General

  • Target

    1.0-DC-Cloner.zip

  • Size

    20.7MB

  • Sample

    240618-25f5vsshnn

  • MD5

    d1c4485f98d1de8fb57064617d6d839a

  • SHA1

    5fbc5eba124c72a76304e8ae49cd0ccff79a7ac9

  • SHA256

    c1531a047f4abc08d800804585dec3819ecffeaaf2d3f44fec022c7915266eb4

  • SHA512

    2c6897357d10f70d08c180678834c8e13dc8b91f38fb996415a32957aa7d8a7d8d0c92cd71e0be8c7f4da304e7006e4b26dcb3560e83c98b429ddcae668f0fb8

  • SSDEEP

    393216:5dldNRnl+HtkW5baQvYWmPydYxy5bRElOaGSq2wke8UYbKyOZOR41DdEBXK:5dl9nlQtJRaQv6KdYxyMO/Sq2wkRtOZJ

Score
7/10

Malware Config

Targets

    • Target

      DC-Cloner-Launcher.exe

    • Size

      9.1MB

    • MD5

      88325b344692b8ee82b0de959e132431

    • SHA1

      5ac20a2ea9eaecd7b2e98e5802ca90727ef46060

    • SHA256

      f02331ae6c062e670c60890e96581b4ba388c20ea005ee0a6759191680e69b1d

    • SHA512

      2692d59e0c21782835c9502d4b6b4b5f6b83d400e68883a0b2757a4afcbde96656f499b8402894691f35a430b2dd6f51879b0d4defe3930882c49c9a82eb3c8d

    • SSDEEP

      196608:lFDsxICteEroGNE+sKsXXgN/1k0W8/L13+dgSc5SEHkfOzZJ/X:qInErocsKkXgHDW8B3+d9vhfOFV

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      data/server-clone-bot.exe

    • Size

      35.7MB

    • MD5

      e70809c193d3151696ce35bd4fc37f6f

    • SHA1

      d19c102d2dc8354be357822fc3162a80df8050ff

    • SHA256

      6df6d0b605424433d4b163b7ad0416e7a8acb4f972a2f28784db23f585f124e6

    • SHA512

      acc11547921823d1123b778796bb2454b07639cd0202e4b0ad59cf673acbf273792c165eb63b9416d830ce3cec3aa32603c3a1c336c2d7eedd4d585d993e3946

    • SSDEEP

      196608:kz/vRsCvyg4BO8nnqxyc14VS4o0/exjOHKlUDbI6CXZcWGNI0I:yXRhvygzGqYc6c4o0WROHEeI6m9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks