Overview

overview

6

Static

static

3

Launcher.bat

windows7-x64

6

Launcher.bat

windows10-2004-x64

6

lua51.dll

windows7-x64

1

lua51.dll

windows10-2004-x64

3

luajit.exe

windows7-x64

1

luajit.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Delta.zip

  • Size

    390KB

  • Sample

    240707-yc3xdaxclq

  • MD5

    850065ad08351668ffa9b708d97273f9

  • SHA1

    210b327659f1f9dada6d896ff266a9310bc33cf5

  • SHA256

    c064d143b9b6cb04507782553b30503a2544f0c96c719e7546a34cfe32276308

  • SHA512

    0fbbc35669e32c9e9ca0f3c19fc8899536a434706915efbf243ac28134453585430a55578b80bf698314122668f53c8e6417b1fe2c6d5c143d0a4bcc38e9f5c4

  • SSDEEP

    12288:LANUGCFJT0uPjQf5nj2/5HPzjIC5g5SelFSS0btupfdEn:LAmFJxsZjE5vzjICq5SKFSS0kp2n

Score
6/10

Malware Config

Targets

    • Target

      Launcher.bat

    • Size

      724B

    • MD5

      9edcc8710e562b5daeed73acaa17e2fd

    • SHA1

      a3d7d0a26c3a058ff0b3a25c64d43397f1823d95

    • SHA256

      f1ed443faa01092320e04e0231327bd59c6df7344ad0f46ca4885d28aa2afd60

    • SHA512

      312fec45d3897ecc67285694a73d4fc7ef044b6f3aa1e6a9d5a8cee0b1b70204396b43fe014a4680c539427c070f199ff91f151fbdc2ae8e0d97f1b3fca3cb4a

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      lua51.dll

    • Size

      389KB

    • MD5

      1f1054cb17fb954ee3ca4886270b79a9

    • SHA1

      4ed5acaa9f29e8792413d7b23c4b5eeed236dd56

    • SHA256

      0e2217ca8ef699c2a756d52c79afcb9661f5f6ee9cef6e43ceb525d366a32ce9

    • SHA512

      556e6e4d2b89ff6369669ddffc6efce42b4e231522a5f4921544d28ca965eebeb0b431a0a6e907185faa34c9de1aa98ff746cdf2e7ef0b133b7b3a74e97bccb8

    • SSDEEP

      12288:qiZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABG:qe19pm7pCuCt6+w

    Score
    3/10
    behavioral3behavioral4

    • Target

      luajit.exe

    • Size

      203KB

    • MD5

      8890a50d413a6bcc873adbfe674a297a

    • SHA1

      0d60cf881a403b4fd6d0b1ea585a0432877a144a

    • SHA256

      5d70a4cd504e707dfab1feb716b6e24e3581c2b652c52aee9b520e4c34adf75b

    • SHA512

      157084375e303c81f9885d4d67bba67fa31cfafeb6ef97eab3f4cab83f9a59d334a0418208aacf57bc8d6c5239b72986a0a5a64db9094b65fc7cee95d32d8ef3

    • SSDEEP

      3072:hnvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+s:hva5TMRXs0IKiBDbZt4Ggn77+ez308

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks