509066e58f4c7685d7e6

    • SHA512

      dc400518ef2f68920d90f1ce66fbb8f4dde2294e0efeecd3d9329aa7a66e1ab53487b120e13e15f227ea51784f90208c72d7fbfa9330d9b71dd9a1a727d11f98

    • SSDEEP

      768:SNGbP6+wTftcZDgcEST3p4Jjrjh2jJFSUyauYv1JKia5/Zi/WGQKVu6bRaMBo0wx:OGm+otcZDgcEST3p4JjrjaJFSUyau01U

    Score
    1/10
    • Target

      Microsoft.Web.WebView2.Wpf.dll

    • Size

      43KB

    • MD5

      34ec990ed346ec6a4f14841b12280c20

    • SHA1

      6587164274a1ae7f47bdb9d71d066b83241576f0

    • SHA256

      1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409

    • SHA512

      b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0

    • SSDEEP

      768:1n/WlAKj4s0TV09797+nXDheteXBxc78OSW3Z8lcDP/ryEH0UBy4JjrD1h2j5h3E:1+msYXR3sZ8lcDP/ryEH0UBy4JjrD1aU

    Score
    1/10
    • Target

      Mono.Unix.dll

    • Size

      185KB

    • MD5

      62242a8dfcb2ff6a6d52994b49a08bb8

    • SHA1

      a41570356ee9e7639f0a7d76b744c0eec3962e6a

    • SHA256

      99bafdcab6e98708f76d6359c7b855994680385de3d6d2f0eb86d891f13074ff

    • SHA512

      6e42d9fef428371f75b8c7e0707b005bfc27ab42c17f63e5dcc17fadfd6a124b416d23a0055dcbcf6c529b814c736e891c7eb187a3567635e1165941a60a6a83

    • SSDEEP

      3072:2urZ6vJBxv8DZJzREDnguJHr0m1fcszJ3TXPnRxnnEg77MLV9TfiSVePoACq:2Ierv8VtCx0m1fcszTXPEq

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10

MITRE ATT&CK Matrix

Tasks