Resubmissions
09-07-2024 02:17
240709-cqtpza1err 8General
-
Target
Trap-Stealer.rar
-
Size
861KB
-
Sample
240709-cqtpza1err
-
MD5
3a846882eb3f3cdf812d66c6e65eaba6
-
SHA1
e2ece70ff477c4728e49e7cdf6d274c517ec7f14
-
SHA256
953592b85e8972a6496f4f6674b260829cda59c6876ca4a15d03d8440ecc62f6
-
SHA512
63ed471b8ba7aa614d6ebdb00f06dccc68f8f367c9e9e385f8f1164bf893710f007bd574700ef886781334736548d93c50cf690fc3e250f0e8721fabab084323
-
SSDEEP
12288:UxNkHbkbLAuhXj839phX8AufQhCgyJQUgpMTW8V2N9bfBfruqXqsTWfczUx4SP4E:GeY3AiXi9btumn9YWJ9r9qqTYHx4S1hB
Malware Config
Targets
-
-
Target
Trap-Stealer.rar
-
Size
861KB
-
MD5
3a846882eb3f3cdf812d66c6e65eaba6
-
SHA1
e2ece70ff477c4728e49e7cdf6d274c517ec7f14
-
SHA256
953592b85e8972a6496f4f6674b260829cda59c6876ca4a15d03d8440ecc62f6
-
SHA512
63ed471b8ba7aa614d6ebdb00f06dccc68f8f367c9e9e385f8f1164bf893710f007bd574700ef886781334736548d93c50cf690fc3e250f0e8721fabab084323
-
SSDEEP
12288:UxNkHbkbLAuhXj839phX8AufQhCgyJQUgpMTW8V2N9bfBfruqXqsTWfczUx4SP4E:GeY3AiXi9btumn9YWJ9r9qqTYHx4S1hB
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/applypatch-msg.sample
-
Size
478B
-
MD5
ce562e08d8098926a3862fc6e7905199
-
SHA1
4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd
-
SHA256
0223497a0b8b033aa58a3a521b8629869386cf7ab0e2f101963d328aa62193f7
-
SHA512
536cce804d84e25813993efdd240537b52d00ce9cdcecf1982f85096d56a521290104c825c00b370b2752201952a9616a3f4e28c5d27a5b4e4842101a2ff9bee
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/commit-msg.sample
-
Size
896B
-
MD5
579a3c1e12a1e74a98169175fb913012
-
SHA1
ee1ed5aad98a435f2020b6de35c173b75d9affac
-
SHA256
1f74d5e9292979b573ebd59741d46cb93ff391acdd083d340b94370753d92437
-
SHA512
d6bb7fa747f4625adf1877f546565cbe812ca7dd4168f7e9068e6732555d8737eba549546cf5946649e3f38de82d173aaf9c160a4c9f9445655258b4c5f955eb
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/fsmonitor-watchman.sample
-
Size
4KB
-
MD5
a0b2633a2c8e97501610bd3f73da66fc
-
SHA1
0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4
-
SHA256
e0549964e93897b519bd8e333c037e51fff0f88ba13e086a331592bf801fa1d0
-
SHA512
5168643c1768ec83554a9066754507a781b6d14251a46a469222d462efc6ca87a72c90679154e8a723349c91e7772b32ac9b08dfe313cded0ee0a6f17885079e
-
SSDEEP
96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/post-update.sample
-
Size
189B
-
MD5
2b7ea5cee3c49ff53d41e00785eb974c
-
SHA1
b614c2f63da7dca9f1db2e7ade61ef30448fc96c
-
SHA256
81765af2daef323061dcbc5e61fc16481cb74b3bac9ad8a174b186523586f6c5
-
SHA512
473ad124642571656276bf83b9ff63ab1804d3c23a5bdae52391c6f70a894849ac60c10c9d31deff3938922ce83b68b1e60c11592bbf7ea503f4acd39968cefa
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-applypatch.sample
-
Size
424B
-
MD5
054f9ffb8bfe04a599751cc757226dda
-
SHA1
f208287c1a92525de9f5462e905a9d31de1e2d75
-
SHA256
e15c5b469ea3e0a695bea6f2c82bcf8e62821074939ddd85b77e0007ff165475
-
SHA512
cb78aa7e9b9c146e5db65d86dd83f04e2b6942a06fab50c704a0fd900683f3b6ad1164e74afe2f267f6da91cdff0b9ab07713e12cefc6f8d741b5df194f4fda6
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-commit.sample
-
Size
1KB
-
MD5
5029bfab85b1c39281aa9697379ea444
-
SHA1
8093d68e142db52dcab2215e770ba0bbe4cfbf24
-
SHA256
57185b7b9f05239d7ab52db045f5b89eb31348d7b2177eab214f5eb872e1971b
-
SHA512
4fed684b7e262fc847610ca646074fca45c3c677c40d8fb6c7ae522b9c8a9be7327b41a59b4550ceadd41edf57ec5ed07e575e02dbc6c003951e1822ac3ddd5b
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-merge-commit.sample
-
Size
416B
-
MD5
39cb268e2a85d436b9eb6f47614c3cbc
-
SHA1
04c64e58bc25c149482ed45dbd79e40effb89eb7
-
SHA256
d3825a70337940ebbd0a5c072984e13245920cdf8898bd225c8d27a6dfc9cb53
-
SHA512
e4dc204494f5062efa3032b00c64707a4f38978040482501b3e085f071e3ee5a9737d537e6a52002ceb4ebe2bfe09e555c5d969581e80b3eba2a922015c67960
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-push.sample
-
Size
1KB
-
MD5
2c642152299a94e05ea26eae11993b13
-
SHA1
a599b773b930ca83dbc3a5c7c13059ac4a6eaedc
-
SHA256
ecce9c7e04d3f5dd9d8ada81753dd1d549a9634b26770042b58dda00217d086a
-
SHA512
cc98bbe0e3865e2023af04416e10689e3aecd3f3928cf90c2acc0d3d7306388886779025c8967c8ea198af1f4fe29d16c65d4e1d546c7a8fa513f5ba7df16850
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-rebase.sample
-
Size
4KB
-
MD5
56e45f2bcbc8226d2b4200f7c46371bf
-
SHA1
288efdc0027db4cfd8b7c47c4aeddba09b6ded12
-
SHA256
4febce867790052338076f4e66cc47efb14879d18097d1d61c8261859eaaa7b3
-
SHA512
00d21d5d72386c3d9b5a1c36ba85201f730556a8295d4353af54af7892ab81010d42aff209ec1fda61c54e4dda3737cea5fda64f09d40ce5004ae28239565025
-
SSDEEP
96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/pre-receive.sample
-
Size
544B
-
MD5
2ad18ec82c20af7b5926ed9cea6aeedd
-
SHA1
705a17d259e7896f0082fe2e9f2c0c3b127be5ac
-
SHA256
a4c3d2b9c7bb3fd8d1441c31bd4ee71a595d66b44fcf49ddb310252320169989
-
SHA512
ee08c11fab7e896b2e09c241954ba7640338b12c75cd8040daf053c31b2f22236d7a0deac736f89d305236312fdb4f560a38d4d8debdcc9dcdd23b2d975907d5
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/prepare-commit-msg.sample
-
Size
1KB
-
MD5
2b5c047bdb474555e1787db32b2d2fc5
-
SHA1
2584806ba147152ae005cb675aa4f01d5d068456
-
SHA256
e9ddcaa4189fddd25ed97fc8c789eca7b6ca16390b2392ae3276f0c8e1aa4619
-
SHA512
50ec8a0dd98427e80a82a8d8ce44462a845876e1594c9d0e89483ce9a8aaad616edea0e5c45c1bb69d8fe7f520c6f2260d6fa350d77b400899c3ae375e965bfb
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/push-to-checkout.sample
-
Size
2KB
-
MD5
c7ab00c7784efeadad3ae9b228d4b4db
-
SHA1
508240328c8b55f8157c93c43bf5e291e5d2fbcb
-
SHA256
a53d0741798b287c6dd7afa64aee473f305e65d3f49463bb9d7408ec3b12bf5f
-
SHA512
586efb6a206f73d8a94561266153a624e2753830bc431a283bed998c46ac00a9df4995ddfd0aa852b1a22b4672c80f2c33cee3fe2e3321e392ff4cef26dbf75e
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/sendemail-validate.sample
-
Size
2KB
-
MD5
4d67df3a8d5c98cb8565c07e42be0b04
-
SHA1
74cf1d5415a5c03c110240f749491297d65c4c98
-
SHA256
44ebfc923dc5466bc009602f0ecf067b9c65459abfe8868ddc49b78e6ced7a92
-
SHA512
a19dbbc2ef6c367aadbfb900ae58c377d88ac9b6c0ac6de49c962d44d993418875f64143defda56bae8d0697dcd15be2928d32aa77508d3958769f18a4a53154
Score3/10 -
-
-
Target
Trap-Stealer/.git/hooks/update.sample
-
Size
3KB
-
MD5
647ae13c682f7827c22f5fc08a03674e
-
SHA1
730e6bd5225478bab6147b7a62a6e2ae21d40507
-
SHA256
8d5f2fa83e103cf08b57eaa67521df9194f45cbdbcb37da52ad586097a14d106
-
SHA512
be3780974589d06eddba6fa0aa15a3e3dfe390e2827a1a6ae5cb83d6ac47e79ef9b1bbb53f067372f8dc70db0350d3770e78537fd3cfe734200ff824eca4cada
Score3/10 -
-
-
Target
Trap-Stealer/builder.bat
-
Size
1KB
-
MD5
e579d46a3dcfc944b874305a1cc72c0d
-
SHA1
cd87bdbf18db32631db97be3fbe678315c7ade5b
-
SHA256
f2007b8550f320464b8190d9cf80bcbf88fa49a614cc2471bfb0a06614657c58
-
SHA512
d0a02e1dcee8212b67dc276d59450793193ffdbb851a4dcb6099c6c54f40c462ca269922c1ba6ab02082d94851fc88f0a728ba54304566608e1a1ad6fda33c71
Score1/10 -
-
-
Target
Trap-Stealer/builder.py
-
Size
16KB
-
MD5
061a12888a5ba6dfb83076350564f5b3
-
SHA1
de5f2c2823b62f87e9adf13eeeb3724d851eb428
-
SHA256
fc1e2d2d5b3867aeb510f2f292ebdcf9e18193cbd6a361decf92ded249f2dc66
-
SHA512
d6bbc2c80a3eee01aab36aac2ecfea3724d754a0a74c3fefcbbc48a9db6ec4e1b3f8c53f5113432cbf10c49580a5161e7f5043f8b783de85206f51218f762a56
-
SSDEEP
384:Yib6BTZdDSJv7nEZHVKg2nPgFrgYSjnjiy5v:YibuXSJv7nEZHV52nPgFrOjnj7B
Score3/10 -
-
-
Target
Trap-Stealer/builder.sh
-
Size
1KB
-
MD5
79939ec539077ebc6850a13bab7cb50e
-
SHA1
c8e87d0c26e55bbc844436b94ccc0e57a0a9711c
-
SHA256
b39077b1b116f8b7a5e6640031a12707f424f78bf6ac68fca5906b5197a4ec04
-
SHA512
9210d822346520668f47b6e2e0eff96aebbffc7e74a0701915b3c33433dbee8be0da19d1d78b52143f38a01f38738759b2768ff3e732d88d4cea2646a1e6f588
Score3/10 -
-
-
Target
Trap-Stealer/index.js
-
Size
37KB
-
MD5
cbe32a027f9063e4eca63a34abf0aace
-
SHA1
ae0390c7979240c9ce81ded079f0df267e11133b
-
SHA256
98990b42ea58bbe56e9bf3084bb1721b282bb8207c39eb1f17ca332f6150930d
-
SHA512
9fb47a0ae7a6fd94866802d95b9b280006169b338b2a51ff4483070b0e6f7be4b5760db81279f31a953339ba10d77bc39673375117b30a5bc47685e8169b905c
-
SSDEEP
768:2XuFSrSESMSeSrSXSrSjSMSTSrS4SMSnSrSiSMS+1xQ95+EuoSLSPSMSxXjSLST:2Xu0sFuHH
Score3/10 -
-
-
Target
Trap-Stealer/main.py
-
Size
150KB
-
MD5
fc0611704e8986cff7f973e3962edcdf
-
SHA1
e3cc8e423834c766ec9df570eb3b59b8f0683b01
-
SHA256
7b088867a4526b90c3c6eb19e1ca401d25989b5e3b5a90d20f7189e9684d1db7
-
SHA512
4b48ed3e318bb0462b72ee7e298f0db63b4dc8ba09b782f7ecce7d523c6794a9758b9b0211a9f3d8c8d2555b877cad1aa8e0cb5a86a1c1090c510ed542ad5cb1
-
SSDEEP
1536:kvcnfxPvfFhsUaLcBmpDmwtFCFl2ia6kOorzKtv+P3rkOznn/8/xkaEnxelRj3P6:k0gcS5rCHDkOnv+/5z6xEu3PXK
Score3/10 -
-
-
Target
Trap-Stealer/obfuscator.py
-
Size
6KB
-
MD5
1de398a75ec806f24a67fff1d468174a
-
SHA1
53227c275fcf268eeb99a610a4777aadf1b6ce10
-
SHA256
4f48d5d6d8094ab7cee817f7c91c0b9ed08ebaa3760125d5a96294ddc7757478
-
SHA512
357f3e798d453c9ed942ff96e0f16bdeac2506b980fcfd504224586911be6a74b5254ace70a2a0dfadeaa2a0523c97c195e55f0636cfbd27b8325b69026c562e
-
SSDEEP
192:fgcdAG5zjG851aPDqOhaHjxciOFJzZ+OF6EIGCWy:fzFzjG85syjOZFJ11FHIGCL
Score3/10 -
-
-
Target
Trap-Stealer/tools/cookie_reformat.py
-
Size
544B
-
MD5
d2fc6c907e4d2a940a6aea0cf109b334
-
SHA1
35c831a71291a800f6c84880d2a3ac20387f0fd6
-
SHA256
8db55ceeb32c5719bc6f3fee8afb247b66ac87cb75357985aef8ff7a0de24e46
-
SHA512
5027b3ec4c29e4f7dc59b25c9b1e92bb88afe44ad0e448ea6fa27c9f984e70c6c03fe17ae5d47652ba4f34cc5808d2109f9566c262893f43db1f4b9331a96cc7
Score3/10 -
-
-
Target
Trap-Stealer/tools/pumper.py
-
Size
386B
-
MD5
203965968e9fc139a6e7247162f674fa
-
SHA1
d81c422c04a3dfaeccff432e2808de4223906b64
-
SHA256
64fc359595c295ab0f33b4e7a8efabd3e601eea2a1c0b5faec8861652895ebfd
-
SHA512
1a0cf498955b7e0583c99892c1de3dd2d33706029fc4158de8dc92d0161d7e91d611f7c4c35f9cbc3931ea4ceace67928449a24a946546f966be70fa9847cf34
Score3/10 -
-
-
Target
Trap-Stealer/trap detection/final.bat
-
Size
1KB
-
MD5
14ae9511632e6d1074d00a3a586dbb6b
-
SHA1
02190716b6cd5340f26df8c219354d44940da4f7
-
SHA256
2e354bb57bd630705cb071e8fedfaae5576946f298372c4816a5a062bb7ce6f7
-
SHA512
f1ddaede05f1054cf3c851b5090a93bd41925edc3e2fadc1e74c20dc7a9dc9ae4d43cc60e2b122a9a910e65d9e4996580b0c2e1c066652c38410f8fbd39e56bf
Score1/10 -
-
-
Target
Trap-Stealer/trap detection/payload.bat
-
Size
847B
-
MD5
8d13c6d2ff12cbe75f34010d6af35f56
-
SHA1
4869784c8e3cd4a9a2e0c15410fc98ee1a5b8f3e
-
SHA256
5328894200d1d7038db56a8306b54290421f1b3dfbc8679287428d16c5f39346
-
SHA512
6458121f609863df0f729dd19a72f1136f0f20b8ced45517e859d7d477c7fe52784307011a71db23d517aff93c5f0a843b2388f4df5ef5f8fb54d348d3ae4974
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Trap-Stealer/trap detection/payload.py
-
Size
1KB
-
MD5
92947a328d7103dd92eac74fc7a82424
-
SHA1
0abf69d79c1b9c337f681bea6a66388e924a8cdc
-
SHA256
b9ad5f46c555c69ab05e6db534c55c8aa51ffa0ceaaadcd7da4788810ef3863a
-
SHA512
d9069c113e5653315a6f4a9c176202aeed349f1d4d96023ca2f70f056a5d92d3e88dfe9dad2f064f996c61d8021b3902fb7b70a29058b632c98448f004f36640
Score3/10 -
-
-
Target
Trap-Stealer/trap extension/IBAN_Stealer.py
-
Size
3KB
-
MD5
1ef44caf9d357840e63c6e3e2bf4c82f
-
SHA1
5ef44f289f8540862dcad043dd244f22335d8a5d
-
SHA256
0423c0853aa35b652686864367dda3ec385643ca5ad375f9a05eb6f4b19c6049
-
SHA512
7e6171a18424fdbe98f69be88e8bb2f89b1c93d8459f67505218e0e627a8f4d224ba80b6db8fe12f4ecf78421e6a7a457b529eafb87de84b1ff0e3e1db0fd53e
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1