3606322c109e7f63d25a843ca2a5babe75d93da6692371854d0e4dab5c1e09d9 | Triage

Resubmissions

08-08-2024 18:00

240808-wljhzswhnm 3

Sharing

General

Target

Flare X Version 1.1.zip
Size

301.0MB
Sample

240808-wljhzswhnm
MD5

18bddd2a0a142f05564290d6a4d98e91
SHA1

cc3b7c6e8501521e24996e22fcbcf74fdeabeb08
SHA256

3606322c109e7f63d25a843ca2a5babe75d93da6692371854d0e4dab5c1e09d9
SHA512

451e29da170b28a59a2aced73efa66ce93dfab924fbe3e26e632cc20a07a1c102d806bf70a82a04c7702b6f866fbaef7fd7bc0b5dbc8d592d3ed3952efd7f4f1
SSDEEP

6291456:NbnX6gW3yxsfDnTQRoMIWXA9UXryocQXoq7Aqevcc2:N76gW3pDnTQRo/cAurKWev52

Score

3^/10

discovery execution linux

Malware Config

Targets

- Target
  
  Flare X Version 1.1.zip
- Size
  
  301.0MB
- MD5
  
  18bddd2a0a142f05564290d6a4d98e91
- SHA1
  
  cc3b7c6e8501521e24996e22fcbcf74fdeabeb08
- SHA256
  
  3606322c109e7f63d25a843ca2a5babe75d93da6692371854d0e4dab5c1e09d9
- SHA512
  
  451e29da170b28a59a2aced73efa66ce93dfab924fbe3e26e632cc20a07a1c102d806bf70a82a04c7702b6f866fbaef7fd7bc0b5dbc8d592d3ed3952efd7f4f1
- SSDEEP
  
  6291456:NbnX6gW3yxsfDnTQRoMIWXA9UXryocQXoq7Aqevcc2:N76gW3pDnTQRo/cAurKWev52
Score

1^/10
behavioral1 behavioral2
- Target
  
  Flare X Version 1.1/Microsoft.Web.WebView2.Core.dll
- Size
  
  557KB
- MD5
  
  b037ca44fd19b8eedb6d5b9de3e48469
- SHA1
  
  1f328389c62cf673b3de97e1869c139d2543494e
- SHA256
  
  11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197
- SHA512
  
  fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b
- SSDEEP
  
  12288:6CxswUBor35JrpQ322zy+uFKcDoRFNCMmeA+imQ269pRFZNIEJdIEY0lxEIPrEIE:6Cbmv
Score

1^/10
behavioral3 behavioral4
- Target
  
  Flare X Version 1.1/WebView2Loader.dll
- Size
  
  161KB
- MD5
  
  c5f0c46e91f354c58ecec864614157d7
- SHA1
  
  cb6f85c0b716b4fc3810deb3eb9053beb07e803c
- SHA256
  
  465a7ddfb3a0da4c3965daf2ad6ac7548513f42329b58aebc337311c10ea0a6f
- SHA512
  
  287756078aa08130907bd8601b957e9e006cef9f5c6765df25cfaa64ddd0fff7d92ffa11f10a00a4028687f3220efda8c64008dbcf205bedae5da296e3896e91
- SSDEEP
  
  3072:7evoTTlTRTyiuPThTNTKm81SbbMYSPLNsknZiZ2HZ5AaliiT88FEtJ57dXSvlCW:HTlTRTyiuPThTNTKmFQdhsknZiMHfEti
Score

1^/10
behavioral5
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/.git/hooks/pre-applypatch.sample
- Size
  
  424B
- MD5
  
  054f9ffb8bfe04a599751cc757226dda
- SHA1
  
  f208287c1a92525de9f5462e905a9d31de1e2d75
- SHA256
  
  e15c5b469ea3e0a695bea6f2c82bcf8e62821074939ddd85b77e0007ff165475
- SHA512
  
  cb78aa7e9b9c146e5db65d86dd83f04e2b6942a06fab50c704a0fd900683f3b6ad1164e74afe2f267f6da91cdff0b9ab07713e12cefc6f8d741b5df194f4fda6
Score

1^/10
behavioral6 behavioral7 behavioral8 behavioral9
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/.git/hooks/pre-rebase.sample
- Size
  
  4KB
- MD5
  
  56e45f2bcbc8226d2b4200f7c46371bf
- SHA1
  
  288efdc0027db4cfd8b7c47c4aeddba09b6ded12
- SHA256
  
  4febce867790052338076f4e66cc47efb14879d18097d1d61c8261859eaaa7b3
- SHA512
  
  00d21d5d72386c3d9b5a1c36ba85201f730556a8295d4353af54af7892ab81010d42aff209ec1fda61c54e4dda3737cea5fda64f09d40ce5004ae28239565025
- SSDEEP
  
  96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
Score

1^/10
behavioral10 behavioral11 behavioral12 behavioral13
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/ace.html
- Size
  
  3KB
- MD5
  
  9082d5805f51212f8628ea0849193818
- SHA1
  
  e6a21171b4e61003ee733651deddcefb030058dc
- SHA256
  
  97ddcca21e29acb7f39130e1ea0e31627282ae135f44a00ed3bdbaca69430ee9
- SHA512
  
  be21ad0d17b3c8d97ff9e9bbbe073bad3d56c25101b5f27346681a441e654c7d2fa340e7fa8dc4724e418683d944448dcf515a31a0843365954558a8d12fd1bf
Score

3^/10

discovery
behavioral14 behavioral15
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/base/worker/workerMain.js
- Size
  
  537KB
- MD5
  
  6dcbb695dfdfff091a88c7c5d7abaf06
- SHA1
  
  9c8fc639955005c5f4f871dac88d535f3f8a16c1
- SHA256
  
  90445461e39687ceb89adcc0cc24a507d05757a82d2d922e326a2062b6f6a8fc
- SHA512
  
  14e719ff411846e214a210c0bb95dc1b0a25ed9c309e572c7c0cb2786165e299b34a9724def728d6d795e61f6f59db30e6dc98ccce21b5c8df69734e138ed422
- SSDEEP
  
  6144:wRIlnOy7KlzfH0+RqlT3+RRl/U+RqlCb+R6lp2NHEyaNyT34OfTkVDhuYG2:Rlgl7b2NHEyaNyTG7
Score

3^/10

execution
behavioral16 behavioral17
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/abap/abap.js
- Size
  
  23KB
- MD5
  
  50f649f3e45a1f5c7f71f409bd5fb8a1
- SHA1
  
  1cce5441dee1f76bf158fbc0462c8e13e6b0ce54
- SHA256
  
  c7bc6470bfb0d82dbc422ca008dfb8b25fb02c8216cc3ee91e9e3971764efb2b
- SHA512
  
  0a74cd41751261daccf256af483197a844085c335c77076225801db48d580da92e295435057dfa4050ad84d1e6937779bf3849b3dbc5564159d4a7d35d5ef9b3
- SSDEEP
  
  384:rg0l1E3cOjsKpYDsv2JgYHb4AxJYmF7piUIFTyyxlcQMnOsjY:rgetOjs8M9gYHMANeJg6l0Y
Score

3^/10

execution
behavioral18 behavioral19
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/apex/apex.js
- Size
  
  9KB
- MD5
  
  96d8e2d7e01af1bf87b50e397ef14e1d
- SHA1
  
  c58411cd9d819eca280d7aac743afb8c48941345
- SHA256
  
  12a9de1bd5188e228d1b225b93bc1de7545aa3eeb5df2942d1b30de8b4102279
- SHA512
  
  6c9920794f054f2a4c388dd22b0ffce9440fb04ea49b43b86d1bb9e7ed519255c2735a6fcd5be6e7835e5cbea99e7f44f67bf14ef540ba958d5193b76af1b1dc
- SSDEEP
  
  96:HDGkOt8DdWFF80lbEjNVhEB9ogBUqjoI0cai81ISgI/3kl0OsMCkwnI6NkPN8jhY:rOScFTbEjNVhEB9ogGTvcai81IIeZsw
Score

3^/10

execution
behavioral20 behavioral21
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/azcli/azcli.js
- Size
  
  2KB
- MD5
  
  42a923c820d332ddff89a68c376d4657
- SHA1
  
  23ea23fa0dd03085bb92aa095bbc62d9df8a8722
- SHA256
  
  09f4dd1e73f6ba879f28fb7e07930279ab4c5a295483799c53c6417fae7b8d32
- SHA512
  
  253b80f3ee5a929f865f53ac237f673a3d505ce14cd80eb7f78e25c86a6dba58c4f87842fe2482932cac50ef4eb45733435da310f1cafcd863d15159f5fcdceb
Score

3^/10

execution
behavioral22 behavioral23
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/bat/bat.js
- Size
  
  4KB
- MD5
  
  c0ea60d00820705cac4d2857da94e7f8
- SHA1
  
  b84fdfc23fb97f37e9134089aac916392a943635
- SHA256
  
  794ce7c333161e68fff0c6a4a1bc7cdc678073147dc48e1a49aa5313483fc4ab
- SHA512
  
  b5e2330432aba944abec1dd0450169d8c1060e42b52efb2c4aaab5750d1d7ed691d6524cd9c3249dd14de8bdc039acc08c3e969b06784c9f3236b72cfa79b24f
- SSDEEP
  
  96:HDGk28EmF+z+lDHm3vPP3jq8tHEDwrORJC3MB/mMw:rZEm3DG3rBGZW
Score

3^/10

execution
behavioral24 behavioral25
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/cameligo/cameligo.js
- Size
  
  5KB
- MD5
  
  c6716edf2144eeca4ea7830baa11ba15
- SHA1
  
  b7c99a58b05afdc387621c30f7c693e304131b78
- SHA256
  
  fd96854fe7970a6e9839396e8daaed9412cdc531e36baf2dfbaa2f6b61937b22
- SHA512
  
  9c2c181cb9b46dc0121ad1ab647471dea5f4461c97d4c500cabf4e6cdff2e4fbf2a480e725955c02a351886cbff923bd97dac22a1a4de4d89901d15e77b75884
- SSDEEP
  
  96:HDGku8EiuNOcSuKjSap12fi/4OkwnI6N7eHCi:rhEiuSuhV8Is7i
Score

3^/10

execution
behavioral26 behavioral27
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/clojure/clojure.js
- Size
  
  20KB
- MD5
  
  672e3b1b27b133f9bf523fed06b174d7
- SHA1
  
  2544e09064a4b5efb8577b3d059293e8487b3160
- SHA256
  
  cdc784ca79feaede6b98aafb4a9b09bc519261b44e0d58597d47ae1bd9b514f3
- SHA512
  
  2afb794f3b3c22d7993bcafddd57360d865554c7f2a112745542924b401e29ea9908cfcf3e7e0cc93b44644a6692cb39a6e9e01dde7e10c4f4db0576e16aa76a
- SSDEEP
  
  384:rqsXVeI2xzyOz3WNE4mWmh6WgcV8K8beAb:rqoeI2xzyEomzg4O
Score

3^/10

execution
behavioral28 behavioral29
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/coffee/coffee.js
- Size
  
  8KB
- MD5
  
  778339eb31afb7882486697d98c53b3a
- SHA1
  
  94cd80e7ccbc14d86e2514f6736c376c145120ca
- SHA256
  
  dcdd9bf38160bbaf18d8f2a976d04bb17ba143a4924058466b82dda2c1be3bcd
- SHA512
  
  a0d65efe6ec6ec9053550c56a55d9f34713dd7e62856ca2a381162c573ebd5a6b36d859c5893734be7cb8a5b4019034b91da7f8bf72b01fc3e2d5adf32d05ccf
- SSDEEP
  
  96:HDGk08NBI0D/F8R5HFK3JPElZGHf4VTi8jQ5CQFvmieiadR0cRvv0e3v0mB9ME/Y:r/V/A5lIPmggVO8jQ5CQFvmieRRvHs
Score

3^/10

execution
behavioral30 behavioral31
- Target
  
  Flare X Version 1.1/bin/DebugMonaco/package/dev/vs/basic-languages/cpp/cpp.js
- Size
  
  12KB
- MD5
  
  4267c07dc0ea63d7ebea810584cd60fc
- SHA1
  
  6583cf1b42a9cd826f4785de661b35f49e8c0e3c
- SHA256
  
  7c0cf17651cf97b42714a99c06354822f98c676ea6f929bc25fa038e53a1fb48
- SHA512
  
  38b2cce9bd4d9485c9f0d4d2f2b54867ad0f4f5cd1ac4ab31b75f7be89a380864baebab8ba5ebf5d95f06d727b45cdd532c3527303f116cb745b20124e6ca845
- SSDEEP
  
  96:HDGkK8EFFBRSsIvp2qwdDAi9DYuOUphQbMgI/3klnnZHXkwnI6NvRwk8i8vLRsfC:r9EFJvIcqyDAiSuOUpK/IGasn0b
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32