Resubmissions

13-07-2024 04:59

240713-fmvdwawhnj 8

General

  • Target

    Discord.Raid.rar

  • Size

    1.2MB

  • Sample

    240713-fmvdwawhnj

  • MD5

    9e53c3d80aa5fe89171fc26a71940d31

  • SHA1

    8d363b7daa93ac9d1a7f48b56b32cb748d42af1c

  • SHA256

    0539cb677684ec9500dead2e136fc1dd4969b7d5c4ec84bc18a5d6ef203b1484

  • SHA512

    409ee11d46289c3982dd5f6f5174bf83d67326a89170821c156d5bdd5a0632979cc19a36ddec2f425bfbaca43a68b733ab799db91798eb6d40d7d497eb1c8fcf

  • SSDEEP

    24576:wfbRniUjp/1SrueUU5XRoAcXxJq+O7zefd0qJDO06tkLCVAxpxRx4mj:ab59p/wruepRlUxJqFyd0WDzCVAxDYmj

Score
8/10

Malware Config

Targets

    • Target

      DiscordRaid.exe

    • Size

      759KB

    • MD5

      5d107f8802ed9f61529ceb75e483799a

    • SHA1

      053ac3383e366bdc68a36cccc550a31157367ede

    • SHA256

      03f387d690e4bbad551cfa48b7c28a32a6016a7922018c328bb67e423636ea7a

    • SHA512

      37590c8fb84f7444b3464856984e062768d3da1838f1104f685e10aec202d4f59f79f62100f9dedc4c67a45cccefc5db6c79b703567b5ba241380cdf73ad417b

    • SSDEEP

      12288:DyuTmlOIq76xb35zdtKTKKpKKYp5bu9TlLfUTdwq1ndPER:DygEMWx35JvbuhZUTdPPO

    Score
    8/10
    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      MetroFramework.Fonts.dll

    • Size

      656KB

    • MD5

      612080028164b12939751dcccbb68d4a

    • SHA1

      db066593c63d2eff41a5af1b49a3e098b60e0013

    • SHA256

      e96030fddaf7e78401567ee82480ad75ee48d3556199a3f85c0ec669edac2ef4

    • SHA512

      1879c960e27e32941c0c992b84803e7a1f8d243bfc88d17d3d32baca772290b9ea60a6ea90d53170be3bf7f0a58fe71ec901dc66aa560b4bf68b1da56c09fe18

    • SSDEEP

      12288:H+/9JcJlYqCNktA+SXfGpq2fHowSqCNktA+SXfvJR9FrIJJaqCNktA+SXfUC:H+/3qlrCNoh+UqgIwhCNoh+JR9FrIJJw

    Score
    1/10
    • Target

      MetroFramework.dll

    • Size

      149KB

    • MD5

      44538b311e9ec2bcf0a6452702628d99

    • SHA1

      da67301539903775708e9ec913654851e9e8eade

    • SHA256

      baf326f52d39155d722465947f4cc67e6e90cfd0f89954eab959568e9bc342aa

    • SHA512

      b65e3bc1c0f7b4c8f778cf52a36d628301d60aab53fdaf0355163e4865bc3d3adbf8870bb6cefc604708fdf2c0e72258eaf2fe301d524af2f77bc08014c9610a

    • SSDEEP

      3072:LU0T+erz8jYxYg5lzrPHlMUzxXd4kRZPI9q:vT+erz8jYxYgv/lxXGWPS

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      683KB

    • MD5

      6815034209687816d8cf401877ec8133

    • SHA1

      1248142eb45eed3beb0d9a2d3b8bed5fe2569b10

    • SHA256

      7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814

    • SHA512

      3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721

    • SSDEEP

      12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc

    Score
    1/10
    • Target

      RestSharp.dll

    • Size

      186KB

    • MD5

      03094cd5572b5d10431ad7a961c35e97

    • SHA1

      f4cf7905d8961902a5220baad75d56c0b418b530

    • SHA256

      0849f013a4731ebda79a4b8bfc586ef6ea25d466ee804173d097179cee4fbfae

    • SHA512

      693fcde4661df7d246fe76d8c1b039dae67c0aed242ccfd7d5cadc3c0ef686f7b2245611137a7e93872c332c4069dfe5c1f5f33ea4709313502ad9a7cfb3399a

    • SSDEEP

      3072:sT8k7MGhc0br12jCDO1k5muxdgXAFKDmVIdQSLJ190:sgk31/8r8jekKO

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks