97d7996c657dac39497001683776ea390ba3f3f70f31da017547bbd4590701d7

Sharing

Copy URL

Twitter E-mail

General

Target

acf7fs.7z
Size

7.2MB
Sample

240808-j4b6eavend
MD5

3d82083f0584cfdf9636cd9dbffa3b50
SHA1

dcc5cb5ab5a52f8216bcec2c6ad8e9d08a712724
SHA256

97d7996c657dac39497001683776ea390ba3f3f70f31da017547bbd4590701d7
SHA512

37a2e19f6350fb0bc2c52abdfbdf01c4914f7a1d09a041d50715e109fc4c39b3c68f92ddb0e797939810935d1ec1faffa9cf663e365ef9cc78d90c72308fc895
SSDEEP

196608:ROmEQvI1Ca9aAOEVwOZZQYHRhEA9fdpDW9:ROlQvdAAnwbj5dp6

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  acf7fs.7z
- Size
  
  7.2MB
- MD5
  
  3d82083f0584cfdf9636cd9dbffa3b50
- SHA1
  
  dcc5cb5ab5a52f8216bcec2c6ad8e9d08a712724
- SHA256
  
  97d7996c657dac39497001683776ea390ba3f3f70f31da017547bbd4590701d7
- SHA512
  
  37a2e19f6350fb0bc2c52abdfbdf01c4914f7a1d09a041d50715e109fc4c39b3c68f92ddb0e797939810935d1ec1faffa9cf663e365ef9cc78d90c72308fc895
- SSDEEP
  
  196608:ROmEQvI1Ca9aAOEVwOZZQYHRhEA9fdpDW9:ROlQvdAAnwbj5dp6
Score

3^/10
behavioral1
- Target
  
  Release/BetterFolderBrowser.dll
- Size
  
  12KB
- MD5
  
  fff67e7d52b58a11d456a1d5cd2ba294
- SHA1
  
  6dea84a0a060c39c93b1e3f404270c039d3dbfdd
- SHA256
  
  5334c9c4eb567a89e4644df868d7fb6e242a3ea422b2ce9283843970ec756372
- SHA512
  
  fc8cc5fbc624559e03e70c48bd4e6e4595b1784fdf2c258b33ddb3410bdd93dcf26f3b5db4e4d0d8f133e8df93fe95ab93a703efa92a0a4133f57f48ebd6ea74
- SSDEEP
  
  192:2ZPVABalnP/VYkWdcHIp3RgzK/RGLHdnKuWGIBC0p++kVX805N9:2ABk1W4Ip3ez4RoF2+bR805N9
Score

1^/10
behavioral2
- Target
  
  Release/CeleryApp.exe
- Size
  
  8.8MB
- MD5
  
  74c366b46a85acac6c83e9671e64dda7
- SHA1
  
  dc9a7b4cc7511b701401aa86e0106d3495e3a0fe
- SHA256
  
  6a25cc6c05e54ca56e8b51d2b2bd8b9a17a96ecb1d1f6d4442d36378dc809ed1
- SHA512
  
  e0df64a74c3c9e1c36f5957d346d961cc92741b1803e05d41454dde4371a0e9420f9e79163bed9fe2d8b588b9da6f2faaa08003ca50be37a6425a8320acd15cb
- SSDEEP
  
  98304:wEgLIRfyC7egWJ3iJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUs7:wEguhegD4fJOWs9XNBZ16M2cuU
Score

1^/10
behavioral3
- Target
  
  Release/CeleryIn.bin
- Size
  
  44KB
- MD5
  
  2682352886b9de7763dd637ff940ef97
- SHA1
  
  6df1516ed9f1084bd0e7b217996353afa3babb98
- SHA256
  
  eab4356a735f604b31f493f2c9f0f98448ebc2671825e348145609fed6e927e4
- SHA512
  
  0799a9d1126b444992638bb16e62726d7d49753d74845114f0076fb5d1e7159c83d0f7e62a1a80a9b034a59529ef73b0fd7acfdccc754cc9c3cfd1984ae4ec3c
- SSDEEP
  
  384:rVdzew6q0MEe7Tc8cZO1D9WDPAULcRUSoTYVJa51xoVMmA2QdwB5bh1r:5YiXFcZkRcZJTYVJanUNA2jj
Score

1^/10
behavioral4
- Target
  
  Release/CeleryInject.exe
- Size
  
  5.0MB
- MD5
  
  a219324612da6da115423f2118ed7d60
- SHA1
  
  e25653239651637604e1b6e65fdd719aee2917ec
- SHA256
  
  b3f9cdae756e9cf1f5b8a823648395ed68d82c6a62d606fd0c6eb9a0be10d51f
- SHA512
  
  9958ca39f43c7754e6a5586e5cb1a40963a4ec9db898051c327198c31708beb067944d1581355f2bb04e69de62e69de8a6a708213d60d571f74c112b3d489187
- SSDEEP
  
  49152:HBAPhbBL8IjBDC0J0S27DGjyclWb53PppOPxjfsRdn6dnndn+dnT0Uf:HnIRZJ
Score

1^/10
behavioral5
- Target
  
  Release/Costura.dll
- Size
  
  4KB
- MD5
  
  501981c7fc457d59238eb99780efb615
- SHA1
  
  f1f25c01f6acf33bdd62c4f82d3ef078e76f0906
- SHA256
  
  41bb464ac7c0d192641077e44a59d7d89860c3c620a59961f2fc4a4be47deae3
- SHA512
  
  5921d0662add6c8aa075106878cc56335ccbf059d8bc7f359fe9e02a52ec657c3e5df1c718929564c09f205e4bd299b086f3e7424141f5e55ed0d756f65ee1e8
- SSDEEP
  
  48:6F+lni2qJfjVRPGwzCo4MhTN0KDdilETrVsH4/QWk1qyFVT2IbG:7g7KedGEiYIWM2
Score

1^/10
behavioral6
- Target
  
  Release/Dragablz.dll
- Size
  
  233KB
- MD5
  
  5a9583a7bed76b2e94091f9b74716f68
- SHA1
  
  60552dc4ed629b32a7c0e7b31406a21829bdc38e
- SHA256
  
  6c5724efe19f5945143626a8270c9c3a188d4886eeaca083c57c742a985c7338
- SHA512
  
  8ab70fd60a27a80e43a270a401e8772833ad0a11ade1ea13483b37b1a02dbb70679bbe200fceca632ee1ba8df66a95a51a2fe65671eb3ae596682d3e1ee1c0d5
- SSDEEP
  
  6144:fTuK/5J3BPYcKHJv8ahfgfkMMafGfCfDf2fE:fKKhP+Dhfgf7fGfCfDf2f
Score

1^/10
behavioral7
- Target
  
  Release/MaterialDesignColors.dll
- Size
  
  295KB
- MD5
  
  d2207fccbdd6caa91c43776559ce401f
- SHA1
  
  4f78f282a238b21ad1f995f154d624865d08a38a
- SHA256
  
  1966082c8efa5ecddac7fd8b3e3b86a63599602d18bdff17e7c366d49603aaf0
- SHA512
  
  d4984e3a6d82e7ebe11c2f7ea07092e60ef1396849921c6c0a463dd9b38836c5f6799e79f932bddc62b89d7a9896b5e5ba931c3c8cbfedff51076a41796a8c0e
- SSDEEP
  
  1536:1r1In+fq1fDfDemxD0EsXpGX0EOAyzU7fKoVxbzQXT:B1WB1PerAjOAL7fKoVxb2T
Score

1^/10
behavioral8
- Target
  
  Release/MaterialDesignExtensions.dll
- Size
  
  349KB
- MD5
  
  6da7ae89f1eac96f143dc5200031d8b8
- SHA1
  
  d9dc3936bc9a288a727cb2295c3d05899adcc9c8
- SHA256
  
  c5b93560fa74b9a05959aae5116da59495d36782d2e17e45f0efcc06ad36ed6a
- SHA512
  
  3929f7092a5acb5ae3333e7e0a9ac2a403b78c8c8ad35a17ece25e6688a61a0f7e4b701691b02ad2941c6e15d2262c6f8ae76413af93dc92aa422e1738147e94
- SSDEEP
  
  6144:OM2EyV6zxDNFOzaFkpXeRk7ecDfE0MHOZB0zSvo1UvEGK262:nGVcxHOzxpuRk7emfE0MHOZB0zSvo1UJ
Score

1^/10
behavioral9
- Target
  
  Release/Microsoft.Web.WebView2.Core.dll
- Size
  
  445KB
- MD5
  
  c4b4a5f4f28d47239eb4e37cb3cc8046
- SHA1
  
  ed86941cf065f91758d536d8e13cc2542cc38922
- SHA256
  
  c2441011ec290b3408391f32072379f677ab3fa4507c4304167cd82fad6593c1
- SHA512
  
  440ee33d5a830d9c59d96367f2a43d4a4113f6fe0924a691e682a2e9251a8615e52177dcb9af225dba538a8a3893ac85be79e9c1aa687034e3da6c95191dc645
- SSDEEP
  
  12288:EB7Md7DkbrB3kPo+iKvRFNLe1+imQ9pRFZNIEJdIElxPrEIvLcglxMwCepM1STUH:EeFP7
Score

1^/10
behavioral10
- Target
  
  Release/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  e6f424ee6036ee7d58283780b705be8c
- SHA1
  
  c17fc397711fb2e0c400007620c76e70c956dd9c
- SHA256
  
  c9eeff2dd13109f41447a92763d31aaa07369c58a570c18bbb851824a77da98a
- SHA512
  
  1d255265115a4a2238a21e3ade35101babcbf9d5de58521365666b9564681119c4b7f20ed6a6c16fb6120ab19106fa40f25421da938b7fee7b8a5e7758f2c22f
- SSDEEP
  
  768:ejIHFTA42CL9tcZDgcEST3p4Jjrjh2jJFSgyauYv1JKia5/Zi/WGQKVu6bL7RSOX:AIS3C5tcZDgcEST3p4JjrjaJFSgyau0H
Score

1^/10
behavioral11
- Target
  
  Release/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  43KB
- MD5
  
  0241e0a42b292e0c9b585470c613ec78
- SHA1
  
  74e4ab7e37bff177a394617923baddfcf087c0e1
- SHA256
  
  15bcd610a80632ef59d911a8447b11127cdeafbf147c844f1b740735efdf338a
- SHA512
  
  bd083301c6f93a1852c76686797919787f439c65ea11d430701257fa4d3791a4eff892b6ceea1c534d832bfbc0b0ecca3f671e3a9c50f34089f919e3756882f0
- SSDEEP
  
  768:k2TI5VoCjJ4Jd7U2zkQ+Z8cDP/ryEH0yBy4JjrD1h2jVh3URGvkz7FKKa5/Bi/xm:VE5tjJ4Y2zf+Z8cDP/ryEH0yBy4JjrDC
Score

1^/10
behavioral12
- Target
  
  Release/Microsoft.Xaml.Behaviors.dll
- Size
  
  141KB
- MD5
  
  ec5a1abee150abe698689211b07cd1ec
- SHA1
  
  affc3cb47da8fe76986d271cdc3e7ea345cc04e5
- SHA256
  
  b864da9d88414877cea9b1a016146265a5fb9d0e12f4dbb1dccc0cc998119a54
- SHA512
  
  a2b55b4ffc3f11546ed8d3457e98b986c089e25229bd687da35d45d63e4860722e8b13826d3a3daa1be843cf3a4ae3da4cf9b6fdcb5d1a4948648537e683789f
- SSDEEP
  
  3072:UAyazS96IT0O6gAf+LwCMe1u051dXcr9/soMEs5r/j9:tyhYIT0O65cwCMyE
Score

1^/10
behavioral13
- Target
  
  Release/System.Diagnostics.DiagnosticSource.dll
- Size
  
  34KB
- MD5
  
  8d9df432109f1cfdd86723b5f171e3d7
- SHA1
  
  85dc92edd4b0049ed9049e075c4def8a3d64e43b
- SHA256
  
  d22133818a30313e0becf010d78a556a56b34ea361dbd33588c9817631fed540
- SHA512
  
  5c83303934eecfa61c43a071d29c98e5804d37a5dc7f7b035772d6a168b0c5e65dfabef20b46214e65493c4bda44831cafee83615498fbe9e718c884f4650edf
- SSDEEP
  
  384:iQobG82oiaPaf/gn5LQ0+0zdQUv2CtyW8fiFISWbW9pWJbWivT1Nq0GftpBjAvnC:nA299fI5dxzL2CC11vimvnEBBNFT
Score

1^/10
behavioral14
- Target
  
  Release/bin/Monaco/index.html
- Size
  
  13KB
- MD5
  
  8132342ce4b039603cbb3b1a32ab859b
- SHA1
  
  66c46050a6e5b08758c00455ae26a6c66e94ce4c
- SHA256
  
  3818906ed429acd27aabad7ec8771893d60658ea31b8d0c92418b96de8ee94e6
- SHA512
  
  44d93118187e703af1fc1627de7e97c39072e666c9086b1b4c00a7eadce1913c84dc97e8f80e2b514154ef66b23baddbfd71a2faa250735ddf4d2bc12709cef4
- SSDEEP
  
  192:oL3bXRggAbYm/9mv2Oxr09VpDwFgBsK7u24FzTkcmc/VT+9taAc4dReigXN:2RggAbYmbD9V9wFgBs+SFN
Score

3^/10

discovery
behavioral15
- Target
  
  Release/bin/Monaco/vs/base/worker/workerMain.js
- Size
  
  174KB
- MD5
  
  9ce9e46b6d66d8b2dbcabba577cad2ed
- SHA1
  
  397b0e9e7b2bee37a8444e84bb9788a0bdcb023e
- SHA256
  
  19b566655d73370a820a7d6fffe7af03dba3af4997016c0983be5bd188603ec2
- SHA512
  
  f322ea669fa81397066edef062721ae3dd515b3d61c4ad7bef0db0eb3a53f056da298fd4f761bd3e5d613e6f5803a7c35ed056085ac3b97e06c7bfd47fffad49
- SSDEEP
  
  1536:mi5eQeCEwCP1m9JXKmA1xKzyOQJf9X2K7eM9bWXsUK5QSkSoIMQwr+ZjtQYyeTMO:mHTdkKmA1yyOQJl2K7ns6dZ/RVaNzY
Score

3^/10

execution
behavioral16
- Target
  
  Release/bin/Monaco/vs/basic-languages/lua/autocompletes.js
- Size
  
  2KB
- MD5
  
  eb6fde8de905af68c855a2506c8a8204
- SHA1
  
  32b172578f398151be79f78bdeb15eeff4a83020
- SHA256
  
  1fbe4337327ef99c9caba74678cfff28652606fd667dbca34f12e809738010d9
- SHA512
  
  6e95ecdfbabf20c2e717006ea00fa92d79e577cf262460cef7f3db7bb4fa87585bed99b6a1bd1d865c5e5184044b0244aa0823580c9444b1f2ff013057f54235
Score

3^/10

execution
behavioral17
- Target
  
  Release/bin/Monaco/vs/basic-languages/lua/lua.js
- Size
  
  24KB
- MD5
  
  51d8500a9a01ee3e066e3ca3f15a251a
- SHA1
  
  cdec3a155480275a4d1781acf509ea800fbb2477
- SHA256
  
  e5a18ba57542748e7ad026cffad053bb6dfdbc2bf0304db823ceadf20008c431
- SHA512
  
  0a421cb5c2f4f2adc68b091ab9a67191b7e6cb19b12a1499d5ca7f493fc118a2ff68d66c0bac92667ae482ba188265314be14cf13bc94e21e4362b62060d7363
- SSDEEP
  
  768:FXkAlD94XFDOvvEEMhOIb5EMhtnUEW1rEmAAtWUnWTEOIiY6Unw5t9JTC:dkuD94VDOvvEEMhOIb5EMhtnUEW1rEmV
Score

3^/10

execution
behavioral18
- Target
  
  Release/bin/Monaco/vs/basic-languages/monaco.contribution.js
- Size
  
  28KB
- MD5
  
  3161b5db765e3bb316c23a5e32871f82
- SHA1
  
  a96b95d4c63186d7243fd4e32ed4566a613afd4a
- SHA256
  
  42e79ec54895ee725c4f793b79fc5ca3c997a0193645060233277e524a7a34a4
- SHA512
  
  ae9d181d2908261376f6afd2282e134bc38fc2f5a896337bc41fd7f06460c74b67b66b726dc39d53f743a7e8c99fc4c8911c1e9902f8db4bcb9dfd85ab9072a4
- SSDEEP
  
  192:hhrM409fKYTxXTUTSTBjTYT9NlTOTgTQTCT/TUTjTNTbTnTxTTT7YAHTwTbTFsTw:hynJYA41wpuzVniHQ
Score

3^/10

execution
behavioral19
- Target
  
  Release/bin/Monaco/vs/editor/editor.main.js
- Size
  
  2.4MB
- MD5
  
  d9723831dc0cce5974cb423729e38e5c
- SHA1
  
  a8298c1064526017bf0121795051323dc9ce322f
- SHA256
  
  f9ffe3e01f9bf58ab25b37da98eaf5e80f6e37f9347e663bf249d3a6190a28ca
- SHA512
  
  0e8b6ed339bb44068ca3dede1699d827717382e3c4782e5f53ec941c4986410f0b858bceb643c898e6392ab639649266fb27f5d1ded0bd0d3401d2749aacddf6
- SSDEEP
  
  49152:F5T6aBj6hpnDeB0eXoBB1f5dd5LeZhtic2LLsz+nK9zTGcqS9o7KpSXxKVqeY0XJ:MsF
Score

3^/10

execution
behavioral20
- Target
  
  Release/bin/Monaco/vs/loader.js
- Size
  
  31KB
- MD5
  
  1f4fb062c471465ac8a71e7c7de863bf
- SHA1
  
  2882b45fb948339c82c9f672ca38a063bd98b930
- SHA256
  
  d423befdd508b4540874b3dee8fd559fb7a0e56a29d7ca774eaed0df784bc2f1
- SHA512
  
  5913c5a0ec50021c93910bdbb65338256dea4339866c010f328c819d29c415056943f0875f9ff0b120924ba9ed4af91d7d23d0b0aeb5cec0638823463a3b007f
- SSDEEP
  
  768:MFvC2l3lndKLa2wE7n0UvEUwtBSOjIiOGagWDrKdF6eCGiVajW4g83:Kz3lnGbF5KBn
Score

3^/10

execution
behavioral21
- Target
  
  Release/runtimes/win-x64/native/WebView2Loader.dll
- Size
  
  156KB
- MD5
  
  b1cc3d7d194abc6908801cd0334a6c70
- SHA1
  
  5f3c72eafab090095a08f17f026415cbfefa8349
- SHA256
  
  1b23ff90ac64223bcb21b14a107079c7bb4ad0697ed841a0c0485c7d0fe0a175
- SHA512
  
  ed351fe2efe92df52ba79f4239297ea20f8f4a061c413d81f35b29bc8b5db95500c4f5a631439a0abc1d5753b616297fa69aa04ee96f807f78cc0c3f69d9c85d
- SSDEEP
  
  3072:qKLKQDEW3JHtcGNd/SzCzkYLSq9hX4qSd/8SALTUYrEtnWldxP2HK:NTBt9Nd/9d18qSGEtmx
Score

1^/10
behavioral22
- Target
  
  Release/runtimes/win-x86/native/WebView2Loader.dll
- Size
  
  112KB
- MD5
  
  d0b3cc3feef9a483b63d180ccdc1992a
- SHA1
  
  812388ee2b1bca8946203979c3f4c427aef22c1f
- SHA256
  
  fc14dc275026daba48c4014a0de0f4e228043fa899c9ae0308f6ea2c239af1f1
- SHA512
  
  2185b810fd90d812035543efbadd684c12f835e7dcfb949324daa5954950674aea621280a8f408e17deae8f01b2c19b6dce64238f2843e30a1dfcb8e449a980a
- SSDEEP
  
  3072:nsaDUh9T2dO9O3ed9zJ11Xx3QKHwsTPOEt+AlL0F3Hd:nsp9T2dO4o91MEt7h839
Score

3^/10

discovery
behavioral23

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23