cb8279fae3fb933cf2d42db34ced099ae5921a4896c7995f21b28a0b60360f6a

Sharing

Copy URL

Twitter E-mail

General

Target

cb8279fae3fb933cf2d42db34ced099ae5921a4896c7995f21b28a0b60360f6a
Size

12.3MB
Sample

240722-qfls9syelg
MD5

d590a7a4d73118c70886da29a0437360
SHA1

93c97b51039f33a8746f6bbd1807f844767a27b6
SHA256

cb8279fae3fb933cf2d42db34ced099ae5921a4896c7995f21b28a0b60360f6a
SHA512

ae45fa4a8356b88df096a67363be7dbb25a842b089d242b71d8a8b9fbb30b19616ddd24d96897241e29c93a29b7074a90af564c109f9770245e2d6279481236b
SSDEEP

393216:TYcH26mNV0i7Lc54TTLmsEeRxXSuj4zYU5J4CYGT:TYcCNB3c52JiyfUrd

Score

3^/10

execution

Malware Config

Targets

- Target
  
  Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  CeleryCracked.dll
- Size
  
  26KB
- MD5
  
  2c9f15a4395b897406b98c621d6df79d
- SHA1
  
  2a4b60d4332ec8b942fdcde38efc98a55727d42e
- SHA256
  
  e114d358e9a298573f7b89ecc526c292d0a504e1a1626233d1f01cc62cfd07fa
- SHA512
  
  add75e07a4bf855b788f9726398893a33975bbc0ab003dbf477af7f7e210aea37e8ad6e689063d07114567ba6d0d78d8e07c7da3f54391a38848f03a76b2b5f5
- SSDEEP
  
  384:f0eaQPSlVBK+ginIR9PEjqn1wei+oEBtB3P4bPYZu9TzksoS5nVDS:8eoVBK99T1wL+VNPCD35n1S
Score

1^/10
behavioral3 behavioral4
- Target
  
  CeleryIn.bin
- Size
  
  44KB
- MD5
  
  1345cbc437e118c1d7dfa6cb77c35e1e
- SHA1
  
  03ec05eb1622cb15a2a2c3335241ab26925afc11
- SHA256
  
  84b82453bbda410b7f53521eb995dbf486b1cce4706ab8504bc5ca35e93eb426
- SHA512
  
  2b1bad24f3f6bae30017a4edfad8c86701e8d9c2091ed866a54faf59da2a83dc0163ffed8aebe7eb8dd0ee3d1d5484c520218af28b62a379c6fba9c04b5a2a0b
- SSDEEP
  
  384:DpCav8/g6q0MEe7T88ckOUm9FqlHGoMFRGjGO0t8HBIovSsgoDl2B6wQa8Ko4:DYXSXlcklIaG3R/OdIovN2w
Score

1^/10
behavioral5 behavioral6
- Target
  
  CeleryInject.exe
- Size
  
  3.2MB
- MD5
  
  3b5f8a3991aa5e0079bbc52c7518c4d4
- SHA1
  
  bf62e397e6e6868be795d31bfdc18531646058fc
- SHA256
  
  f5035da7de64c48f6b1eaf947a028f0e5fd3970f971c2a6c6075501c4aad1af8
- SHA512
  
  686cf331ae4e90e03d05b44d6acbeff1cc42883f76c701f32f97889f8dd159e6b409fa01d66477cb1b57d4c5ec5adad121466b74570072192435d9d56a7226d2
- SSDEEP
  
  24576:0r+wL9+Acp2DOJeol+3oEL+53iauYCzafbOpKnNDGjaNYcpbdp3fsSzDsIasqGVN:0r+wQADDOThiLub1DGjaNlpxp3fZaQ
Score

1^/10
behavioral7 behavioral8
- Target
  
  Microsoft.Web.WebView2.Core.dll
- Size
  
  557KB
- MD5
  
  b037ca44fd19b8eedb6d5b9de3e48469
- SHA1
  
  1f328389c62cf673b3de97e1869c139d2543494e
- SHA256
  
  11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197
- SHA512
  
  fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b
- SSDEEP
  
  12288:6CxswUBor35JrpQ322zy+uFKcDoRFNCMmeA+imQ269pRFZNIEJdIEY0lxEIPrEIE:6Cbmv
Score

1^/10
behavioral10 behavioral9
- Target
  
  Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  c7000faa6c6040188c8cd8ef28b6deda
- SHA1
  
  07a23c50092e5c1fd9c9df87e26b65df25d37b24
- SHA256
  
  e4f695b72f99024e3ee5d5f26a367e664f4e120bd5d90aa87a8bc0509c365ec8
- SHA512
  
  eaee01031477454823974546055965df8d75c5115b25ab07b15ca608a20e8c21154ebb8c707a74213ebad04c2bf34a5f5563306e6da502235372c60672144022
- SSDEEP
  
  768:sijOv/1uokD/iyUdcIJtYZDgcEST3p4Jjrjh2jJFSUyauTv1JKia5/Zi/WGQK4uC:jOvZyUjJtYZDgcEST3p4JjrjaJFSUyaf
Score

1^/10
behavioral11 behavioral12
- Target
  
  Microsoft.Web.WebView2.Wpf.dll
- Size
  
  50KB
- MD5
  
  e107c88a6fc54cc3ceb4d85768374074
- SHA1
  
  a8d89ae75880f4fca7d7167fae23ac0d95e3d5f6
- SHA256
  
  8f821f0c818f8d817b82f76c25f90fde9fb73ff1ae99c3df3eaf2b955653c9c8
- SHA512
  
  b39e07b0c614a0fa88afb1f3b0d9bb9ba9c932e2b30899002008220ccf1acb0f018d5414aee64d92222c2c39f3ffe2c0ad2d9962d23aaa4bf5750c12c7f3e6fe
- SSDEEP
  
  1536:fpGqPvHCwKi8GDP/ryEH0GBy4JjrD1alhWU6Ozk1FKKa5/Bi/xGCv0Z0D6TgfPSF:ai8GDP/b0GBy4JjrD1alhWU6Ozk1FKKc
Score

1^/10
behavioral13 behavioral14
- Target
  
  Monaco/Monaco.html
- Size
  
  6KB
- MD5
  
  a84fac3e5548ba4b85a2ad585422be57
- SHA1
  
  de03dcb2eb51efcffb213fbb8de9f07d1d59b97b
- SHA256
  
  01bb8609c6178c80748bcc2c35a8fea83b71585eb0b2ae2528771df74e39456e
- SHA512
  
  a5ade58295c48769342aa108f81c2cea88f641e7a75815057f00175db97f227c46773bc15da52f37b23b9daab28743b05e57a9c52306602e4804de0e79a5eb45
- SSDEEP
  
  192:wEod3PorvaBic0Qp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoeBi1w5keghHwjt
Score

1^/10
behavioral15 behavioral16
- Target
  
  Monaco/vs/base/worker/workerMain.js
- Size
  
  149KB
- MD5
  
  27ead90c7702154755785e0e53398755
- SHA1
  
  86b59485fe6f6ccb1805183fa75062a2ac1c859e
- SHA256
  
  bdf9433692a08851e13dd58504eef19f51bd2ec7241923a68edf5772e0e53af5
- SHA512
  
  6829681575179c90bb7817b17feee60e7d44d8abb15264ab39d7f0edf95dd1d030b99c12b005c753cd786c26ce6f17ff09b058c16f3363596f785e386ef78e82
- SSDEEP
  
  1536:XNSxrkwnz+dTHHfvYYdBwDZ2Ogvh52xgh2hQXIvTBaB7hU74Yc6aphU1PblosJEl:XzdTagJkb+6jFlJJEt9yjjTCD2zw
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Monaco/vs/basic-languages/bat/bat.js
- Size
  
  2KB
- MD5
  
  4cb475399c4490eea41982dcd6d9653e
- SHA1
  
  fc97d57206ff7fa1c89ff0fc9f6e2f04a20ea185
- SHA256
  
  9bca42394fe8922fec24b768eeb8ce04692de6fad82f9052d5b7e70f5c6b0f40
- SHA512
  
  27eefe83cf38a7d784414d99b472f6fcd7e595691eb0f368254ba1f71aaf702840b62bf232c30c515a8fada234699fefeef496c0c24669cc158cb567227e4783
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Monaco/vs/basic-languages/coffee/coffee.js
- Size
  
  3KB
- MD5
  
  9d0c4ac1691eed0a480c3e9246490d29
- SHA1
  
  38258864fd070c35cec6b68715d58771df9fe3e1
- SHA256
  
  e706c9f8e5c5a0cb01b2f4e4879ec34a050d6eb2a8840284eb7badd9d78099f9
- SHA512
  
  437a703607a9f0cb96ffb56312d149b95f596290591d14098c36d978b2e1fdba3c3712c9099923bc0a709c5c0ebd7eea868f63dfbcc69cdf5a9325b8a67006b6
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Monaco/vs/basic-languages/cpp/cpp.js
- Size
  
  5KB
- MD5
  
  0a16509e6cd0155fb622e785cfe976c7
- SHA1
  
  7afa7f823191c43d7a4bdd7d91577495de62c21a
- SHA256
  
  a7c2bea7ca3d9e203a3a286735945fe010c8f4f8d46620386ee8befc6a78b32b
- SHA512
  
  2cbc48cb10c467561c6a84f59405e9c2f864640b3a21e6fe5cd14ad1a7ca5667b766b3c0511df26f28205dd17338a878bd1164a4f5875235a73214f3e4aeb49d
- SSDEEP
  
  96:hFDMgRs/rbV1+gqVV1+/LVb9ZRC2seM6jjz13MwVcEghhb6Yw76wGcmvRBNIs:hZGrTOcVv5M61h8hSeiYL
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Monaco/vs/basic-languages/csharp/csharp.js
- Size
  
  4KB
- MD5
  
  f8f841d13c9220e15dcd6bc386b37ba2
- SHA1
  
  2b8b7003820d19ed83afde98c845db5e3d5753f8
- SHA256
  
  6b3be9a86ee8e3202f51745d94d24cc1eefbcf7d9e6d94fbaf70146b084e835f
- SHA512
  
  0b167865b8d7847792c80144e83bdf33655db6ecc0934bb3290f8b5793fee8168aeaf9d74b3541a9424c4f180aad496c2d8710e3847a5bf9d4b2c960ddea4ae5
- SSDEEP
  
  96:hFDMgRsVx+rbV1+gqGV1+hmQuq1cBh8b7gj8/pLxb6J994wGcKU7dYIkI:hZi+rTtPsRXpw9SiKUJGI
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Monaco/vs/basic-languages/csp/csp.js
- Size
  
  1KB
- MD5
  
  22ada25d590811dcff4e5f5d698e583b
- SHA1
  
  c43d4846967d5037ef05b102e49d1fbc54e45fbc
- SHA256
  
  4b5a5d7d50986b86b00833447e097c0f01a4388ce1765b48e7e371d06e3a4789
- SHA512
  
  c8373ea0b78114f82e8bf027473f72ada0d8acd51623152a0072111d8b3b7d5ac310a1cc510c4e4cd2e97a7686db3c87b2da675fc910898bd11108e4b50ed189
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Monaco/vs/basic-languages/css/css.js
- Size
  
  4KB
- MD5
  
  49ad30f1151cfd7a74677fdc6dd13da9
- SHA1
  
  286d47f0a4cfa26da2e4d1f1317a8c87000bb5fc
- SHA256
  
  bd331fd3bd2c37b0c3150035325f163ac9266bf6d942310764815e676d856d91
- SHA512
  
  7337706bfd5bd54938da0fba35e97f8e5780491c04b58d43fc6d905bd2dca92897f1ed8d48e42665f166da7684cc6e29a63ae73f8d3779a9feb97c397a642f0d
- SSDEEP
  
  96:hFDMgRsozIq+q17qcq6V1+/aMj1cqTroIrqjKf8O3lzXY0Jc:hZzzv9VmjoOf8O39XbJc
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Monaco/vs/basic-languages/dockerfile/dockerfile.js
- Size
  
  2KB
- MD5
  
  e32de981bdaf75e6ffb8fe40bc955a68
- SHA1
  
  bef1af7b26ea01c987c7a6295bb7192d83a32068
- SHA256
  
  65b86fc54e9b35d6cb84f01dfb905680dbcad6605757de1d6bca84e3029889af
- SHA512
  
  a3eadd8c1389dff6c2c6e595efff69be3a573d01e4e16b8e4a8b28f63e4c48c9c439b5dd93666d81d703d1c6b5bf927cc8e47d04af270128095f0d579407c2f4
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32