fee789b3564d2b48e231b12b4fbe28c45d64704e3740c9a21a921699dfba35c3 | Triage

Resubmissions

01/07/2024, 07:04

240701-hv4nmasckk 3

01/07/2024, 06:54

240701-hpnp8aydne 6

01/07/2024, 06:50

240701-hmedrsydjc 6

Sharing

General

Target

Release.zip
Size

25.7MB
Sample

240701-hmedrsydjc
MD5

f55e769968a5bcfa1a62079f53e9783c
SHA1

01857d79b464e224c5f3b9918e2be1b6d7fe7ac9
SHA256

fee789b3564d2b48e231b12b4fbe28c45d64704e3740c9a21a921699dfba35c3
SHA512

2add6cea543dd4b85ca6431d111cbd636a59006286901c284bc63ddcfac0c230432e7dd845deb62401807cc88bbcdbac448aae88394b6ba30c84082efbcbe5a2
SSDEEP

786432:yL1CB39LSUHwfZxxBjKAXsjh/jri9sFc4:3B5lHwfZEusj9jriq3

Score

6^/10

evasion execution trojan

Malware Config

Targets

- Target
  
  Release.zip
- Size
  
  25.7MB
- MD5
  
  f55e769968a5bcfa1a62079f53e9783c
- SHA1
  
  01857d79b464e224c5f3b9918e2be1b6d7fe7ac9
- SHA256
  
  fee789b3564d2b48e231b12b4fbe28c45d64704e3740c9a21a921699dfba35c3
- SHA512
  
  2add6cea543dd4b85ca6431d111cbd636a59006286901c284bc63ddcfac0c230432e7dd845deb62401807cc88bbcdbac448aae88394b6ba30c84082efbcbe5a2
- SSDEEP
  
  786432:yL1CB39LSUHwfZxxBjKAXsjh/jri9sFc4:3B5lHwfZEusj9jriq3
Score

1^/10
behavioral1 behavioral2
- Target
  
  Release/CeleryApp.exe
- Size
  
  8.8MB
- MD5
  
  d2a7e4f3b8fdc023e6579c35e5e83769
- SHA1
  
  43ce10ac8a1c9423cd70991bbb92c7ad9632cb2c
- SHA256
  
  43f78f751afc09617b735d086c6855471e34d6ca78a6a862b6448bf67a8f0faf
- SHA512
  
  d999132c597ff4c407b5de2c4aa9a39f95e92064680b370fb9e6966e1af0726fdd063d8e15e29fda370b163d71ead9da7d103fb36e37a2388432fb18ae47193a
- SSDEEP
  
  98304:zQgLIRfyC7egWJ3iJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUs7o:zQguhegD4fJOWs9XNBZ16M2cuU
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral3 behavioral4
- Target
  
  Release/bin/Monaco/package/dev/vs/base/worker/workerMain.js
- Size
  
  537KB
- MD5
  
  6dcbb695dfdfff091a88c7c5d7abaf06
- SHA1
  
  9c8fc639955005c5f4f871dac88d535f3f8a16c1
- SHA256
  
  90445461e39687ceb89adcc0cc24a507d05757a82d2d922e326a2062b6f6a8fc
- SHA512
  
  14e719ff411846e214a210c0bb95dc1b0a25ed9c309e572c7c0cb2786165e299b34a9724def728d6d795e61f6f59db30e6dc98ccce21b5c8df69734e138ed422
- SSDEEP
  
  6144:wRIlnOy7KlzfH0+RqlT3+RRl/U+RqlCb+R6lp2NHEyaNyT34OfTkVDhuYG2:Rlgl7b2NHEyaNyTG7
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/abap/abap.js
- Size
  
  23KB
- MD5
  
  50f649f3e45a1f5c7f71f409bd5fb8a1
- SHA1
  
  1cce5441dee1f76bf158fbc0462c8e13e6b0ce54
- SHA256
  
  c7bc6470bfb0d82dbc422ca008dfb8b25fb02c8216cc3ee91e9e3971764efb2b
- SHA512
  
  0a74cd41751261daccf256af483197a844085c335c77076225801db48d580da92e295435057dfa4050ad84d1e6937779bf3849b3dbc5564159d4a7d35d5ef9b3
- SSDEEP
  
  384:rg0l1E3cOjsKpYDsv2JgYHb4AxJYmF7piUIFTyyxlcQMnOsjY:rgetOjs8M9gYHMANeJg6l0Y
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/apex/apex.js
- Size
  
  9KB
- MD5
  
  96d8e2d7e01af1bf87b50e397ef14e1d
- SHA1
  
  c58411cd9d819eca280d7aac743afb8c48941345
- SHA256
  
  12a9de1bd5188e228d1b225b93bc1de7545aa3eeb5df2942d1b30de8b4102279
- SHA512
  
  6c9920794f054f2a4c388dd22b0ffce9440fb04ea49b43b86d1bb9e7ed519255c2735a6fcd5be6e7835e5cbea99e7f44f67bf14ef540ba958d5193b76af1b1dc
- SSDEEP
  
  96:HDGkOt8DdWFF80lbEjNVhEB9ogBUqjoI0cai81ISgI/3kl0OsMCkwnI6NkPN8jhY:rOScFTbEjNVhEB9ogGTvcai81IIeZsw
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/azcli/azcli.js
- Size
  
  2KB
- MD5
  
  42a923c820d332ddff89a68c376d4657
- SHA1
  
  23ea23fa0dd03085bb92aa095bbc62d9df8a8722
- SHA256
  
  09f4dd1e73f6ba879f28fb7e07930279ab4c5a295483799c53c6417fae7b8d32
- SHA512
  
  253b80f3ee5a929f865f53ac237f673a3d505ce14cd80eb7f78e25c86a6dba58c4f87842fe2482932cac50ef4eb45733435da310f1cafcd863d15159f5fcdceb
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/bat/bat.js
- Size
  
  4KB
- MD5
  
  c0ea60d00820705cac4d2857da94e7f8
- SHA1
  
  b84fdfc23fb97f37e9134089aac916392a943635
- SHA256
  
  794ce7c333161e68fff0c6a4a1bc7cdc678073147dc48e1a49aa5313483fc4ab
- SHA512
  
  b5e2330432aba944abec1dd0450169d8c1060e42b52efb2c4aaab5750d1d7ed691d6524cd9c3249dd14de8bdc039acc08c3e969b06784c9f3236b72cfa79b24f
- SSDEEP
  
  96:HDGk28EmF+z+lDHm3vPP3jq8tHEDwrORJC3MB/mMw:rZEm3DG3rBGZW
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/cameligo/cameligo.js
- Size
  
  5KB
- MD5
  
  c6716edf2144eeca4ea7830baa11ba15
- SHA1
  
  b7c99a58b05afdc387621c30f7c693e304131b78
- SHA256
  
  fd96854fe7970a6e9839396e8daaed9412cdc531e36baf2dfbaa2f6b61937b22
- SHA512
  
  9c2c181cb9b46dc0121ad1ab647471dea5f4461c97d4c500cabf4e6cdff2e4fbf2a480e725955c02a351886cbff923bd97dac22a1a4de4d89901d15e77b75884
- SSDEEP
  
  96:HDGku8EiuNOcSuKjSap12fi/4OkwnI6N7eHCi:rhEiuSuhV8Is7i
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/clojure/clojure.js
- Size
  
  20KB
- MD5
  
  672e3b1b27b133f9bf523fed06b174d7
- SHA1
  
  2544e09064a4b5efb8577b3d059293e8487b3160
- SHA256
  
  cdc784ca79feaede6b98aafb4a9b09bc519261b44e0d58597d47ae1bd9b514f3
- SHA512
  
  2afb794f3b3c22d7993bcafddd57360d865554c7f2a112745542924b401e29ea9908cfcf3e7e0cc93b44644a6692cb39a6e9e01dde7e10c4f4db0576e16aa76a
- SSDEEP
  
  384:rqsXVeI2xzyOz3WNE4mWmh6WgcV8K8beAb:rqoeI2xzyEomzg4O
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/coffee/coffee.js
- Size
  
  8KB
- MD5
  
  778339eb31afb7882486697d98c53b3a
- SHA1
  
  94cd80e7ccbc14d86e2514f6736c376c145120ca
- SHA256
  
  dcdd9bf38160bbaf18d8f2a976d04bb17ba143a4924058466b82dda2c1be3bcd
- SHA512
  
  a0d65efe6ec6ec9053550c56a55d9f34713dd7e62856ca2a381162c573ebd5a6b36d859c5893734be7cb8a5b4019034b91da7f8bf72b01fc3e2d5adf32d05ccf
- SSDEEP
  
  96:HDGk08NBI0D/F8R5HFK3JPElZGHf4VTi8jQ5CQFvmieiadR0cRvv0e3v0mB9ME/Y:r/V/A5lIPmggVO8jQ5CQFvmieRRvHs
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/cpp/cpp.js
- Size
  
  12KB
- MD5
  
  4267c07dc0ea63d7ebea810584cd60fc
- SHA1
  
  6583cf1b42a9cd826f4785de661b35f49e8c0e3c
- SHA256
  
  7c0cf17651cf97b42714a99c06354822f98c676ea6f929bc25fa038e53a1fb48
- SHA512
  
  38b2cce9bd4d9485c9f0d4d2f2b54867ad0f4f5cd1ac4ab31b75f7be89a380864baebab8ba5ebf5d95f06d727b45cdd532c3527303f116cb745b20124e6ca845
- SSDEEP
  
  96:HDGkK8EFFBRSsIvp2qwdDAi9DYuOUphQbMgI/3klnnZHXkwnI6NvRwk8i8vLRsfC:r9EFJvIcqyDAiSuOUpK/IGasn0b
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/csharp/csharp.js
- Size
  
  10KB
- MD5
  
  213e7ed72b84eff30fd439aef1331fd4
- SHA1
  
  bbc95ab1948a1e6ab7a677b7bfdba09b57b1be06
- SHA256
  
  00e7837542dd16369d97e515d9063c015fd6bf143842723d1420f04769b4f9c6
- SHA512
  
  2dd5e536dbd93bebe19a6c5bb55c8e224ed5ccd1c3d34e8f3cb7b3f1a6a37b74d485c9940542aebb5d87393bbb462dcf3e35ab83a9faae16caa6e4a8cd2d7c1d
- SSDEEP
  
  96:HDGkyr8NlWFFYUlSjKjYrA9+GPHWpfFQjY5pHU6TGUdkwnI6NHnc3BxBvrOESOFb:ryAyFviRAtHsuW4s12/t
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/csp/csp.js
- Size
  
  2KB
- MD5
  
  79cd5272313cb73c70fba578ca644f4b
- SHA1
  
  6c41a20753948f5ef9276221b0232b2226027281
- SHA256
  
  cfbf56a632a506ef3caf41caccdbca476aa976c09ee3b4f8a10db6fa22e92620
- SHA512
  
  bdc3da4f897da8d36af2d0dde70cf61a3a96d83a85d9f31fe13eb58b8a9c6e603b25c73c1b7299a09fe20ebae9f070ad5f67c810f7193c7762026f133b6e50d6
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/css/css.js
- Size
  
  8KB
- MD5
  
  d4edbc51c51d0d21faa30ad73255f214
- SHA1
  
  26b62053ac2848c9149e317080bb1b181a08fd92
- SHA256
  
  d1c5c95b6a340b513a40c2561379647384842764a6b382dace0f327ec97502c8
- SHA512
  
  fef4dca1ddd45fa96c2bcc390b30d2b2752eaafc131244180bdc5de0fe34785fa020d34191d0746c37713550506af3f0affaff1ab2ce8190d884a00ff74c8c27
- SSDEEP
  
  96:HDGkO8NwqVSRaZ90jedTLxzJH+xqOB+dwDMS84:rBeqGw9z1X0p
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/dart/dart.js
- Size
  
  9KB
- MD5
  
  344862a7ac127396fa25152f9d3d3d02
- SHA1
  
  4d1062a142abc7d382ac9e65c1414c99078940b7
- SHA256
  
  6393139aa7fa19c2aa3207460a0b7ab5538ce96b470f7bb2cfd0dc6162da4361
- SHA512
  
  81613a29a27354bbce1e9bbba06f062e406037e6ebd8abd25fe97ead8ad02b361b4e570ecdd453056fea103a133a95d8cee7831407cee311754f0338c00a22a6
- SSDEEP
  
  96:HDGkG8EFF4fLlvGfI9Bm+amOg/kl03U5UOBSPkwnk6NGY6ZZKgDzbHTdpB:rpEFcefI9BMgEBUseAYurzbHTdpB
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Release/bin/Monaco/package/dev/vs/basic-languages/dockerfile/dockerfile.js
- Size
  
  4KB
- MD5
  
  cf73abbd1d975417c865e4e4d00ce365
- SHA1
  
  01a9fdfeefed907138b4d96823c134e1732c1ab7
- SHA256
  
  0c306c90e5a5165651068da54b1922490dbbed7715d93e1f5ef9174f441621c3
- SHA512
  
  e6255e4157e6fac1d7fc595475662250946b1e3c6b80c02b7adc49d4f15cd41284c2320be9bfffaa4bb17456cfb56435dd7d2866913a7ca51109311f4a351982
- SSDEEP
  
  48:V1DGkmMU8XwQuiXdiXGG0dRtm2nWqiOnDSE6S4V0a3MDqli3MDSR:HDGko8XF8GHdDWsnDt1o3Mei3Me
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32