General

  • Target

    85.zip

  • Size

    76.7MB

  • Sample

    240613-rk4ejswgjm

  • MD5

    2a10326200afe3cb562581b70ca064fa

  • SHA1

    a82c0869712d0788ba4a3155572eb257458dce41

  • SHA256

    a73f85cffbfb17fcd05be567ebafc30b91d5ff2270f964f95f7b8dfce61f1b78

  • SHA512

    fb72fc83a941a7270e63b574dffad286f22e3acf9de87bc4dc006a57ed50881d89b64e51a274a8dc823b1a0a75b272fcd8e24d4f35561dea686ed051de84fa28

  • SSDEEP

    1572864:G0ykof6CpKdaSM1M+sB7FII9/t3VCqzBBYJreZp8rj2DKrxK:MkolKdaScDohIIB3lj+rdGKrI

Score
8/10

Malware Config

Targets

    • Target

      141/141.exe

    • Size

      18.4MB

    • MD5

      672151956e85e6a431822b468c1dcdea

    • SHA1

      9ee1001441560ead59d458913b7584176b192a49

    • SHA256

      700796ac965ccd3e65d2bdea0bc3fb8b078797f4efb283d8b9d69ab166703a9b

    • SHA512

      697efca55d649f57cb91e8f412ec5d8b28a82863cf82d174639e9ac0fb980579ee53901586597b8d43dcc2d8316297c6225584304409a1155850c3258cd1d04f

    • SSDEEP

      393216:f80ckkacJgE6ZElIlTFGw0CKM8FZPG6IOyS/Uv/PhH1:fdcj+d8ITFGCkFOe0V

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      141/Addons/COPYRIGHT

    • Size

      3KB

    • MD5

      fc605d978e7825595d752df2ef03f8af

    • SHA1

      c493c9541caaee4bfe3b3e48913fd9df7809299f

    • SHA256

      7d697eaa9acf50fe0b57639b3c62ff02916da184f191944f49eca93d0bb3374f

    • SHA512

      fb811de6a2b36b28ca904224ea3525124bd4628ca9618c70eb9234ab231a09c1b1f28d9b6301581a4fa2e20f1036d5e1c3d6f1bf316c7fe78ef6edeae50ea40e

    Score
    1/10
    • Target

      141/Addons/LICENSE

    • Size

      41B

    • MD5

      67cb88f6234b6a1f2320a23b197fa3f6

    • SHA1

      877aceba17b28cfff3f5df664e03b319f23767a1

    • SHA256

      263e21f4b43c118a8b4c07f1a8acb11cafc232886834433e34187f5663242360

    • SHA512

      4d43e5edecab92cebd853204c941327dccbfd071a71f066c12f7fb2f1b2def59c37a15ce05c4fe06ec2ea296b8630c4e938254a8a92e149e4a0a82c4307d648f

    Score
    1/10
    • Target

      141/Addons/README.txt

    • Size

      47B

    • MD5

      4bda1f1b04053dcfe66e87a77b307bb1

    • SHA1

      b8b35584be24be3a8e1160f97b97b2226b38fa7d

    • SHA256

      fd475b1619675b9fb3f5cd11d448b97eddee8d1f6ddcca13ded8bc6e0caa9cf3

    • SHA512

      997cee676018076e9e4e94d61ec94d5b69b148b3152a0148e70d0be959533a13ad0bc1e8b43268f91db08b881bf5050a6d5c157d456597260a2b332a48068980

    Score
    1/10
    • Target

      141/Addons/THIRDPARTYLICENSEREADME.txt

    • Size

      176KB

    • MD5

      0e87879f452892b85c81071a1ddd5a2a

    • SHA1

      2cf97c1a84374a6fbbd5d97fe1b432fa799c3b19

    • SHA256

      9c18836fd0b5e4b0c57cffdb74574fa5549085c3b327703dc8efe4208f4e3321

    • SHA512

      10ba68ffd9deab10a0b200707c3af9e95e27aed004f66f049d41310cb041b7618ee017219c848912d5951599208d385bcb928dd33175652101c7e5bc2e3eba5b

    • SSDEEP

      3072:54ct+BcF1N7m8arf1kHRSusX2NyJ9KH4PF4j52eTjLAzE7GzmCK+XNhalQxkM8QB:N7mtrf1GhMF4j5RMGQoyzaXmR

    Score
    1/10
    • Target

      141/Addons/Welcome.html

    • Size

      983B

    • MD5

      3cb773cb396842a7a43ad4868a23abe5

    • SHA1

      ace737f039535c817d867281190ca12f8b4d4b75

    • SHA256

      f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

    • SHA512

      6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

    Score
    1/10
    • Target

      141/Addons/lib/deploy.jar

    • Size

      2.2MB

    • MD5

      2388c4c8d5f95e0379a8997c7c2492f4

    • SHA1

      906bf87eb1d8881abadbf93a3c4bba7887ca2a01

    • SHA256

      a1fd508eacf76645eb0885b243b5dd14239f1e039e8b53ed038226df91a30539

    • SHA512

      2cce11a5f97df842964b55408fcf1ec84c0cd561e664aba3a51275eafe59d7c920fcfd954c527da4d53acb191200cc64bf8150a33bcb9b038f36adb2cc69b1a1

    • SSDEEP

      49152:ABSxAmHHJwEu4l3Dyz7oQHeNHJJ2aAvfZc:ABEtHHaEuI3Dy3oQH2pFAvW

    Score
    7/10

MITRE ATT&CK Enterprise v15

Tasks