General

  • Target

    AIMr.rar

  • Size

    28.6MB

  • Sample

    240626-h3hq5avdpq

  • MD5

    d27f0c019db37a84babd60c28e1c527d

  • SHA1

    4d63348ea4b3b615769417bf8d1e0ddc6a4e8808

  • SHA256

    80aa0376eda30f4c4bb076b66f85e60d35a36c0b6bf4e9ea42c18eaf64ef4479

  • SHA512

    e82509ca2aa9ae757b62c008343c3dd267f58c41b896b6062cca1cdc93bf67530ad1cde1354ad76fac087bbb4ccdd2f9070175e1b1f1491b507ef666e3551ae8

  • SSDEEP

    786432:s9rhKU6KSH1Ddu1q83ZlaIgG5tm1N0Ot2API8+jGvnMhe46:s9rhKUS1mqnXdAuI8AQnR

Score
7/10

Malware Config

Targets

    • Target

      AIMr.rar

    • Size

      28.6MB

    • MD5

      d27f0c019db37a84babd60c28e1c527d

    • SHA1

      4d63348ea4b3b615769417bf8d1e0ddc6a4e8808

    • SHA256

      80aa0376eda30f4c4bb076b66f85e60d35a36c0b6bf4e9ea42c18eaf64ef4479

    • SHA512

      e82509ca2aa9ae757b62c008343c3dd267f58c41b896b6062cca1cdc93bf67530ad1cde1354ad76fac087bbb4ccdd2f9070175e1b1f1491b507ef666e3551ae8

    • SSDEEP

      786432:s9rhKU6KSH1Ddu1q83ZlaIgG5tm1N0Ot2API8+jGvnMhe46:s9rhKUS1mqnXdAuI8AQnR

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      AIMr.exe

    • Size

      7.2MB

    • MD5

      adcd61646dd9ee3238279ff36dc0e88e

    • SHA1

      8c679e249394af001e72225dd866a9f6c0ab3bda

    • SHA256

      481865d699e7b4dc3c160e33181f4d2a82067d2d03dd661e0c8fbe047e9f283c

    • SHA512

      a52f4dba45a9cde8754ee01224e4d39b22b78edf4ed1e78715dc75e1c4fbd055880b86c7dce2a8441c278b9237ec80312ebe2b8e0125e557c10138384fde3b4f

    • SSDEEP

      196608:EnF9x2vX0yELU+poLlRo6hgs41EcHv2SE8LAPHnYG:G9xGX0yMU+aLlRo6d4ug7S4G

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      autopy.pyc

    • Size

      5KB

    • MD5

      996ba99e569817ce1a8f2a5d88c58781

    • SHA1

      33c135c089ba155ae43072a318b15af0ec6fa681

    • SHA256

      dcc1b90c7a6eab4a6f5abc62d8390fe327f7a51a792c143c6983d0e293fbfcb1

    • SHA512

      305e41e5337f55c93b3f6a478293da2b1273b15ee34f19013237f1bee3794ddd3518d6af51797fea06e94d3416a9dfc7485038e15258170ac08e1ea3fbc5d12c

    • SSDEEP

      96:Y5rM+1hU5zSPCTHafPmgpj6vsbjOPikrn+yxfL9uXL/MtG:6M+1hUYaTHaX1pj60bjOPXn+yxfLUXLh

    Score
    3/10
    • Target

      AIMr.ico

    • Size

      16KB

    • MD5

      242c9b7e51cac4e19ba395cc76db2327

    • SHA1

      1e4139926f65ef60c6dda0a469d10cafd606301c

    • SHA256

      1cc948832ed92f5971b8611550e06eac74cb4acb58dc40f95fbdbef66c3bcad1

    • SHA512

      cf08f58d250ebd209aea7b17f67e5f84b8a45ef4f34defc61bb28f8f47d699cfbb5d4a8ff38c46cc819219f51c6bb6aa362ee5ae6d29552a41e8fdcbb8461ac9

    • SSDEEP

      192:fCeN7RgC7dzR4GaDwC/0d7gstC+zhdDdeBRbMVuLtGvg8NEDraYhYKCcLNP:6G/Z2rDRsdDEqvp1dNKY9qNP

    Score
    3/10
    • Target

      AIMr.py

    • Size

      9KB

    • MD5

      59f08c92b759ada1d447387b7b71e5d6

    • SHA1

      394ba0d955bd7e4e37f093a5bbfda9e5fe28cc59

    • SHA256

      bfb4a9e7c1d5ec07d4248e2ce522d271dba26b6300139c7fcd6c3d0107251552

    • SHA512

      ab3286c359872d3c2ad6aa7efdb541ca57a50f55f95d57f9624c5a359f841d8056e01d8a139fc7afbd47a4eea514602c6af466d13590d2dec78bfa4886008235

    • SSDEEP

      192:S9EVODVxMUS4PAkDN2HH2RD86PGTGK7jiONaeuAYTksmGQq3s:EjxMUTP5h18yUGKHiONavAYpPc

    Score
    3/10
    • Target

      config.json

    • Size

      192B

    • MD5

      6397e26edffbeea54425d347d998ae0f

    • SHA1

      5834e475160d2793bd28bb087f5502ae8953fb25

    • SHA256

      f8cb068c2c32a27f1843e83b6d8de84bcc9ee1213d8c1ca2c2e09da709f70e4e

    • SHA512

      ba406b7a1208692de50a8f37d80ddd400c528e11bb34b175ad7e9a51d9fc9e3d51633e3dd8e3b45052f661f79456398e56a49976dffdcd695ba4fac60f9a1f22

    Score
    3/10
    • Target

      config.py

    • Size

      21KB

    • MD5

      ba26cb22e73915dc2dcf1704cbb56fda

    • SHA1

      be3b5cf36a663b5fdb7e95e7953d0b02794436ad

    • SHA256

      383c184729a301867052df629ad05d1c50c323af1b0cc5a16de784098c4a1d21

    • SHA512

      21e7fd4dd9b6bfd4e3d548bf2e8a5a24ee43f3a17032f20351d54ccdefea38e1e852f63338582e693dd43962b01e45e273d4238d2c7f071ead3ccc499fbcbff5

    • SSDEEP

      384:wvp4gaC34eVTfugbmAAtGgq7nkcq61/ldQsTck6Jc6OipubOcwXkhe3CWK2B0:LC3KtAGXmnkcqU/lWs8cDipCEkhcZ0

    Score
    3/10
    • Target

      library.py

    • Size

      18KB

    • MD5

      e7e2a0977bc9167ca25f90b1ed4fb6f3

    • SHA1

      da280ac06882235ded4b50156f6616c7c7d6142a

    • SHA256

      b93e46b5a27082ed237d53cefa84dbe498a7341afc7d11fcb20d4fa63a09eb0c

    • SHA512

      e6aa03b0543484e5fe3ae92b9b8dbfb861cc63e808c57fc09cbf6d13a5efc5dde5865f78535aa5b929f06e871f574659958c9babc600f6107e3b31f40a106f0d

    • SSDEEP

      384:xjWf8VTVd70crNQ2U/t67IWcvSJ0ehf6AldJPlxdR0KBzNWCBT:aeTVJ0crO24t2bv0MBNxdqCBT

    Score
    3/10
    • Target

      localv.json

    • Size

      92B

    • MD5

      125f5b9f0d7395eb081ce1cf752555e7

    • SHA1

      893e252d8197a41873041b32b413fa181bd0d4d4

    • SHA256

      27ad08689dfe1a9ac371efd2d221722143ec32f3327dd6d4df367d5c3bcca295

    • SHA512

      175e428b0941402296719332612fec076a55e7c2fe51b8dddcc5f22ea92a5d4010d27ec8d0bb3a0ccac9dc72947c5017b00cf07ed33d17cec00252b3adf13385

    Score
    3/10
    • Target

      logo.txt

    • Size

      329B

    • MD5

      c7d3e84125e24819571cc29caf9139df

    • SHA1

      48868674b6a2dcdf773e74d5c684fab0e0207dba

    • SHA256

      3bd49f4a1aba239ae850245d11b134bf0141238b3b7b90cba187c46e0676c17e

    • SHA512

      ab05bbbefb331eff5143a1a73cc0056928b7aea40696959cb602100609f3082097d6da53dcddf5633c9f2eb13642926adfa8ec125c6a5f3b79969c62063325d4

    Score
    1/10
    • Target

      theme.json

    • Size

      6KB

    • MD5

      90aac0405c0e484759eca6193c58247a

    • SHA1

      ab7015e7a1da5eb1ea7da0485d996ac34f114623

    • SHA256

      081c027b083cb6cae1e4c39dbd67a4194305f6f090811ade785e4e8bf801be02

    • SHA512

      ece8efc213a3f41580c06023619f2bed6f0cb63729af18fc9519536ac3ce97534f34fcf48cdba161aac86004d6637ee3d7f1291bf87cba292eaa9892021e4628

    • SSDEEP

      192:+bZ3yZ31SoYq+q2dke0eojeSEQ0cJeztFo2Z1eztFyOeztFpvktexkexezepF/de:aZCZlSoYq+ldkVeceSEzcJezty2Z1ezL

    Score
    3/10
    • Target

      yolo.cfg

    • Size

      3KB

    • MD5

      65f390d99ea818c47c1752b720cb5b88

    • SHA1

      73e92a678b5d8948c76a6fa04eecfa6cec9c066b

    • SHA256

      a6415c2e303f7b3647913a7bb3675f0fe7234049d8875ae7d75c01b8e4dcb854

    • SHA512

      9960a926548c91ba056ca8f8bbebb61ce5504e2feb3c536a87cfd3d994980df32125e959b348f33cac4db4f680208e4d8023b54c1a840f805a7d0d1f5ccad91e

    Score
    3/10
    • Target

      yolo.weights

    • Size

      23.1MB

    • MD5

      8911bf808aed305d6854c4ea48fcc731

    • SHA1

      451caaab22fb9831aa1a5ee9b5ba74a35ffa5dcb

    • SHA256

      cf9fbfd0f6d4869b35762f56100f50ed05268084078805f0e7989efe5bb8ca87

    • SHA512

      7d4d9fe150f9fe3ea7d2310f1445fe983b31fbf06d301c70ecfe00e8559e6f1bf940198c2dd55db772238f23ea0092fb6553558e5414f3ee173b8b28e53c5b54

    • SSDEEP

      393216:DjDyuGrgQr/YQJjTn7zzdYCrTUQzHaydATKrYhpLZ3AfxImkkpso/E7TdjK3k/rW:Lfgr/Jjb7HdYibvdAT0elr9ThnD/rp2l

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks