1f789eca76ede7db357a1d407aab003bec6280021f8bdf41306935dcd9ef586e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

jay (1).zip
Size

3.4MB
Sample

240803-azgqnaxann
MD5

66d42b233977d70de708f36eb5d399e4
SHA1

8818260628bc48f7552708157a27ddb50ed64610
SHA256

1f789eca76ede7db357a1d407aab003bec6280021f8bdf41306935dcd9ef586e
SHA512

bc0540df7fd7918b87171395ecdfce8cf419d1871a207cb80db668f9ea2a8a51abaa17c647cbc8acc27642c96fa3a33d3369a971f104a2816ea0e23e47f95a68
SSDEEP

49152:fCZtxwMZ8tOBR15UENHrD9Tno9lQZsQn8XcZNKagZdTVP0685eLi6WcMw65FYiqt:fCZDwMZ8sB9f9TRshuZWhJeaW/05kGWW

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  confidential/. [useless].html
- Size
  
  26KB
- MD5
  
  eb89979bdad7172bec56b78e85b681cf
- SHA1
  
  fc740f6604bc38519cc12d5b61a1c1e3f80f9809
- SHA256
  
  35bd6b3c48f116b56b55026c6d800f789c9b6959c6d7538f2487be9877eaf16a
- SHA512
  
  c5607d2b9e125a1621dd7c7cea357a21ff1463b9e48a6895bf8d176e7a38c835cfe680e27d6f75fa5db36e02a5077e102a85b2366daa5ed3d69b9900f748ff13
- SSDEEP
  
  768:ssYMYsosIMCFWYxuwDRYkMis2nUvoUrNAA9vUdMUI:gMDvaM
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  confidential/Direct Messages - Firy024stream [1249441603571945625].html
- Size
  
  26KB
- MD5
  
  d6e1a7613cde51dd9c3492bb350d3628
- SHA1
  
  27ab07eded920cafe8b11cc16594adf11dbe0615
- SHA256
  
  3e6ee5e3117a2e4e6a03851f9820269c62f8e4d77fd854c09cd37ad65cbf7c2e
- SHA512
  
  06cc25fb4d2e7af239de7d4d9d8c8387b6fdb8249c20085c3e9dacbe0efdea4373b3fe2e2aec623cb6a97bd70824a2351e29a56f71640e80100d7937bcfbbeae
- SSDEEP
  
  768:4sYMYsosIMCFWYxuwDRYkMis2jdtURIzUY:kM4F
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  confidential/Direct Messages - Fungaldom [1249801805739720845].html
- Size
  
  24KB
- MD5
  
  f61489f881b0f95fbbc03cffa2a93dc2
- SHA1
  
  bdd8db43b5e6c912cc5c6411914c85826016d14a
- SHA256
  
  d2e918896a2f27158773f35d6561078ec924e5252950867c3cc543ff2e47add1
- SHA512
  
  63b8f53f1fe32c4f305bc7d2ee73e70038af95061dc5819d86f5e94333ef26953d8a6bb127c50863313c6d259d476724dcc8f79ecef900bd36cfb963eaf55b5e
- SSDEEP
  
  768:hsYMYsosIMCFWYxuwDRYkMis2GUsaUH+UR:hMt
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  confidential/Direct Messages - Garnet [1231205091499970600].html
- Size
  
  46KB
- MD5
  
  df9b18970708730931675890b56947b6
- SHA1
  
  b813c627f3c32fb5b05c8219434b6b69f11593ac
- SHA256
  
  79c08a59171bdb06b527c39c60477a51559b06bd048a653b1f46a4f3e018d6fb
- SHA512
  
  103a1ff7a1c40f5852db61d5118295e0e8ad860bf05804bd7037657221fb1cf946258341427ff389ee664a3a5958458e8f43ef366d52d3d43695657b483f9435
- SSDEEP
  
  768:RsYMYsosIMCFWYxuwDRYkMis28UWrUzsUMVGU84UuFuU49Ui1U+ZUUPIJqcRaU4P:xMi
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  confidential/Direct Messages - German [1148723006407979028].html
- Size
  
  198KB
- MD5
  
  75fdb39e20202694f070ebcca17300ba
- SHA1
  
  e8d3ff468904aff14edd766938a6ee7fb47bf066
- SHA256
  
  88ea060b1e09c386e29ee803710f526748eaad8268aca64fb095bb021ecb0e0c
- SHA512
  
  cd02acb9a1a3677a006a06744023499abce07e8f4761a0beea043edd4d28ef90e8fca3755fe17039720496be77c8223de994805e1156045af0fbf1f53566f33a
- SSDEEP
  
  768:MsYMYsosIMCFWYxuwDRYkMis2hUt/kCU/zUiWJUeuU8WwWIUFWcU6WJWRUMWAUUA:AMLkN0VwxKy
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  confidential/Direct Messages - German [1249099276865503334].html
- Size
  
  26KB
- MD5
  
  1d1e59868783b64bd17d41d6ec0a0ef8
- SHA1
  
  6ea05240ee25d043609b59e51866472e145f76db
- SHA256
  
  61502657167bec396119888ec59e5c29c7beba2f7920b1d17719137d70dd424e
- SHA512
  
  f6f4c44d610682a0429ba3c74f5cec87e2352d29c2d7f77b4ea82d8f64c146cba0f6a69874bc86a23a1de4b9c7ac2d378257f2d35d924f74555ba4bc62ff4997
- SSDEEP
  
  384:MsYMYXcosIM8tz364WWm2xuwDRT8YxMigCBVxA25gULWQWc:MsYMYsosIMCFWYxuwDRYkMis25gULd
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  confidential/Direct Messages - Giovanni [1247621230660550759].html
- Size
  
  41KB
- MD5
  
  e9bd3c47fb15c5cab29f3eb580f8b79f
- SHA1
  
  3be578492c6dcc87cfb2601db90ba7c4ac6a6bd1
- SHA256
  
  81db77f36dd25f30d6ef5a1201d7542388b18acfefd2fc348a933e8710e0eedf
- SHA512
  
  99123a5cfbdd2f409c5250815d1d9aabe25b0ca84312eada87179a2d215ec19fca6dc5fe27089a6a62b127a87dd9a971e7de3047931eb09102d9c7eae01a0e87
- SSDEEP
  
  768:7sYMYsosIMCFWYxuwDRYkMis2QU8mUyAUlxUkmUi25+U7jUaPUtpnU80UfmUS:nMR2V
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  confidential/Direct Messages - Goffy. [1105195878978949212].html
- Size
  
  24.9MB
- MD5
  
  a65820da82603b8135af21c43ea953ce
- SHA1
  
  e4339831f7c47416de2a662d9ca8dbfa6d10ba67
- SHA256
  
  4ad4ea1e6f99288dc2f94c3759516a87a70d237b400a854f819936223fdae809
- SHA512
  
  0188e39752e1a832b1392087f8f8e5bfccfbc3930bb6a21a8d7ee1c852036800ceae08827f659c874a051a08466a4a894266123a63735ea8b7ba93f04763e75a
- SSDEEP
  
  24576:k2eJoVcMOOFWWd6X8SkBOWJZcstulq/7hT2sBl6+dF:ktX86Xflq/7hTX2+dF
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  confidential/Direct Messages - Hades [1234204064317968544].html
- Size
  
  91KB
- MD5
  
  18a86bf600ab922cca5a87e9cbf51d74
- SHA1
  
  27c03c713e99a774c5038fb3c7ef546a23a8c4c6
- SHA256
  
  8632883bd87f9c90c01e8afa07d3fa5a451b492a9888f02ab9358c9c03131c54
- SHA512
  
  4fd61b5f88a999e89017c8cbb6c7930d78f0c5e333970fd42df318775e9c5d4d5f39e877cc3590200de847a4e0ab6942b724e1857b647b65b9eb0d4d8e851d1e
- SSDEEP
  
  768:tsYMYsosIMCFWYxuwDRYkMis2iuUYxUJmUseUAdUXKUmNUjOUV7KmBU+sU08U6Ec:FMS7KvW
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  confidential/Direct Messages - Haldonj41 [1246450821370089533].html
- Size
  
  30KB
- MD5
  
  74696ec363ba426b3cc7d7a416ba9832
- SHA1
  
  98b623a11209059d53bc4e43737c8dfe83901ee3
- SHA256
  
  50c6bac599f2b0361fdd8f34a0c1f5a05d11ab0e46bf7a847ecc103236fd86d8
- SHA512
  
  0b7ff6842d9a6d7ca2861897121c1ece333c2d98f6a62428de5c291bf0431c7a72c0826b836b58d27e54eb0cf0ab071e4bb2bd43fd34bd881441745926fe4f7b
- SSDEEP
  
  768:rsYMYsosIMCFWYxuwDRYkMis2EUGA3UHAxUSAWULApULA/:3MiZqyJ/
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  confidential/Direct Messages - Hallo [1249024212937605162].html
- Size
  
  23KB
- MD5
  
  e555602ea6499fac2f7a8d3b8760709f
- SHA1
  
  8ef1770fb2a6e07bfdc968ec55ddec7f38f18b2f
- SHA256
  
  888ed46d4d9e9776cabdab0e8152bf0fab41a097a700154d9c27746e016b48f3
- SHA512
  
  f7cac01a92de5ee7b89ae81f3c30a9f0b6e44c205df6679ee6634d327ebe477354b4772b60292874e5f798242832bc17882024c0f5b2bb36498ab5d7285f1786
- SSDEEP
  
  384:SsYMYXcosIM8tz364WWm2xuwDRT8YxMigCBVxA2VUTlYU9:SsYMYsosIMCFWYxuwDRYkMis2VUTlYU9
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  confidential/Direct Messages - Hermes [1228805137749774491].html
- Size
  
  20KB
- MD5
  
  8db0da4822d64ad19f1769ba4be1809a
- SHA1
  
  1164d431aab298b8e099887033afec0c02d292ea
- SHA256
  
  eb40ffa9badc02a07ac28f10888a49a28218340e29334cc8c2fa028850cd1a09
- SHA512
  
  5dcac1645d69120f063cff38919bce6f3784a152469b174a6cb7449b449ccb4a22615e34fd7df3e493fd45944e60f97a49ad20e41c4ab8c1d6ce650802a37593
- SSDEEP
  
  384:IsYMYXcosIM8tz364WWm2xuwDRT8YxMigCBVxA2TUv:IsYMYsosIMCFWYxuwDRYkMis2TUv
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  confidential/Direct Messages - Horizon [1249397311965106187].html
- Size
  
  20KB
- MD5
  
  4fcc1501623e62a8c750d693a3d5708e
- SHA1
  
  9b84dce3d788b0420fc72324d2bac18e4b6625e2
- SHA256
  
  5667cb7ce423a93927b2b443f1462f4594a1230f4ebe93223971ff01f00701de
- SHA512
  
  75f750cd717e22672cb76b1a56156f6f1bca9ee0c001a58df5ff85c56e07d2749336f99d4e1abf271b819b4bec6a92899685ed823ff69a6693b5c5644be76625
- SSDEEP
  
  384:DsYMYXcosIM8tz364WWm2xuwDRT8YxMigCBVxA20Ucvf:DsYMYsosIMCFWYxuwDRYkMis20Ucvf
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  confidential/Direct Messages - J. Robert Oppenheimer, German [1226231741119729714].html
- Size
  
  45KB
- MD5
  
  7d332f3212ce7e4a3a184a0deb9587cf
- SHA1
  
  aeb6e699ec74427116648d47b1fff190f723836c
- SHA256
  
  bae5e9bddd3a2e1832d947299c1c637a2a56a721ef6617bf4577cdc761ac1098
- SHA512
  
  dc3d45be46dca6257a802648af4046a543983aaf8ff23c13f12b8e48f7c91cf6db542405cc3dea3bd58f25e7f8782373ffe094bc41cf16fa5fa002332c9c4c84
- SSDEEP
  
  768:4sYMYsosIMCFWYxuwDRYkMis2LUrRUh+WvUjWmUOzUe/UPUP/RYjUnUVUPg8nUz4:kMYa
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  confidential/Direct Messages - Jack Tritt [1237884522670981271].html
- Size
  
  30KB
- MD5
  
  6f18eb09426141dc042572cd8f6c7c61
- SHA1
  
  a8014d8e356884b59a02c0bd086a44d467896e4c
- SHA256
  
  db4108032aaab7d5d1f3913910dccfcec9f9b38f716bc9e2f6d001e0498af0b0
- SHA512
  
  b604a3b64dbcf32a6ee1f44baf1d88ddab466ab052357ddccbd85c033740cf67a8b84dce7136c89e14e51d84105fce477577f080b55be30b00c12cb48097b7fc
- SSDEEP
  
  768:csYMYsosIMCFWYxuwDRYkMis2BBUDWUR7UtDU8qUz:wMI
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  confidential/Direct Messages - JadeIGuess [1221505444380545025].html
- Size
  
  550KB
- MD5
  
  144bc78383293f84c06163b8442c3caf
- SHA1
  
  97c686f697bc0084a1da5bb289d0ea64bd524050
- SHA256
  
  cad9113facb2e9ccd637a27314c5769c4f78d727b3b568e0359ab260bb58341e
- SHA512
  
  a11445a281d4db6359ac523cf27ecc9c22a3a73734bf95c55cc808834f36733fc451d4605966e729e26e8b8d7fd051cef12ec707df47049de1a683d8672ed949
- SSDEEP
  
  1536:MMc+3RcINDYT4nMalUJULzlRPNnoGZgoMjd43ftPXrZke+NFp1FEMuXTwFaM1PB:bzaT4noD
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32