General

  • Target

    Debug.rar

  • Size

    925KB

  • Sample

    240613-sbqb1axfpn

  • MD5

    4aedf136c54f9a83eb3e6cba1b5f4f7a

  • SHA1

    f652f21c5dba0eb266f39e7874670f5ab3214ab0

  • SHA256

    eb8c2f93056b9668c7e589feaad208e08adb00e3f869e243a02d824763f0f04f

  • SHA512

    6f6911cfe4cd7410d316740fcfe652e7f449078453a902393e70e82d2ab4ec89bdcfc2be7d539bcb34aa1543b8c03b8b43ff21e6d91c4b98277de3cf2c5c128d

  • SSDEEP

    24576:WQyemHxYGKi1hCWO9BCAy9SH7kDhuVpdx:WQ5K6n5BNy9Sbmhedx

Score
8/10

Malware Config

Targets

    • Target

      Debug.rar

    • Size

      925KB

    • MD5

      4aedf136c54f9a83eb3e6cba1b5f4f7a

    • SHA1

      f652f21c5dba0eb266f39e7874670f5ab3214ab0

    • SHA256

      eb8c2f93056b9668c7e589feaad208e08adb00e3f869e243a02d824763f0f04f

    • SHA512

      6f6911cfe4cd7410d316740fcfe652e7f449078453a902393e70e82d2ab4ec89bdcfc2be7d539bcb34aa1543b8c03b8b43ff21e6d91c4b98277de3cf2c5c128d

    • SSDEEP

      24576:WQyemHxYGKi1hCWO9BCAy9SH7kDhuVpdx:WQ5K6n5BNy9Sbmhedx

    Score
    3/10
    • Target

      Debug.exe

    • Size

      627KB

    • MD5

      f64ac2d52a86b86f08b6c4bdc2d443e8

    • SHA1

      9268869f34ee1669642d8772273852789ec8fec9

    • SHA256

      1de70ae6a465a3132c37a907f37be0410e6febd57eb5a02b26711ddab94a85c3

    • SHA512

      b0ae630ff80b5277408c18a2d6bbd0c405ab370d0549607e3f3093feb1a1f9807fe4b6433d8b9fd5a4c6f105e7583c602594d356df7b5a6a15bc127fc20c7b9b

    • SSDEEP

      12288:wSO9Dx9JGtrjUCb5O3GwrJdovetVZK/WNIc9MSuklCpNkkblz1JEV2PjC/64owCY:NOdJGhjXs3GwrYv9/WNjySudblrs2Pj8

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • Target

      Mono.Cecil.Mdb.dll

    • Size

      42KB

    • MD5

      1c6aca0f1b1fa1661fc1e43c79334f7c

    • SHA1

      ec0f591a6d12e1ea7dc8714ec7e5ad7a04ef455d

    • SHA256

      411f8ed8c49738fa38a56ed8f991d556227d13602e83186e66ae1c4f821c940b

    • SHA512

      1c59e939d108f15881d29fe4ced4e5fa4a4476394b58b6eb464da77192cb8fe9221b7cd780af4596914d4cce7c3fc53f1bb567f944c58829de8efbe1fd87be76

    • SSDEEP

      768:Ar5EYZep98C87KHeBUZwrEzsEAnbF+em50KktmM4CRIcZwMRTIzMAtpw:Ar59g98C87KHeBUb5AnZG+zdwMRTzAtS

    Score
    1/10
    • Target

      Mono.Cecil.dll

    • Size

      350KB

    • MD5

      de69bb29d6a9dfb615a90df3580d63b1

    • SHA1

      74446b4dcc146ce61e5216bf7efac186adf7849b

    • SHA256

      f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc

    • SHA512

      6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015

    • SSDEEP

      6144:jIevdbLPNYe8bikm98KXPHhOWY/fFREomhUFD3z:se1PNL+QRfBg/f/EWFD

    Score
    1/10
    • Target

      Open.Nat.dll

    • Size

      68KB

    • MD5

      cc6f6503d29a99f37b73bfd881de8ae0

    • SHA1

      92d3334898dbb718408f1f134fe2914ef666ce46

    • SHA256

      0b1e0d8f87f557b52315d98c1f4727e539f5120d20b4ca9edba548983213fbb5

    • SHA512

      7f4c0a35b612b864ad9bc6a46370801ed7433424791622bf77bf47d6a776cb6a49e4977b34725ead5d0feaa1c9516db2ca75cb8872c77a8f2fab6c37740b681f

    • SSDEEP

      768:sF6vHHLFkywkNh5qtHMjkCifoydVXw5FxusiolecziijiSvD+ZGFa4Pw6OdrGHUm:8GmyJNh0tbt3MLQ9W2rG0Ydd

    Score
    1/10
    • Target

      protobuf-net.Core.dll

    • Size

      280KB

    • MD5

      22f7136e247426958accb8fbcaa61aa5

    • SHA1

      2a993d0e38f37847241f84b29d68b638c84f0d40

    • SHA256

      c2d60f830a36cfde073cec414df3ae85b9b93008b97be54b60c814f3098a642a

    • SHA512

      29e850ae64dda2393c78dbb7624ad3507f573f28308ccacef29a90954cf93cc6e3f30980d11cbef1bdc29d3b8f2c96ca2ed81553cdd06502f1745ccf19803955

    • SSDEEP

      6144:fs9o38N4o37q+5tdwTjJ7aplcCV0ErJIVj+:nc5tdujv4LJaj+

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks