b0b1d2fc70f60a0d76d7435d03a1355ab3dfdca829a214e0e9f9894a44c4f3ac

Sharing

Copy URL

Twitter E-mail

General

Target

GarticBot.zip
Size

2.3MB
Sample

240728-rwyy7szdkl
MD5

5c60dafe5428070307771e92d9268d54
SHA1

9af638ac2a35dda63fa022df0ab1d25234831ef3
SHA256

b0b1d2fc70f60a0d76d7435d03a1355ab3dfdca829a214e0e9f9894a44c4f3ac
SHA512

cde382e825c1001bd39aca075aaa79f930778babbb3bf5cbe51aaa6ea7fb442f36d81245e5f2b35cf8f6ab13e909b7713e53ed454be74d2700ab3af44de42b68
SSDEEP

49152:+A6gxmFZABMhZ1UBbfW3VG/V+bbDSRW3fKgaSJUaYPcnpm8M5TwE:+omFiBWYB7UG/y3aW3XUaYvdTl

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  AForge.Imaging.dll
- Size
  
  256KB
- MD5
  
  5392a22226e960d4ae7e408913c49d6c
- SHA1
  
  bd498279ef2e77e4b2c828d2f88f57e7941e562a
- SHA256
  
  107da9260b6d2796335b516f043b360250001feb0ae3b1c8422f90b5b9f6e282
- SHA512
  
  d4b3adbd726a9216863eb7987e7eb03ebae134113bfccd5b62609d076e0c50738c7ec3a1a2f308360cc42a30e5ecd0731851179baa1eac4dec5f6559940ccfde
- SSDEEP
  
  6144:trzIhAD6BgD6Ve58PzbA82aoviVwjBKFel/y:tAhAD6In8PzbA82+VIBK2
Score

1^/10
behavioral1 behavioral2
- Target
  
  AForge.Math.dll
- Size
  
  66KB
- MD5
  
  c69973f674d9d113411d0fa2d1dbe222
- SHA1
  
  144bfc8c0ee91956dd555940d77360f303db2a7b
- SHA256
  
  a4f24c9a46705c66ff7838c3a4c61759f5ba58ee8a5b061d05340c61d790c0b7
- SHA512
  
  725b9c7113431b34754787dbf15b4c1fb2299e59efad35766e22a13e665bb7e376831be36d5a1664399823bf124af18d41b861956c18deea7bb68fde95b789ba
- SSDEEP
  
  1536:iLL/6wbnySdx6MpTQYf7A8TQvudlmmy+OIa:0n/dRnAUlby+da
Score

1^/10
behavioral3 behavioral4
- Target
  
  AForge.dll
- Size
  
  17KB
- MD5
  
  02c63f568e598aad85dd401d7b26e82a
- SHA1
  
  2da9ec7612835e1f69d4a93aa2d49ec9bdff7f7c
- SHA256
  
  966a474060a8aca70c73ba09d0b6fe2353035961c7107b9003ef879c010ff8da
- SHA512
  
  da9bff86be8fa890dda80a35ee6c851aa655f087f81804a23c73f8c586b7e13ac5a643e0a516a35787cd97b392aec16bfb95210080e4e53e6144fec9316acdb1
- SSDEEP
  
  384:aJtTjIFgPn1Q11umcaOxIapDtoTFC6dmoU:KRcFKoumc9ICDyxmoU
Score

1^/10
behavioral5 behavioral6
- Target
  
  Cloo.dll
- Size
  
  85KB
- MD5
  
  f88bc7da2a3fa4c39c51111db3392236
- SHA1
  
  e67a856cf4dc5905c2a258c9ef44892caeef5337
- SHA256
  
  39bb9d25fc0645e6caaa64dfa1dc14635f3274e0d3252d8c490a485402cd0e5b
- SHA512
  
  48a800b21833626a417760d66d7f1ce39c15ceae92f2dd112cb72f329974bb2ff9f0514f5791d352fbbd9a74c9027b471c755d5b938bfad1a0ff5ab45fb49286
- SSDEEP
  
  1536:OLvImi3xLKETrun8L7IO8zbXSBOmwMcnUF/jA82IOjWXnBS:OLzi3h1r4ddzbCBOmjSUxqIOjW3BS
Score

1^/10
behavioral7 behavioral8
- Target
  
  GarticBot.dll
- Size
  
  1.9MB
- MD5
  
  999907b2ea208c194819d8cc076adb93
- SHA1
  
  511bbb87135af9752ff3534429c3ece19263c5d9
- SHA256
  
  13a191bd63490593fcebe181ae5f9fbdef5118155c469f12f15893146e994fb0
- SHA512
  
  3f1232f3a1079ee485f5d22bc9a15427af17b091da7c49683bf873493dc4c2178b3977191357067927c466d396eda836a82b3eaf27928489225a99b156c3b3da
- SSDEEP
  
  49152:CI85LqPhBDYoyoSaoh+ywWEUOhkywWEU:n1PjEqSaoh+ywWEUOhkywWEU
Score

1^/10
behavioral10 behavioral9
- Target
  
  GarticBot.exe
- Size
  
  409KB
- MD5
  
  dd47a02229a1503ac5416052ebbb4dd8
- SHA1
  
  f5ca83bab956e83e7d62b274c125ddc96f77a754
- SHA256
  
  1835d736ddc64b06ef16006dd153984fb734bcd9562f2b2a40297c14fede1c1c
- SHA512
  
  8a06c4314e4932640c76aa780082a7e1da8f928c625fd88fc28920183d09d343866300d7a07c62f0711b53ea9ca51d8c9e974e745283974213eca437822affd6
- SSDEEP
  
  6144:1+oAJEJcy0owirZZEx1Vvu4sqWeQDkpAXtPlHLOL8CcJ20RmZQ33b:1vDwogV6qrQwpM9lHa4jwZQH
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral13 behavioral14
- Target
  
  OpenCLTemplate.dll
- Size
  
  662KB
- MD5
  
  00c3b785974fcaf969640cb1b231f6e8
- SHA1
  
  e7e9c465bee86f2579dd34e1354a006ff37f5bde
- SHA256
  
  75997b48e2b0146ea19f3b1e8cf6254131eb78156538abb3d349a0537f285748
- SHA512
  
  a88848b641a860de70d24f9883982ca155ae0fcde663e73a36e8ccc441be493b2ba8f1b87690c956ec0ec1355e50a36a5866b2dc42ba0740224f399474b08fe8
- SSDEEP
  
  6144:/CEA2acLEhUIZ73+7dlh7SvmwQ+j+ocn+xXDgalUQ8Ufx0kw4JeSkgihJWqKu7pF:FacLEhHd+7dlh7rwJxUasnn
Score

1^/10
behavioral15 behavioral16
- Target
  
  ref/GarticBot.dll
- Size
  
  274KB
- MD5
  
  b3520be3d21a81c6b14457da67d36eb5
- SHA1
  
  8284e05ab0b6680045dba3bd9ec046ce707ce143
- SHA256
  
  7cf9ef7af38b54acdd250aae4f6579ee4f858b5d058399dbf80af3b8010666b5
- SHA512
  
  7bf8c189796e6805ccc5cc3861745f02bdd7a3d07918a0fba04cf9f4e85c1d77d364f329d12893552c3ce71deaf0cb34e6ca109243d4227e5ebd5850fb243826
- SSDEEP
  
  6144:iwVvu4sqWeQDkpAXtPlHLOL8CcJ20RmZQ33b:hV6qrQwpM9lHa4jwZQH
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

System Time Discovery

T1124

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18