Overview

overview

10

Static

static

10

1/0178b79b...bd.exe

ubuntu-18.04-amd64

1/0178b79b...bd.exe

debian-9-armhf

1/0178b79b...bd.exe

debian-9-mips

1/0178b79b...bd.exe

debian-9-mipsel

1/0280cde4...60.exe

ubuntu-18.04-amd64

1/0280cde4...60.exe

debian-9-armhf

1/0280cde4...60.exe

debian-9-mips

1/0280cde4...60.exe

debian-9-mipsel

1/08b76206...65.exe

ubuntu-18.04-amd64

1/08b76206...65.exe

debian-9-armhf

1/08b76206...65.exe

debian-9-mips

1/08b76206...65.exe

debian-9-mipsel

1/0e4fc438...91.exe

ubuntu-18.04-amd64

1/0e4fc438...91.exe

debian-9-armhf

1/0e4fc438...91.exe

debian-9-mips

1/0e4fc438...91.exe

debian-9-mipsel

1/0fb86a8b...05.exe

ubuntu-18.04-amd64

1/0fb86a8b...05.exe

debian-9-armhf

1/0fb86a8b...05.exe

debian-9-mips

1/0fb86a8b...05.exe

debian-9-mipsel

1/25898c73...8f.exe

ubuntu-18.04-amd64

1/25898c73...8f.exe

debian-9-armhf

1/25898c73...8f.exe

debian-9-mips

1/25898c73...8f.exe

debian-9-mipsel

1/2c2e9491...3c.exe

ubuntu-18.04-amd64

1/2c2e9491...3c.exe

debian-9-armhf

1/2c2e9491...3c.exe

debian-9-mips

1/2c2e9491...3c.exe

debian-9-mipsel

1/2ef0f582...2e.exe

ubuntu-18.04-amd64

1/2ef0f582...2e.exe

debian-9-armhf

1/2ef0f582...2e.exe

debian-9-mips

1/2ef0f582...2e.exe

debian-9-mipsel

Resubmissions

02-08-2024 12:16

240802-pfv69s1drg 10

02-08-2024 12:15

240802-pe6ava1dra 10

02-08-2024 12:14

240802-pefp7a1dqh 10

02-08-2024 12:06

240802-n97ays1dpa 10

01-08-2024 01:57

240801-cdsl5szgma 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfc092b384976e97153bae0e29359461bfd65fce5ad8188d6460de57bc680eaf.zip

  • Size

    20.2MB

  • Sample

    240802-pfv69s1drg

  • MD5

    05543d62dd8e652936165c212ca0980a

  • SHA1

    f0c13e272c06cc945891d3508e341c1b5550a8e9

  • SHA256

    bfc092b384976e97153bae0e29359461bfd65fce5ad8188d6460de57bc680eaf

  • SHA512

    3cae5f69d3a7beffcb357b668b00a2223d3e616eb29564ed978138c80d9245af3ef77d78a86365039e745d430dac6d8e0a75d683c38f45024a6c9193bebc70ee

  • SSDEEP

    393216:8rniuKDJ1KA/oaXpBbD3QRDqeyNrQ/MR50eaJ92Bc0bU4BVzjfBzGct9/ug5Hd3w:8rOJsA/dBb7Qg3rQ0Q0TUcBzj/ugNd3w

Score
10/10
asyncratlockbitredlinestealcxworm6951125327defaulthellolinuxrat

Malware Config

Extracted

Family

stealc

Botnet

hello

C2

http://85.28.47.70

Attributes
  • url_path

    /570d5d5e8678366c.php

Extracted

Family

xworm

C2

schools-copper.gl.at.ply.gg:14154

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    svchost.exe

  • telegram

    https://api.telegram.org/bot6887301557:AAE2e7AcjyzPeaHQb_2XBthrT3TTCKt7jCs/sendMessage?chat_id=7045481276

Extracted

Family

redline

Botnet

6951125327

C2

https://t.me/+7Lir0e4Gw381MDhi

https://steamcommunity.com/profiles/76561199038841443

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

82.65.19.134:4443

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      1/0178b79bd084c2597b2de4e62e61a88bb8359e4fcac2fe672bb887e0e52e5dbd.exe

    • Size

      678KB

    • MD5

      c229261d7e8c8524dd25f7bc58edddf8

    • SHA1

      781d106f3aa60c392f039968ae45c53f78890871

    • SHA256

      0178b79bd084c2597b2de4e62e61a88bb8359e4fcac2fe672bb887e0e52e5dbd

    • SHA512

      be05a39499b86bfcb30725fd277502f026b29b205bb657d8303b55d9b8e0ae6d4bfb507153d77229871df32d4608a5b8b3bdb1e783f12db2541e48a73fd2891c

    • SSDEEP

      12288:8S2iNbczDLej8zhAA3Crp4mIjYBTBIE5Vmmah9di01DRzqICQlzCDmXPIPe:8S1ZcXh9IuMZBIEHlg9s01D71lzCDmXS

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      1/0280cde4a65664a05361129dc1cfa10bc17b3fa9567103ce6eb9d07b06f8f160.exe

    • Size

      1.3MB

    • MD5

      73d006e33d8eda033e684c07b15c53ad

    • SHA1

      e3e0a09b37beee1e19d5a6b9fd5322f906f4493d

    • SHA256

      0280cde4a65664a05361129dc1cfa10bc17b3fa9567103ce6eb9d07b06f8f160

    • SHA512

      1b2822a9f568783a6064194c21e4147ffb10c1a0c3ca00f586f3306cf7b5d0bee39af5dad5a78f720d75c09b0b71d44c75d05d9b432b1159915977006e9252db

    • SSDEEP

      24576:KAHnh+eWsN3skA4RV1Hom2KXMmHaKi4Tivd32MUMh9ZzU2Fk1gn5:dh+ZkldoPK8YaKi4mrUUZbk1I

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

    • Target

      1/08b7620610fc30c54e5cc095a54ae6d2949f68b0f224c285283e1612c254ef65.exe

    • Size

      161KB

    • MD5

      855da30648c0d4f4e2497470ece750bf

    • SHA1

      4f45dae1b578ddd47a0d62b59e5fbc9a4f11e58a

    • SHA256

      08b7620610fc30c54e5cc095a54ae6d2949f68b0f224c285283e1612c254ef65

    • SHA512

      948b66613c1e494e445a8fb7eff553345385ca0cd468c500397ea7c3bd02bc6163930759b057f98c9245c118205e0166023fee4e13135ef677947619d184d393

    • SSDEEP

      3072:/9gyPX977bb+Vnh9N47rL74qBlslaubyAWEktPZsZ:/yMZPb+Vnh9CLtkauehEkf

    Score
    1/10
    behavioral10behavioral11behavioral12behavioral9

    • Target

      1/0e4fc438decc9723b89bd0e71b9ee30c1a8390e697d790b2d5ce96e94accd791.exe

    • Size

      389KB

    • MD5

      35a50d146a389289bf8cf8ae60c9e785

    • SHA1

      eb94502d25789eb86dc160c2bc9be4b4a64131bd

    • SHA256

      0e4fc438decc9723b89bd0e71b9ee30c1a8390e697d790b2d5ce96e94accd791

    • SHA512

      9bfe09f5165fd43579d87f229ba4a17cc8af8d7fc50ed629de3ec93e1b8d94d9c6aac17f7a429b401f332623cef2178f0d0f1930b674cf1061d24225e5427ada

    • SSDEEP

      6144:blwLkykiFkeLnCUcx/IcoN6OpMW6rTBwEBKI7MUYbuYg785zg2di8DEO:bRiFHnC5m2TB+I70678dXi8DEO

    Score
    1/10
    behavioral13behavioral14behavioral15behavioral16

    • Target

      1/0fb86a8ba8fdf57990c283080a671c1320cbcdfd0e8b5f5a250d9c38a6fce305.exe

    • Size

      146KB

    • MD5

      2357ecbcf3b566c76c839daf7ecf2681

    • SHA1

      89d9b7c3eff0a15dc9dbbfe2163de7d5e9479f58

    • SHA256

      0fb86a8ba8fdf57990c283080a671c1320cbcdfd0e8b5f5a250d9c38a6fce305

    • SHA512

      bb5630ae44e684f2dfc74478c57bf97a94045501a64022d563e87f2a60d777307cab2b5a14e6764d25a2fd1f27901624c1ee76ca551d5a5e3a21abc4befef401

    • SSDEEP

      3072:V6glyuxE4GsUPnliByocWepo2NVLiguo/pyEwUS:V6gDBGpvEByocWeauV2gvzwU

    Score
    1/10
    behavioral17behavioral18behavioral19behavioral20

    • Target

      1/25898c73a877d87ba289bb4ab9585eb36eba9d27d47af678a86befdbf9aa938f.exe

    • Size

      1.0MB

    • MD5

      631e3c5465349fdfd6fc2fbe9c15cf65

    • SHA1

      af9e5b3d8ca4b6c64b69876b9cad6a18476f0168

    • SHA256

      25898c73a877d87ba289bb4ab9585eb36eba9d27d47af678a86befdbf9aa938f

    • SHA512

      31c6c58a5ec3d26e67a20f46df689fcfe69e90dffeaa36183630cc2cfa20d7fc07e19efe551f65f9606e435e26e2daf50b2275ee4b1cd7ab6b3641bef1552b93

    • SSDEEP

      24576:GAHnh+eWsN3skA4RV1Hom2KXMmHasvktOpBS5:hh+ZkldoPK8Yasvkt+2

    Score
    1/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      1/2c2e949171d86da9b5c58901de2e4a99c4fe86fe92c47556f53b833ce77c503c.exe

    • Size

      338KB

    • MD5

      6f1e400bcf79c773832b3ca2aab94d3d

    • SHA1

      8a1724e7f0df1b8bb22413751908b76f72498121

    • SHA256

      2c2e949171d86da9b5c58901de2e4a99c4fe86fe92c47556f53b833ce77c503c

    • SHA512

      2459d2e2b39987ebcf635a2867b67d8b5ae7c865157fe1ad32513fb0dcae0d226532d2416d4fc23c347add8a9d741ba3d15e662c3e2a01cf316046b1fab1254a

    • SSDEEP

      6144:mY1jumalKcYdvkMEdRE29UHYOhQWr6vSuwgeBNsCri5rg/73LM+L2di8bEO:maEKc+kMcIOauwgeBPi5rgz3L4i8bEO

    Score
    1/10
    behavioral25behavioral26behavioral27behavioral28

    • Target

      1/2ef0f582367a7674aef245acb06977bf646419f1f8d05c7fb07881a6102f982e.exe

    • Size

      338KB

    • MD5

      d5ad720fa67bbce2d11544ad3c211424

    • SHA1

      e9f63402b2eaabbdcc6cb5ec95e328f9620cd170

    • SHA256

      2ef0f582367a7674aef245acb06977bf646419f1f8d05c7fb07881a6102f982e

    • SHA512

      d8a8ae60abec80b7cfd7c9b9bc19d2f2594d1ecee0a28cf9a2f545afc7ef0ee59ca7a073edb8415f006662ed2095f9f3c190abed5023b81e094724c04ba153c6

    • SSDEEP

      6144:RY1jkmalKcYdvkMEdRE29UHYOhQWr3y/7qpKfQmhapjXFISRn2di8bEO:RcEKc+kMcI+IKImcFISAi8bEO

    Score
    1/10
    behavioral29behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

hello6951125327ratdefaultstealclockbitxwormredlineasyncrat
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10