General

  • Target

    DANGER.rar

  • Size

    40.2MB

  • Sample

    240619-rkl59ssakg

  • MD5

    76adde3d64df2822df260224c268510e

  • SHA1

    9723bde0bc4d86bc17546c5cd6a93d792eb62e27

  • SHA256

    9f7b01b4f6ddbff787b1af1e1b5ed7301e8cfef0f6387797cc30cd00dcebe1c2

  • SHA512

    c9bfc0d20df95ca4ce07d1ec5f5ffd541b7604d25f10d06e73675b3205cc18a7ac6d0f97f9d88a5d285e701104c3bc5ae8b81bc4506b564f75b875dd9cf2cf3c

  • SSDEEP

    786432:vlIwXHQJJybz7AsqoboYLqkRWLGNSeCt0vFIzjiK8JgjeJZ69SkBv6o:vqwXHQXmXAsq4PLqkRrLCevFIzjiK8Jw

Score
7/10

Malware Config

Targets

    • Target

      DANGER.rar

    • Size

      40.2MB

    • MD5

      76adde3d64df2822df260224c268510e

    • SHA1

      9723bde0bc4d86bc17546c5cd6a93d792eb62e27

    • SHA256

      9f7b01b4f6ddbff787b1af1e1b5ed7301e8cfef0f6387797cc30cd00dcebe1c2

    • SHA512

      c9bfc0d20df95ca4ce07d1ec5f5ffd541b7604d25f10d06e73675b3205cc18a7ac6d0f97f9d88a5d285e701104c3bc5ae8b81bc4506b564f75b875dd9cf2cf3c

    • SSDEEP

      786432:vlIwXHQJJybz7AsqoboYLqkRWLGNSeCt0vFIzjiK8JgjeJZ69SkBv6o:vqwXHQXmXAsq4PLqkRrLCevFIzjiK8Jw

    Score
    3/10
    • Target

      DANGER/requirements.txt

    • Size

      261B

    • MD5

      89116f1c508bfe1d69dfe6c1c3aa7c2e

    • SHA1

      d2127555fb5e4d5a9de9de23e616494d701e794d

    • SHA256

      6741a5c449f96b03e8f593746283c9fa7313c2adffb13c09eed7fbb76395ad16

    • SHA512

      62f3b3c23bb197bb21740563152415f84b4a3e3330f17fa7019a776cee7fe47fae2d991d746c00cdb29cb7bb7d5347f6ae21bdf3f6876f295edf5301a33da481

    Score
    3/10
    • Target

      DANGER/src/DANGER.exe

    • Size

      40.7MB

    • MD5

      6fec2571ef13cebbed847302baeb8464

    • SHA1

      8bae8e291e8d68cb2b23b80eccbbe7c7f5cdb84b

    • SHA256

      ebb37d2acb10ba76ce733199e88660c3a7fbe0effa3fdbd0a5c092d3c3ecf460

    • SHA512

      08928063a15104f856ac8678ffebd3ac63e1e7e8cfcb904caa72244488e9f66d01962c65451b1078d351ed48fd9cfe954262bd7245adfb0d1cb62ede127318bc

    • SSDEEP

      786432:09aVQtsR2XZW+e5Rm2j6+s7LWB75zuXVgfqPk7i9cLEUvqwZ3IhRZ/j6P:wYQt82XZW+eHm2qHWB75ilomfXUihnZI

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      70KB

    • MD5

      3884331e5bc82aa8c80d471986758678

    • SHA1

      e499c0a224380fd289ff1b4997464ed65e3bfea4

    • SHA256

      f41d870ce621ad697f1a2d7f6f76aa5cd5659e06f62be712aa2d3c6d23a880d2

    • SHA512

      ddc8a4cd017ec6a47db861a4db9db70f98627e0950c6c9115a38f95e7b9fc493ca947e3a330d5df41e343ed1e1bd2630ef6dafd0d26eb6368f161d7983c722fb

    • SSDEEP

      768:F1sIsVnrWebC1YwPBYdB1ohP/OoT9dCLGGrpRsyvg5DtnN1ATbPFPad6Kx9/sFm7:FCrWe0gshPWoT9dibswg5DNqPKMZe+0t

    Score
    3/10
    • Target

      DANGER/start.bat

    • Size

      99B

    • MD5

      f063c4d31ea6e60b65311efcfb6ec79a

    • SHA1

      b2e290ebea3a7880a28df45d4f9197097fae1a61

    • SHA256

      52103707e710642873b8fc6f9f4ecbc5f323e996657f956e8ef63fa82b3cbb6f

    • SHA512

      c07e9ff5c4df805a767c3f55732d9ec00c3504d67bd165ed6d72b93dc72f073b879885e4753e8dd7c512ddde91e86bc39b16ebdf47dd0af9edbc116884371953

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks