a32816d3762868df86f1a2eed6a0a619e17c24192fabd687d4d297129105ca6a | Triage

Sharing

General

Target

Broskie Paid Released Free
Size

21.9MB
Sample

240705-qab2wa1epc
MD5

1dffbd91b590b21458ae49abc9b424a2
SHA1

4c4a95ef05e6a959fc72d9451cec00e3f4caf959
SHA256

a32816d3762868df86f1a2eed6a0a619e17c24192fabd687d4d297129105ca6a
SHA512

007ebc2bc86439bf14f8f78a4a4ffa7aa510ab58b9090554e790b2e8966829f3bf0428ae22585a29899a7905638a53cbe51692883697ab43af1325c8bad5f732
SSDEEP

393216:OLw2AbNfoHspkRIX5LbSu7W0py892jLpNTuYYoE7SIqOxBAlM/hfaGJpcN8G5Znw:IAbNfoHspkRIX5LbSu7WEy892jlNKRow

Score

6^/10

execution

Malware Config

Targets

- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.plugins/plugins.js
- Size
  
  538B
- MD5
  
  06b15f6f834d59a0d74b426db7436391
- SHA1
  
  03560a83ad1b1fc37be6716ffcb599ca9e9d0835
- SHA256
  
  c745c08d92a2aa6439da1ab2ff9258f9691b61faa46b7714fc1aad888fa36dbb
- SHA512
  
  57557527045312df5fa5c27549099716b46eb878aee55a103f2f5efe85d060686ec1776ec982a3849dbf6ddbea82d3ed488ced4999e6f249ead3125def7792a1
Score

6^/10

execution
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.plugins/plugins.test.js
- Size
  
  6KB
- MD5
  
  9243ba0be0eafabedfca6fc0ebb44493
- SHA1
  
  1beadd05ef3a7a26b340fa9c3670adf301b2c560
- SHA256
  
  6436be2d72eeaaec4e814a6a4ec4db07dd5d2bbadf8ada19f7ef4f56916507f4
- SHA512
  
  c7f13c82de0774447e98ce15dd75409ae7bb6247bcf4f0ac38518833064a01865969f0fe88158a40369997146165ffa909237ffb86093822f5ca7076b8536042
- SSDEEP
  
  192:TN0b3Ban6iVqM0e48Isf/B2QhxFabExiogyGW+EJGDDaaXJpVb345mqq+MbV:TN0b3TiVq9Pw82xbxi+b8pVb34YqFeV
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.vendor/index.js
- Size
  
  1KB
- MD5
  
  402de9ed0dbd73e5f3219c2d1472c712
- SHA1
  
  9b41bfcf58c7ee42710d69297ed26236fdba0e0a
- SHA256
  
  62eaf742afd1d0233a22ce93720da1d230051840af31c97e3328730272afda1c
- SHA512
  
  58a4812ccf3d8effdde18cbaf19f0feb789fb82a901b8fc154bee783e8bae54295658854d3e05302f5ebc8476d10a468d6eded950c049272b55f9525f76abe4d
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.vendor/index.test.js
- Size
  
  2KB
- MD5
  
  e89c1e1d6aab706fce290b92caa5c8a8
- SHA1
  
  ded6fbd09d12ffd751d9f1b86ab3af9aecbeaba4
- SHA256
  
  8cd1c3bf8fb6f500341229de0dc5aca524fc7b75bf046bc55a28bddee178fa27
- SHA512
  
  ec8c6bf7547d5339ebd4b28ac188585545adb9f0a90b95eee26634c247ad1c1083c256948ba863d5d696e2eabf3fa70c5910b2b3080f0b2ab430920b4e5cc6c0
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.webdriver/index.js
- Size
  
  1KB
- MD5
  
  5de9f82477e8d47216f583b4b4357edc
- SHA1
  
  6eab2b1ac7e720fa84269f39594fa4e458b2793f
- SHA256
  
  1d3d0be9c40cdc99e62b78b6a14eba7dd910e5c281bdd13c30cdce6810be1a1f
- SHA512
  
  90830d7bc9b4834f2cfb36d606b15c888652c8e77916a962a45eb48605cbcd0a2f093ef6c27a529b39a25fa32f804034ca8a67cb4bd26c989ad5f7673aae831d
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/navigator.webdriver/index.test.js
- Size
  
  1KB
- MD5
  
  aac595623d75565f81e18fcb75de5a3b
- SHA1
  
  23ed7c112761910231fd4b993ad1586aa202faa5
- SHA256
  
  d28015f4f2c1f279b26d59219b6faa9fd2c98ac869d14d87f51c4e3a77680045
- SHA512
  
  2cd0ecd17b1fb4c77c77125df65a19ccb632511f74f72e4d682c2da50616f24e190d45acd84a39a590ebf059e3a7b26d305cc8099019fe5eb57e3804c3eea7c1
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/sourceurl/_fixtures/test.html
- Size
  
  930B
- MD5
  
  87c49d2540bdcd5160651003a31a71bb
- SHA1
  
  3ab89ce0980dc76ebbdd4eaf96229580037957d1
- SHA256
  
  abb9e2b0875841a6239da20f38f22d2fc9535c7209bfe871bee12512c8ee0f23
- SHA512
  
  47a2496b68d04c0a3abb430443aa167341847ece99965c28194c01b5007f61519d7348a0f79bceb40db8287466b67a5ae1d5a9c2cfa91ca77b454de953cd7140
Score

1^/10
behavioral13 behavioral14
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/sourceurl/index.js
- Size
  
  2KB
- MD5
  
  6b8e697c1fc6785ceefacda0687258e1
- SHA1
  
  7e0a1a9c82a7c6ed7f9bd50634d4d1695e403595
- SHA256
  
  6803da65d421b898b1d7eedf912ddb612ec423c906a246de9596fdeee2c9fd0b
- SHA512
  
  81e5f8311ae456eafb91ffc9ce4e82ee2d89925d2d188da99af2a59b708bae28f56d8a226e7609a99ea5d2ae6433216276c75626aa452e884cb5bdbcd8987980
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/sourceurl/index.test.js
- Size
  
  1KB
- MD5
  
  7c6475684829e3d6d9f9710c3ab1c998
- SHA1
  
  594f5a438ffad4a9e8fb86c07433311ce3abcd48
- SHA256
  
  3ed4a16a0978ccd7b2aad6a6dd6a639c3dae2b7a113955386d05e9fbee5cf31d
- SHA512
  
  7cbae8b4601bbd2595b57674c0a716ac06da886ba63516a1226d6df4776627f4919339880535088ab3f2999943ed0e940324312bdcf8f0e466909781db1804ee
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/user-agent-override/index.js
- Size
  
  6KB
- MD5
  
  cff474c5374bd7d3394f34c780450b0c
- SHA1
  
  c7d6ffd80247a65481905006df95c84fb784c357
- SHA256
  
  6cad25ca70e6da5bbcbc9d32bdce53df24d1f5834ac6aa1738332f4f6fb5c015
- SHA512
  
  6ea41d87e605b04531dfef5fa6fb262bd6cb6bcd71a692f7093d9ea347e79fe631c52f8e9bf0196cb33fe69136a33da79b117aca0175a04c292f2070d1b335af
- SSDEEP
  
  192:x2yQy0bk0lF5fMlTNcvjT432RekxKVxJXG+D1ymVAEByaeO:x2yybk6Fw2rkaaJ26gIwO
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/user-agent-override/index.test.js
- Size
  
  10KB
- MD5
  
  0ced2f955f836dbdc42aa2f558c8af3c
- SHA1
  
  61131a2b5442ec41a808979bc19887a6061117a2
- SHA256
  
  6df98b4333fdbbbf383e75100effe6ea62db3f5ec350172e77a57575fa147cf6
- SHA512
  
  b800145b66fea7d8da96d4f10bb3f134f556b73087d8a737a0a4889561fb7e0ba28ac566dc08810e98974e45a57ff61ed39f1f5ad237f12636fc3be041f89b1d
- SSDEEP
  
  192:TZyUFOmGfb4IeOFLbCdlO1/bVXeOsC+Om7txOmIYDEElAykKn7kYYStmdJycCIk+:TZyUFOFfb4jOFLbCjO1/bVOOsbOOfOOI
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/webgl.vendor/index.js
- Size
  
  2KB
- MD5
  
  e02adba4d70d4653e19a937e00612b72
- SHA1
  
  d4937d44f825bceaef7a7449cd638521c8753232
- SHA256
  
  b5095f4ffec977503f447aa4bb8e2b07e82c61c4939a0fc41c8ce8e43ad83422
- SHA512
  
  c2a2d895e9a18e5f0e91743f16bc0460962ff456411d78a7b0fb6a99e5bbf8ee499327fedb5c43940c9c030f49ccfd0e50b07460e87bdc0bf331407f8fdcb0ef
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/webgl.vendor/index.test.js
- Size
  
  7KB
- MD5
  
  b369c1e90d5940c6bb4be8b45fb8fa0c
- SHA1
  
  5e279acdcba603643b107f5d89cf6d15eb4ae7b9
- SHA256
  
  f29c014df50699ae9201c35e64bb1ba361815bb0d735daa60406585942520dc6
- SHA512
  
  86496ae9d05114996b9b1c0c2cdb80f5ada4dc31789298740a65bb30ef1895dacb8b3d6e3c2e40705d8d62f293318d7fc6b14f8d8ec1f7c1d6e99966916741de
- SSDEEP
  
  192:TeCa1F98R3eyXlxc6cy5vb9w+bbTj1jQBbjVj7iO6+QiO3Z:TeCa1F9oFc6Rvb9/bbTFQBbV+O6+TO3Z
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/evasions/window.outerdimensions/index.js
- Size
  
  1KB
- MD5
  
  4229c7d62cf770351565d13d9bf2660c
- SHA1
  
  2d6be8e68cefda5733179b03af9f1cb8d630f2f5
- SHA256
  
  4910931e2424477516a9a9e503cdbc15d72aa0a645516fccc0e142455c62e645
- SHA512
  
  c65706e439948338eca345d655b7d7f911284145a4b62edec5c7e36cba438fdd3b44e19992f3b1f832a69ddd21c26f189a1353f9aeadad96ded1aa335536a624
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/examples/detect-headless.js
- Size
  
  3KB
- MD5
  
  13b759cfc44b5ad78cef6085463c41a0
- SHA1
  
  57c0681b47ac669be7821b7bb53232e6197f7b66
- SHA256
  
  2d25e7bb84381070e0da67fb5d877bb503e6d6102e87c5950a18cd4c9014df8c
- SHA512
  
  d62b29b3d0f2538fed18353a8c9f91fbbec4e8167ad348d4685491f713ca19ee1dd3d4b46f56975cfd3c951b591c0de049ce4b203ee219d4192f8fadbb81af0d
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Broskie - Copy/node_modules/puppeteer-extra-plugin-stealth/examples/test1.js
- Size
  
  605B
- MD5
  
  57eef5ae4c4fda3a73b6619edd773c11
- SHA1
  
  6a1d80994d3fda685f55b3edcb97401475ab9468
- SHA256
  
  330185b1db6a03e140fb0a69bf8b33d14c400e03903ba1efef0b83b6ac0a4eee
- SHA512
  
  cd3cdff8babd155473ddcc9f12b88eabe6cde445da2e112d88d993a2f32f809384401011fc848b76e2fae38802c89a75dd984d1111e25a1334248965a67c93bc
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32