cf3c6b40e3a5c3ddf1eb2101dbf7c25ca41b52d27151520eff28055d69179a96

Sharing

Copy URL

Twitter E-mail

General

Target

xbox-gen.zip
Size

40.7MB
Sample

240804-17yl9ascmg
MD5

1d1e5e50f9cf4432206ffccc2709ef46
SHA1

b2dcd16b8c4c90cae4db099329bc45975e62c74a
SHA256

cf3c6b40e3a5c3ddf1eb2101dbf7c25ca41b52d27151520eff28055d69179a96
SHA512

1d4bd9fdb9b96532d6ad9892a44fa204d5f31dafc0860cc22d411d94c6a717b359132e02053a106899c373591afbd880b55b36203b537ad994579c87676110a3
SSDEEP

786432:9pad5inz2Mj62hOvsIj53C2l2WuUPz+OOejvhk8QhzlWMGe6Z7FUUhRk3vIrxL3z:a+2MjrhwntL+UPz+O7VkJ5WyqmUhRk3k

Score

8^/10

Malware Config

Targets

- Target
  
  xbox-gen.zip
- Size
  
  40.7MB
- MD5
  
  1d1e5e50f9cf4432206ffccc2709ef46
- SHA1
  
  b2dcd16b8c4c90cae4db099329bc45975e62c74a
- SHA256
  
  cf3c6b40e3a5c3ddf1eb2101dbf7c25ca41b52d27151520eff28055d69179a96
- SHA512
  
  1d4bd9fdb9b96532d6ad9892a44fa204d5f31dafc0860cc22d411d94c6a717b359132e02053a106899c373591afbd880b55b36203b537ad994579c87676110a3
- SSDEEP
  
  786432:9pad5inz2Mj62hOvsIj53C2l2WuUPz+OOejvhk8QhzlWMGe6Z7FUUhRk3vIrxL3z:a+2MjrhwntL+UPz+O7VkJ5WyqmUhRk3k
Score

1^/10
behavioral1 behavioral2
- Target
  
  README.txt
- Size
  
  696B
- MD5
  
  f25a4a14c99f66a2ca2ff740f6a49141
- SHA1
  
  875fca9b7c1521a412552ebf3e2d56be27c2a386
- SHA256
  
  166863ade49f4c5d637fc4f92a6dff744343995ea965ea5dac69e7ba65fb77a2
- SHA512
  
  20a62d5359f33a210f1f4b0c278da1857addd46fd8305dc9a3dcac6631d8946aa9e563141b3342c4a4dfee7c1e5babd31d717eec0c02f9980752ad9267808e6c
Score

1^/10
behavioral3 behavioral4
- Target
  
  chromedriver.exe
- Size
  
  17.0MB
- MD5
  
  3fce5339c2a1a638d3784ec308f41710
- SHA1
  
  d8e6625d1d8520cdcf0b4c29f9dce2f395bfc33a
- SHA256
  
  6e00d438523447f57c350c017b382c8144a5904b084e7246b8b30cf0290627ca
- SHA512
  
  6fdca2a0462374d65b62a767f4f65c6258c28b765fd92ae2a4ad991820772cbf8c275e8a6f8c5b88d42db906558d4eac198ab3197f715ee68319ab8ceb34c98b
- SSDEEP
  
  196608:iz9zRHR2tcuEPd8fUc+ZgrlCzmy1sFDvpZdcMx:KlHdVPqscRlCzm/Fvnd
Score

1^/10
behavioral5
- Target
  
  preset.txt
- Size
  
  1B
- MD5
  
  c4ca4238a0b923820dcc509a6f75849b
- SHA1
  
  356a192b7913b04c54574d18c28d46e6395428ab
- SHA256
  
  6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
- SHA512
  
  4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a
Score

1^/10
behavioral6 behavioral7
- Target
  
  xbox.exe
- Size
  
  16.4MB
- MD5
  
  1a8d61f8d57fad56745a285c1486c3b1
- SHA1
  
  67db11b8475ee7e5c28ff08b0fbe0a022c39950d
- SHA256
  
  0ac1a371a6595a8eaebb134182e47b69e8ea5ef0eca2548dca6391e462815f57
- SHA512
  
  3001ea40d6e441d5da869070bfa0751cee846bc1ec6fe3ad6aefe25997f9abc23a7d1e59052cc167762977125055c7e330a37c4b455f54a4e0b2f0e5f13b15bd
- SSDEEP
  
  393216:TO1+TtIiL0Y9Z8D8Ccl9NKzES8LpurEE0146U04I2uaqPyRhsVCEm:a1QtI7a8DZcMZkQrw1HHoHyAEm
Score

8^/10

credential_access discovery stealer
- Uses browser remote debugging
  Can be used control the browser and steal sensitive information such as credentials and session cookies.
  credential_access stealer
- Executes dropped EXE
- Loads dropped DLL
behavioral8 behavioral9
- Target
  
  xbox.pyc
- Size
  
  5KB
- MD5
  
  61f065bfd934d32cad71648a566354a5
- SHA1
  
  5053222a221bbcfebdfa3d033e9999d245a01fba
- SHA256
  
  db8755b8c9425094dc84e6090d5ccfc40a68bb3d848f7c6a621f7afdbf625e83
- SHA512
  
  a6201ba400d97dc527c10865b211c3a982f9fe503a3b700ac29c1d11ca7935ae3632a176ecfa80861ceb096fcb66a743866eee107370af424812a19a8c3f3f3f
- SSDEEP
  
  96:OGlzU+46rFVv0gff9SNI7D7SvFm5/4MO2T:OrOPXgN0iJMLT
Score

3^/10

discovery
behavioral10 behavioral11
- Target
  
  xbox2.exe
- Size
  
  16.4MB
- MD5
  
  dcf66999fd8f426e146d25328dbd2736
- SHA1
  
  af530ba9f2601cbf89837ed9d856ac82593af41f
- SHA256
  
  b1c99cd04dfa55427465de52f0e746bc7f71ca6691c47286eff318987f9b66d1
- SHA512
  
  bf2caa7fd343c996da298dd501377b218ed8035852bd2fa9a22cdaa1f09b74a17e3e942f197ba9aeb0bda0dbb5ce3039c25faca563e8e85d62f4e1eb647d5822
- SSDEEP
  
  393216:CO1+TtIiL0Y9Z8D8Ccl9NKzES8LpurEE0146U04I2uaqPyRhsVCEm:91QtI7a8DZcMZkQrw1HHoHyAEm
Score

8^/10

credential_access discovery stealer
- Uses browser remote debugging
  Can be used control the browser and steal sensitive information such as credentials and session cookies.
  credential_access stealer
- Executes dropped EXE
- Loads dropped DLL
behavioral12 behavioral13
- Target
  
  xbox2.pyc
- Size
  
  5KB
- MD5
  
  d6b27eb47f09c041559837e5d9766f8b
- SHA1
  
  ee745510041a93d43fb0fb1d0ce32f822545731c
- SHA256
  
  2b2b17d1e6e1e9775d2ae0803f23db37ddde3b7881c9f9c7795a391ac250ea6c
- SHA512
  
  d464f196dd1180a303772c49b3ca9733de94ea25a8fcdd0a7778f24d2ca4cfcee918e5f9843dce16d60fc770d6f81d370a0041cf49e5883a9d95fa7c0cb2a8e5
- SSDEEP
  
  48:SLK1rXAUHCGU+Mo46fDuGdmITj014+fuzQnZXShLkaKd7SEyLaz3Iyo/8rEaQOLE:OGlzU+46rFVv0Nff9ShLkD7SE6/4MO2T
Score

3^/10

discovery
behavioral14 behavioral15

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Modify Authentication Process

T1556

Privilege Escalation

Defense Evasion

Modify Authentication Process

T1556

Credential Access

Modify Authentication Process

T1556

Steal Web Session Cookie

T1539

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Uses browser remote debugging

Executes dropped EXE

Loads dropped DLL

Uses browser remote debugging

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15