3a9f58b8d88d30ccdaac288400cee96ae8792ca369b4d6149da69f2ebdbbbb6a | Triage

Sharing

General

Target

release.zip
Size

7.9MB
Sample

240616-pv3vnatcrf
MD5

8e5f98fe2a0840328dd021a77a13123b
SHA1

e6ca96cbf386aee5cc2e69ce67cfe5ee60c83cd6
SHA256

3a9f58b8d88d30ccdaac288400cee96ae8792ca369b4d6149da69f2ebdbbbb6a
SHA512

f5d37210c9a705507805d1261296c14d463da3efd1ccf056a4b9a65d8a363ec19f6d1bc2ece0ecbf429713827f054db4cf14d1a22d1cb657fedf3cf07fed0f27
SSDEEP

196608:Lyt9CbHp/A56RbEL3qVt5xZGuG4ukpklZZToon:Lyt9C9/A5UbEL3CtRGuG4uJUe

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  SpaceBootstrapper.exe
- Size
  
  8.1MB
- MD5
  
  075acc6681b76b7711d2c4382f338047
- SHA1
  
  2198367e911bf4d9427470d1927605783ef8ad7b
- SHA256
  
  563c5f0ef4b8403e4a933931ee762b428fe1d6b229d452a1d5397f050393f4b5
- SHA512
  
  29d0bad832d503ca637eccb2dfc7f1855c3e0efa9ff2a50f2c896067917b1acb8dccbbc6a8474d6f9535cb3d40ca0e12be071b475c2b12fc41656ae230177bf4
- SSDEEP
  
  196608:YGEUn61W903eV4QJ7MToEuGxgh858F0ibfUxgABObk91tlw8:KUnwW+eGQJ7MTozGxu8C0ibftqi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  reqs.bat
- Size
  
  191B
- MD5
  
  e513f85af914b399ad2f943f585d2ccd
- SHA1
  
  ff5a984ea0c68c352442e09324af97964c44342d
- SHA256
  
  34d73847675cbb22c88b190afa1324e84cec9a7333330334efd0503b62556710
- SHA512
  
  82db98a912c5fcc3d70df10e77ffd1d051e1bd59954e1751178c30a50b99444d186083e60e30c920839799db04219d3635568bb9008f9a6e8338f5f326d41cac
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4