d5a36cd1ca72e6e7c74f798cfc33dc3b2968bcc34db602800dc5b15148ad2374

Sharing

Copy URL

Twitter E-mail

General

Target

McTools-v6.zip
Size

3.9MB
Sample

240803-p23s8sybre
MD5

2f5c4d40f4bc0695ecff7bd4f3ef8496
SHA1

b54fe1779da96b13bde8e3a5b3043dc673ea4ab0
SHA256

d5a36cd1ca72e6e7c74f798cfc33dc3b2968bcc34db602800dc5b15148ad2374
SHA512

177ea2f1124add266ccf84f5529b5c3d646bf6454d13c45eadd38411fda618ea1182145c0b6369b95f44d8f38333c7a16b20a085928389ca15951acaf026f025
SSDEEP

98304:6AKAjlLhWixFf7Xaw81zwMIPYwcpR4DG3ERPne3q:jldWixlXaw81YPYH13ERPe6

Score

3^/10

execution

Malware Config

Targets

- Target
  
  mctools/McCrypt/Keys.cs
- Size
  
  10KB
- MD5
  
  be0631253a60281ca591243694c132a1
- SHA1
  
  1cb6bc8d25c4df1b073a8807f4b21bea2333e758
- SHA256
  
  1fc09fb0ae7ae488b189e74286511c6b4650dacc82ba8dce7946f26853ffce70
- SHA512
  
  2b586c4829c696b148ed7c88f3d32ef3dbc3ed00b738dbb7dd9d0d063fbb4c449ef7510d830792a5d6d7a38e8694f3efbcceeb5cd75f48f7ea7e902ec56a47a3
- SSDEEP
  
  192:YDDuWMNtVRF0arqCwemtZRoTZ9yCyVB25lBqR/NeYsCZDJzUN/Bcw0CyVSCyEqL:YpGIa3wemtZRoTZRlBMdLDy1Wwf
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  mctools/McCrypt/Marketplace.cs
- Size
  
  14KB
- MD5
  
  84f8f06e5c84758e670f26132f837231
- SHA1
  
  d468c331d394be572cc133c08d6d59707b1b1c4b
- SHA256
  
  3599daa748fe35792623086bac06306b977496baf8ba71dcc24ffa58b75f131c
- SHA512
  
  7af900874ccbb42fa131b0f1d4ec740743dca18cfd0138788fb0ceba8d6ebf9bb95ad870ea333e747b4dda0ba9129e97e9302fc9d76989ee016d956a5e0aec33
- SSDEEP
  
  192:eNPSblBXU68px2zBBJcPDq3WCfgF6ZUD56MOySBQgCy7cv+k9GvnY6yCFVGbi7iU:e1SP+AgL56MlSlE2kd6ZVGbiOMVwU
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  mctools/McCrypt/Utils.cs
- Size
  
  2KB
- MD5
  
  b4c3b833876b0312f129619da1f7c9af
- SHA1
  
  586a0918b1eb01dd9854e2ac5e14b8998a6288db
- SHA256
  
  1764407dc77f6916eaf57d512e51273fe20d3b764d3940cb7a4f5e2a0ac699ee
- SHA512
  
  fe75c00a67d642910c41371a3358dded28d287bae39d9490e167f599e4beb4f8eacc46f963a754596234fdd84fc211ebc4a065036dc61f0a6e60853c4dfdb8b5
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  mctools/McDecryptor/Program.cs
- Size
  
  8KB
- MD5
  
  e6a72e8ce385b63ede81cb5367c12b24
- SHA1
  
  2abd6fffacd2cf1b4706133843b9a3d02dab8357
- SHA256
  
  9bbfc4d92f4f0bb9ea67e15c06e23d655d97fe5674d3334bea7dc7c832508c68
- SHA512
  
  9d672fc7a9e0c7d9590f9e06781e0c3dba94024aa6a811d570eb90f9050eba9b799bd51ab5711d4593eb93fd14d1168cd4f447ede4bd4ed7103610034ac00f25
- SSDEEP
  
  192:i8zkktShpiZHdHTKCgjxMZTfCRMSTfY441rM4QiSv8GDxE5Xhm9pdHi+mZBFkVvu:i8zDmMRSM0D4ddAtC+OFkVm
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  mctools/McDecryptor/Properties/Resources.Designer.cs
- Size
  
  3KB
- MD5
  
  1fe5f792ebd629e2020e04ae26dfe933
- SHA1
  
  29bb8b54391d81be8dfca0da371cd5c42c4c2bc5
- SHA256
  
  fba4d50b71f4b22eeb70984bcf91e30ff0b0ede08f21720a4817f8447285b7fa
- SHA512
  
  1b68b64aa31e59bf9afb6a7f05cf2b3bac7bcb7097ae51e7e0ca227b36929e6e03d361e2245497fddd2b0832c3f436676e4fae2a25a3ded4945f313cb2a1d7a7
Score

1^/10
behavioral10 behavioral9
- Target
  
  mctools/McDecryptor/Properties/Resources.resx
- Size
  
  5KB
- MD5
  
  4c96ff1f906c3fdcf4b33620187f64da
- SHA1
  
  345db85ef6c62c7a37fb4c509e0d8093e3afd441
- SHA256
  
  419d0733192e32a4705cc59f6a65ab053721537ecbfccdf5c0e4258d418531cd
- SHA512
  
  6d2d357226a265bbeb398739adc31cd5b9ace296f61c327674390366a0167c734f09467ba5213bf5b918081b8d901b095b3817bfa633df2dc102673f66b276a2
- SSDEEP
  
  96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFC3qxdRMvDbu8KsrbEKAy202lU3:Zf+tLPfYnLvFVOiFQaUD7UgGGrh+
Score

1^/10
behavioral11 behavioral12
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/net20/Newtonsoft.Json.dll
- Size
  
  558KB
- MD5
  
  6355cbc2e2fc439d10b093d2e1fb0f44
- SHA1
  
  3502e1e607e640d53a466ea00cf718354339b8eb
- SHA256
  
  87837943df8c9ed8a759125a5a57dd2d237a2c5eceb742c4353b93d7143b784e
- SHA512
  
  f23ac7b9f948e5c04e5dd6cb7d85165305baa7bef554830bd742e221aca359f5bfb0dece893a8128a6174539a9f32a1070701dd388083e2bbebc4002ed6b0861
- SSDEEP
  
  6144:ndQGX+WzjrOtIldGE1PJCbQ2fT1934zGt2JPyXVo+pyQBnvsJ0unNOqgLXPBl2pa:xX+wrlJyfr2JPTpppURrR1lBNARq
Score

1^/10
behavioral13 behavioral14
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/net35/Newtonsoft.Json.dll
- Size
  
  495KB
- MD5
  
  283544d7f0173e6b5bfbfbc23d1c2fb0
- SHA1
  
  3e33b2ef50dac60b7411a84779d61bdb0ed9d673
- SHA256
  
  9165e595b3a0de91ac91a38e742597e12ebb2a5a8fa53058d964a06ceaef7735
- SHA512
  
  150b45cd43dc5cf191c85524c15dea09fbb48766ad802851270eaacfd73f3d097fef8dcf0ea042184220e7bc71413677d88a206d8bbe60374986e4789054040b
- SSDEEP
  
  12288:7MzH+hB/pzxJi3X3+b6umJBDARbeqTJge:HLpXk+b6umJBDAJeqtge
Score

1^/10
behavioral15 behavioral16
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/net40/Newtonsoft.Json.dll
- Size
  
  562KB
- MD5
  
  486015a44a273c6c554a27b3d498365c
- SHA1
  
  cb08f5d7240dfcdcd77de754259b36c0d9a2a034
- SHA256
  
  6a168461c721fd14163751f7839fb8d67483cb5831f1b2b1ab3e96a68b82d384
- SHA512
  
  1578ed43e815017c269d2a37bb9cdc16d51209bfa6bdb7276ad67cbb39955708826973ac7f48c795e6a1361e7d2a14b14b6cea02ee9ecf396a4b02313aada1d6
- SSDEEP
  
  6144:IJj8fixN6WWWgIkPgXCv8YiMvrrN91nU1cysJZx28rs80nnlrautBu+cfImj4yu3:IJjHxN65WCPPvWqFOV6ZxFrvKbByjdu3
Score

1^/10
behavioral17 behavioral18
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/net45/Newtonsoft.Json.dll
- Size
  
  685KB
- MD5
  
  081d9558bbb7adce142da153b2d5577a
- SHA1
  
  7d0ad03fbda1c24f883116b940717e596073ae96
- SHA256
  
  b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
- SHA512
  
  2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
- SSDEEP
  
  12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5
Score

1^/10
behavioral19 behavioral20
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/netstandard1.0/Newtonsoft.Json.dll
- Size
  
  655KB
- MD5
  
  a8494341b73a5eb47c01be10f7412ee5
- SHA1
  
  130cb87f8ed5b7bb142f3d1523d4fd50024dce91
- SHA256
  
  65cd9c5a731d8761a0753ea6cb5d569e751207b0bbc9fde3c9679d445908027c
- SHA512
  
  730fcff11016f77c47f2ed37a07e96871d9521170e324a4a1d157611131a785738f78be1b8860e5ab77fd934e606afc7ca87d4219c18f645789ca7910c6e3c21
- SSDEEP
  
  12288:yN9pZk5zWS0uWAOwI2EpInqAKCMKYBtAN24+:Mk5z10EOwIjyHP0BtAA
Score

1^/10
behavioral21 behavioral22
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/netstandard1.3/Newtonsoft.Json.dll
- Size
  
  673KB
- MD5
  
  f8404f5b03f4760e42834c68163813c1
- SHA1
  
  017d0af74be452ad3a06e6cb11604b3c207552b9
- SHA256
  
  814a8147ace7aebc976214107da6e7fc219601257ed1b09ac9d90264d310117c
- SHA512
  
  cfc95adb825a7baa7227fc56ce750f676bdb1d11a67456b2f237dc2f45474c13179bac0df079bdd4a54a873ec4586f1bcc778a1e27cc6f61bdf3f40f31dc4010
- SSDEEP
  
  12288:Y0t+9V6ANvyLC1scj5A6BeopZjNYRjjHD:O6AML/cdjDUjj
Score

1^/10
behavioral23 behavioral24
- Target
  
  mctools/packages/Newtonsoft.Json.13.0.1/lib/netstandard2.0/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26