02b560fa9997e5d67b4ae6a2e9d34e45243698dda71f3339b58e0a45045efbc4 | Triage

Sharing

General

Target

update.rar
Size

64.8MB
Sample

240701-m4s1ps1cnq
MD5

37ab78fec932a0cf29faaeec4afdf2f1
SHA1

170b01faf2f5cc047442c90bb12c1b6321610e8a
SHA256

02b560fa9997e5d67b4ae6a2e9d34e45243698dda71f3339b58e0a45045efbc4
SHA512

8470584fb1031f972f37658d4d5374f089d210c0f29c0a6d9ae3fe05c39a373bc845fe676259c10f44d0f35f1a1b2ff583a227e3dc8945d45c72ad107027fbee
SSDEEP

1572864:2eGqIPISpKGlUoo2U24gr65cOIo6PLhE+ocVu7iWOg9UQ5Pwl:2eGJPNpKGbw2965cFlPocVEzZ5U

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  update/Roblox Colorbot.exe
- Size
  
  65.4MB
- MD5
  
  fdffb873ef945f515c711283c304bed4
- SHA1
  
  1ac50757d8214644a406a481772f524c4d6dcf9e
- SHA256
  
  5cad59aece042dc464a1fcaead3e4d421e9bdaef58c161d6ab3f3861419baf23
- SHA512
  
  f6f24f23e3202707d6657f28f29796f79d2cb626aa381b31d833553679d0cf8f22d7d6e9edd2d3dbbf1dfeddbed0a9035c564a51de059a189233122252cff1a9
- SSDEEP
  
  1572864:ipQ8daQ9wFP/V4f6Gj53ikjt4jRq2GqFOPV5Zi22qHWB75iUHS7WOQGWWH:mWft/VG6RmtCRlGPrl2qHO5iloGWW
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  update/keybinds.py
- Size
  
  4KB
- MD5
  
  ba6b93f22777b6c4794bb439cd839362
- SHA1
  
  7a02b68c839c53daff04255ee92db415e9034c66
- SHA256
  
  bc9548e307afd456096da0291bde060f01f2684794ed4c4af8449341dc02ee6d
- SHA512
  
  7cd85465675025e30c35e0d8b850891a31b23114bfa4fb3b75a5ee6d405916de299f92c9d22fbad67dfd5e7aea45545d64b685f7e0824e4b84839e010e7d510b
- SSDEEP
  
  96:1H2Jjn5GF6TediIwgzMZs9G/OK70JRxGXpsdqBZIWBFB:sjCNVwg4Zs9xJemqBeWzB
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4