3179f14d4ee6ade9db5a23c027889140028cfdf272a7f145e9563087b19bcb54 | Triage

Sharing

General

Target

89c44579b4a5c635d0be5cff6729fecf.bin
Size

8.5MB
Sample

240806-d7wrbsselb
MD5

89c44579b4a5c635d0be5cff6729fecf
SHA1

c31640ad4ecee712cd68212c1b9acc1224671710
SHA256

3179f14d4ee6ade9db5a23c027889140028cfdf272a7f145e9563087b19bcb54
SHA512

91d21b340dbd6a44481a086b6fe3f70ab081d029a1ecc0cf033dd4540c6c1ac9f4ba7c102a0badf44e0007c4e542f56dc884deda16a5f571883750ff14e3d266
SSDEEP

196608:30AMs79dyHuSdYxUBnl4lF9dvgV/XTcI+y9byjBR6ayPiN8zPw4D:3V98Hh7Bn6LoRT7F+6LPjwu

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  3.8MB
- MD5
  
  846a7e5993282e220b26b82e7a39a40a
- SHA1
  
  e37fe15d2fb33753c042e16d1d008d412e7d99e7
- SHA256
  
  5613682635617cd43720807448f69b10090932e8571a358b92361d2a2c7a4597
- SHA512
  
  fcf608391d7f8406bb538aca0e9dafb804cceda6c590dcd98d684645bc3bfc0c1d43455a74854988b4b30e56a68ef8be886e92e993f1504b49f0e4baa1c0cc0b
- SSDEEP
  
  24576:d1N5YmLfrTboUFM1dFqgWy/KKu7wG0Q/vtDyaBhTDs1l+zTdE+LHQ/jz4AN3KC:dLDoUFmagPKKu7wG0QHBTal+fa+PAv
Score

1^/10
behavioral1 behavioral2
- Target
  
  Nyx.exe
- Size
  
  1.3MB
- MD5
  
  4f8af9171e3e906dc3c202e0c641acb8
- SHA1
  
  c0c65f4910fd0413eeec737045546229677315e3
- SHA256
  
  3ccf15791e116245c1e3a910164ec2f467be7e727b1e537b224c55d4ba0aac8c
- SHA512
  
  f7e86ca088fcd43cacf95adbe8d79caa1d40876fe320734c3ed81ced7ffa594e8b4e6cbb3e366e46b1ac94b0ba64cca56ac9fab37b57a4519b5ff44290705fa5
- SSDEEP
  
  24576:7hc9LC1arhc9NC1athc9C1w6tbZW/6cK45DnSrdiqQzxWMU3kGRpTCZggIhc9:7h91arhD1ath1DbE6n4RScLfyXT2Ih
Score

3^/10
behavioral3 behavioral4
- Target
  
  libcurl.dll
- Size
  
  557KB
- MD5
  
  bc4f7edf27ec19d796c2b9720a0d0711
- SHA1
  
  b7e49d641660d18c0977401e8b83cafa7475b2e9
- SHA256
  
  fd1facd293ffb60699ec797b8ff3553d3165f83d8e4f14ebbcfe3f3af87cb3cb
- SHA512
  
  e5deb07db01ee273a96e6684ab04bf425fedb0933f3f7db2eecfa3ae9e678fc1402bc1e7dc19fe0cb87f240af39f69d52f7003e84d809fd475d672f02a2a6d50
- SSDEEP
  
  12288:E/4zHAn7aOe5hR+e+VTXtz3m5+LIbaaDMhg2/FOhGteRl:TzAn7aZB+BBz38aaDMhg2/FOhGy
Score

1^/10
behavioral5 behavioral6
- Target
  
  monaco/Monaco.html
- Size
  
  47KB
- MD5
  
  cbdf1d9e3d8379b6a4356aa7d82809b2
- SHA1
  
  22d9ab74fcaab46c29c9ddb3abc9113078c7af1d
- SHA256
  
  91a5ac998f86411aafded21ff8518e2d27f298534e6e8a5e401c604839cc4743
- SHA512
  
  9c37cc62b91706d642dbee79692c8e2ac4726b1b68edaf3a759c18b42dcd7d3c0b5a5596597eb543638d3f5aa9d1a73c9264a5dd5f0edfa28f6f5eaddc0cb6a1
- SSDEEP
  
  768:TWi2Np6OXoy1NCsECUrxzD80kShCTrw4mkMXQnb1fqKTr5q4QVGQ6riAT+e3N9vy:d2Npdoy1r+lkSMw4mkMXQnb1fqir5q4I
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  monaco/NYXscriptdoc.html
- Size
  
  9KB
- MD5
  
  6e82bc5399815832088047710a99ed63
- SHA1
  
  9cc138cc30226950d3c41021bc36c426316e7acd
- SHA256
  
  6f04c59cf624a7c26ec563b26b1d0eec2beeea02b5fb2dbd64e865b2eb8165c4
- SHA512
  
  9cbfd385ec93a1c7e6f3c87efae3ea42da719f253bb0bc070e8491a214cb6919462e709a0fdcd1cb23d22f78569116478a033cda65159a0b40ca712e9100cdcb
- SSDEEP
  
  96:GCKL3WpH0VrADnyVBMc7BVf96firr/llTVFZbDGr3JY5B98PNhc:GCY60VnuORUqrjDTVnnnShc
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  monaco/vs/base/worker/workerMain.js
- Size
  
  149KB
- MD5
  
  27ead90c7702154755785e0e53398755
- SHA1
  
  86b59485fe6f6ccb1805183fa75062a2ac1c859e
- SHA256
  
  bdf9433692a08851e13dd58504eef19f51bd2ec7241923a68edf5772e0e53af5
- SHA512
  
  6829681575179c90bb7817b17feee60e7d44d8abb15264ab39d7f0edf95dd1d030b99c12b005c753cd786c26ce6f17ff09b058c16f3363596f785e386ef78e82
- SSDEEP
  
  1536:XNSxrkwnz+dTHHfvYYdBwDZ2Ogvh52xgh2hQXIvTBaB7hU74Yc6aphU1PblosJEl:XzdTagJkb+6jFlJJEt9yjjTCD2zw
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  monaco/vs/basic-languages/lua/lua.js
- Size
  
  8KB
- MD5
  
  9cf08ada63c048e4e38c8816409ed958
- SHA1
  
  75a2564071cb1ff7c160d6ed385b9c32ed8a45df
- SHA256
  
  c171352021b601d49147f9c8a8b241ca0d8e905f79937164ac824ad2ff3f9ccc
- SHA512
  
  636e25d27ecd211b535845c7f7e5b546a5f50ccfa5d321d37fac0a155b6a001047f86bb5e514ee138efb82b88da6c3e4ea3db2a0bcf4918a274c9ff33145dd34
- SSDEEP
  
  96:SD3yDUnHWD5dyVLY7SvEFR88iqIZkQBZZMP4etFbhBuMCL8CvcOAtOfxBVkxMZlT:nDGHydyNY7SsfkFedmUtOfxQxjE
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  monaco/vs/editor/editor.main.js
- Size
  
  2.0MB
- MD5
  
  9399a8eaa741d04b0ae6566a5ebb8106
- SHA1
  
  5646a9d35b773d784ad914417ed861c5cba45e31
- SHA256
  
  93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18
- SHA512
  
  d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8
- SSDEEP
  
  24576:SmmBNDw4gCXJkB4nIg2IxhbaeZYIMsNjvit4f:wDw4gCXJk62+aeKIMsNjvit4f
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  monaco/vs/editor/editor.main.nls.de.js
- Size
  
  36KB
- MD5
  
  4d83bc1bced6f773423be6f939472cfe
- SHA1
  
  1b42889a7f580df9f7d399c33141d38548143ed1
- SHA256
  
  0dee462d5fb231f169f6cbc432465a43fd445c011fe650e29f5fb2bccc31eaae
- SHA512
  
  c53d522438767a15b5711099fee0acb62ff21289b62640d1a4823a90c8a7d8836bc932daae477d5188b1ba78c50c581284c4d7379efb532f37d356add97ac8e4
- SSDEEP
  
  768:jADv7LbgRyefe80QqYax/mZgb2ET1UZ0IMlYmz7w0hxH1N1Bg93RyFGAIDB7wZ9m:jADDx80QqYax/mmb2YLIEYmz7JhxH10D
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  monaco/vs/editor/editor.main.nls.es.js
- Size
  
  37KB
- MD5
  
  b371235f971baa51f58f123f40c4435a
- SHA1
  
  843d4a2d214c7d9da650cf4d0c6981ac1dab69c6
- SHA256
  
  203ff3591e02eb7b55a591e53919cc337f8dea73e6446fc3493227761c0794ba
- SHA512
  
  77d43490f1208dde16b6773551ea983cb2352455178ea0e3d4d4b2f2e05dc406cafae89738001d708b780b58882cf5448eb7a8d1c11aa7b8e87915a390da618a
- SSDEEP
  
  384:hwuiA9wZFjNzWZQz7uDlnDEuoKZvGrkEq1EhBR3H6Sg4eUz+JWCHcxS+S9SxS9tf:Y9ZCZQOtDZSj1XJS+S9SxS9tx78teB
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  monaco/vs/editor/editor.main.nls.fr.js
- Size
  
  40KB
- MD5
  
  d319e61fc6b357b9a5d8e3bbaa44ce3c
- SHA1
  
  b1539b082b2b8290f05dfe17d6fee3d64b2ec244
- SHA256
  
  7fde40b2b212d274617232de09452c6cb896e8a3c6b9e0b459f067cd07f31a99
- SHA512
  
  6ba80b90242dc55ecfa1678e7f8506ed9add4bf08067b125ba63d42b8e8e4455507a86369f6fac6c9d10565d083e7364d4fc79d62e9bd460fe49957c91f598e6
- SSDEEP
  
  768:HlKogi6Q3JbQWxxGmmrHeHPO10xSgGvJ1COIoJoZjbEMO9ms:Hl8KbQwKRavGJoZG
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  monaco/vs/editor/editor.main.nls.it.js
- Size
  
  38KB
- MD5
  
  a8855a662eb4d3a771fdab7ba6287def
- SHA1
  
  a78b57810ac8e9704e97897c6168f4140d2eadf7
- SHA256
  
  f67cec6dbf98c98c834638d20df53c5a770edada7f26ebf6d0b7dfec60f7a4ab
- SHA512
  
  1c03f8b243701870d8a17e5565da6c65c3f1d76dfb55c88cf68578a4754434a071565da9147e7c833de588a5907b5ece07e018dec52c79d9b2914c964a48a4b5
- SSDEEP
  
  768:4klNUuMam1xYhz2LyXSXBjlHtvnYyjMbRgD5SL2KAqI0UGmGfpspuoeu317K93Ph:5f0SL2KAqKKNpCi
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  monaco/vs/editor/editor.main.nls.ja.js
- Size
  
  41KB
- MD5
  
  a1f3c9e940206ca310147d644305a6e1
- SHA1
  
  005a8f7023b9d873962c7272203cc0c0d0ccc624
- SHA256
  
  ea9f5e8993017f858cd9ee70aac3d7990ca85eaf40a052025e530fb1c300837f
- SHA512
  
  f98ad1e4c127c3aa4a4ff2fa7ed2a65b5d32644211679e42d70aae03f9c0af1da7704061c28e95cbb25ad14745b1d086c9a49492119d0f97653a0b817823bc69
- SSDEEP
  
  384:hIDtFoY0u0ZAITlMRFG1yu9RwJUcQ8bo6CdXtK+c3YcnI+PjnN3H6Sg4dcRID9Dh:VW6RwJrQNdbc9N1aBDzTG7e2ZLlx/
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  monaco/vs/editor/editor.main.nls.js
- Size
  
  31KB
- MD5
  
  74dd2381ddbb5af80ce28aefed3068fc
- SHA1
  
  0996dc91842ab20387e08a46f3807a3f77958902
- SHA256
  
  fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48
- SHA512
  
  8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e
- SSDEEP
  
  384:h03CdtOurX25WyV1Vdf40CJjocZC6F7PKUvRjAaswHq9x3H6Sg4NFVlQlUDZpLjb:23mmysb1zVes3pxCSgwgwjhb
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  monaco/vs/editor/editor.main.nls.ko.js
- Size
  
  36KB
- MD5
  
  9ccf83d22e9a9bfafa2000f366ac47e6
- SHA1
  
  be61e121af1a363aa66d875f46e78562a603566e
- SHA256
  
  100ca482c015571ed9aad97c2dcc5e266b270a650ce892507443b5d4f32df64f
- SHA512
  
  3d68816994abff5c528610733cc729e91d390422c2ee2259dcef3cc4db9a599c1f3800f412259fe2f9a700bf2847b942a253986c011c659868bc9edaae6c2f16
- SSDEEP
  
  384:hS67TmO5oU1Yh4XK8ApE6/z2dHDNV1KiAaA+17tDDN3H6Sg4s/zKz8G3uyroDXYd:rmO5oGXrmi1zDB12zKzuyroKcNVk
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  monaco/vs/editor/editor.main.nls.ru.js
- Size
  
  56KB
- MD5
  
  fd1aa66906d2b3c0c9b734b17f04d73b
- SHA1
  
  299145469d5d5397a42274ccc908c865ebc46cfa
- SHA256
  
  fa180f7b77ee252aefe73ba5993fbe7c89f43482358d7fd32e8e2f50b3b21bed
- SHA512
  
  235c2ea1806c13dc0b85f06b5c9f2f811bd145968e2a0ad47c3fa1e063d408efc034dca7baf0b91942cc34e995d1274692c5556c2fb875dbb1054157da9c0132
- SSDEEP
  
  768:CXH0AKgvFBBK1ED81Z0LVdcan9oUxPr1TPgFuEFYPm/XftWZc:CXHXNtBBK1SLVdcan9oWPgFuEFYPm/d
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32