General

  • Target

    honzeEopnaC.zip

  • Size

    8.4MB

  • Sample

    240616-p9vslaybjr

  • MD5

    02b3c40ed4b99ea995522a918e00ed12

  • SHA1

    e90f6c5fa0c1a18072021fa332ce18438b382f9d

  • SHA256

    1e97991128cf9cc7643f8175ea8269e393211ef477ace9cc78be5e9acce05e4f

  • SHA512

    501c4ee6e59635cdfe1452fa682aa55fb72b5625f95995e73cafe958c0940efd8fe5316775b50eed1001a570a07c6eafdcd17f288eec7d1570509a74078a612c

  • SSDEEP

    196608:NpbUfGHEAGCKtonpy+9zUwKRew8nxK3yrjstiA23wlt5mV:NWuHEAcoIiQynxWyrw4wH58

Malware Config

Targets

    • Target

      openMe.rar

    • Size

      8.4MB

    • MD5

      3da01ddc8c5124871b676be7b55b974f

    • SHA1

      ff8c90489d35ed87491365af4b6433d39f919b8e

    • SHA256

      41e4567256cc28254ca8154b1e0253ae71a0eb2ff48f8d1054d55228c9182823

    • SHA512

      c9e60b6c49cf8608abaa28a920c106556c0f33bcba50ebf00f0fc1ccabbc800b05053af6306f8be7130ed22cd953c139bf900c79abbb6f2df2b945c161aebedc

    • SSDEEP

      196608:apbUfGHEAGCKtonpy+9zUwKRew8nxK3yrjstiA23wlt5mk:aWuHEAcoIiQynxWyrw4wH5z

    Score
    3/10
    • Target

      Unic/Unicore.exe

    • Size

      250.0MB

    • MD5

      daedd0adf5c3350ae5a16312887c0d72

    • SHA1

      2ed4ec4419988106f6ed577e0df423bdb902eb11

    • SHA256

      998ae90e88e1810bccb2378e6f023348d407829d09a5b21110dfdaddd3d6ead6

    • SHA512

      e3c69d322497993531182e0baf2f23537edc4d5cbc23ce5e8e8a77d5f76bf82995568bb37f00258b42f902ec52c675b0b5fb2c8098f4c92aee67224935e94503

    • SSDEEP

      24576:cgkBhqECQiwDnaBCAhA3mmLBJ3OBqaPzrcw8oVfwlas:cgujMu1WN8w8oVfD

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Unic/web

    • Size

      18.7MB

    • MD5

      88fd7dbf04bcf75123d02009aea3f7f7

    • SHA1

      cecf16bdad71e54afc941179ea2b7438a04efa1d

    • SHA256

      01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4

    • SHA512

      2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917

    • SSDEEP

      393216:hqA/D2IIyzg8DolBo6i0KoI6Di42sC1/syU3DXNs6hq8:hqcaZyV0fC1JOpjhq8

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks