Overview

overview

3

Static

static

3

TicketMast...ta.dll

windows7-x64

1

TicketMast...ta.dll

windows10-2004-x64

1

TicketMast...ns.dll

windows7-x64

1

TicketMast...ns.dll

windows10-2004-x64

1

TicketMast...ws.dll

windows7-x64

1

TicketMast...ws.dll

windows10-2004-x64

1

TicketMast...er.dll

windows7-x64

1

TicketMast...er.dll

windows10-2004-x64

1

TicketMast...eb.dll

windows7-x64

1

TicketMast...eb.dll

windows10-2004-x64

1

TicketMast...on.dll

windows7-x64

1

TicketMast...on.dll

windows10-2004-x64

1

TicketMast...ls.dll

windows7-x64

1

TicketMast...ls.dll

windows10-2004-x64

1

TicketMast...st.dll

windows7-x64

1

TicketMast...st.dll

windows10-2004-x64

1

TicketMast...tp.dll

windows7-x64

1

TicketMast...tp.dll

windows10-2004-x64

1

TicketMast...ns.dll

windows7-x64

1

TicketMast...ns.dll

windows10-2004-x64

1

TicketMast...er.exe

windows7-x64

1

TicketMast...er.exe

windows10-2004-x64

1

TicketMast...er.exe

windows7-x64

1

TicketMast...er.exe

windows10-2004-x64

1

TicketMast...ng.dll

windows7-x64

3

TicketMast...ng.dll

windows10-2004-x64

3

TicketMast...nt.dll

windows7-x64

3

TicketMast...nt.dll

windows10-2004-x64

3

TicketMast...nt.dll

windows7-x64

3

TicketMast...nt.dll

windows10-2004-x64

3

TicketMast...ws.dll

windows7-x64

3

TicketMast...ws.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TicketMaster.zip

  • Size

    69.1MB

  • Sample

    240810-m1gs9szhjf

  • MD5

    1d95b6e75599bf5a4f03b8c0675fb557

  • SHA1

    66cd41056eb5732e7ece1c72f12e693c164f9afa

  • SHA256

    b593bec63378bf4ac6e5e8f5f673b6d21de5bc9470cb4a51f1717b0efb0d6386

  • SHA512

    ba237d147b6f0b5305a6319cb876390370260647364231ec8af49aa4a3b544cbf7abea33a0959df2adb56aa9c80ac8c2c9203106bf46575515a9346dcc0b3e07

  • SSDEEP

    786432:C9retd3IVT5V/1Cu4xl2YP1CNMGs3+7fWe+kKVj2PTH2tretd3IVT5V/1Cu4xl2h:CadSWhdO+DdJ/

Score
3/10
discovery

Malware Config

Targets

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Security.Cryptography.ProtectedData.dll

    • Size

      22KB

    • MD5

      923199956dea39699fb0c64bf1387579

    • SHA1

      b5453dc90dd870e34e8dfe5c8b5366b7473f7c31

    • SHA256

      66fe478368c8ab39323504dc8be38350bc8b87b23434e7a5d07628e6dfdf0c7d

    • SHA512

      f45f2b42918e625244d31db2a6c21374bf3f0a0545c2c5a0d761180e40843b89ce629cd20f241e8cd2e36cc65f1068bb5ae89c51318aaf6c5f2d120e2b7c1870

    • SSDEEP

      384:vFQc54NEStUsxpHWAb6jDWY/uPHRN7fyihT3s9l8QAs:2c54e4QvMfyiZmAs

    Score
    1/10
    behavioral1behavioral2

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Security.Permissions.dll

    • Size

      101KB

    • MD5

      890014b27bf0be7849c5c29de32dcbe7

    • SHA1

      e4d4b83d0eada7c7dacb722faf0b9566691f5736

    • SHA256

      62e3eccf98766b81edcb0f4be10148ac3833cedb10321933bca9e195627b2377

    • SHA512

      43e695e202c1161d307139c35273c7ec2d9198ee728fedcefdf42ddc81417047f98c27b64cb883181d17de988153745d671f1a2193f20641b7bc9796c5651f75

    • SSDEEP

      1536:gxv9Tm76gWalvpWVJZI8qxVDoxBqWEixb/3AMPf:2a7LZpWZeMxBqW13AE

    Score
    1/10
    behavioral3behavioral4

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Security.Principal.Windows.dll

    • Size

      36KB

    • MD5

      a1f634780387ab0b5219a8741366f4a2

    • SHA1

      0cf42e1bd78443ae1d6c16223a7ff463c5105d21

    • SHA256

      7828dfd952a9fd49404477baff714849177d9f18c0654adafadbdcafb4b21f47

    • SHA512

      77a1a74ed08c746c0de4d523d0128233ebe8af601127bff5a2531a8f062ac83d2e6c792b54ab17ecb0cd4ef4a9ce3216975953ceae8ebaf26374bf809a79bfd0

    • SSDEEP

      768:Ur8Jx0w6kYq/fru6/EBiOBGyU3J8R64N3:NYq/fL/EB9BGyMJA649

    Score
    1/10
    behavioral5behavioral6

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.ServiceProcess.ServiceController.dll

    • Size

      36KB

    • MD5

      353405cfcb5fb1759792dab7548a4347

    • SHA1

      cf8be828ead5affaef3c55a248397f940927db60

    • SHA256

      a20eea5aa04e1feb85ec0ffdcf8a4ebd03c326bd8d19ec785040a20bea6e9bb5

    • SHA512

      2171ac1dea0661634ec939864cd876f63d403748f8a7e907e9c126bff2c9c6792df8fadd43cb84afc44ecffe9547f952df382f07cbb83c12d7ef0df4c8556577

    • SSDEEP

      768:Kg0BaCM32R/CWNxA7RYRMN92D1NltlO/it9zO:K1ACtCWw7RYRMN0plOiPzO

    Score
    1/10
    behavioral7behavioral8

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Text.Encodings.Web.dll

    • Size

      77KB

    • MD5

      a54bfcaad28bc997e64046832838d9c7

    • SHA1

      1ac78ad4b7a2799f5e63cb705815b2a79b738e93

    • SHA256

      5ad1f348223f281c34b9b857445a1c3412a430026ef049aeac641c53a92408be

    • SHA512

      581e9acbdbbc010005396e13ec19205a288334db63b135ade7cc3b4ca8b5ce3d6766e629428433d6bb3f55aa4eba25563c5d50a22e0ebaee1b7e76407b24d044

    • SSDEEP

      1536:JOOgOOOc2yQDmBkKQh39trThrhVZW8igOM8K4RhrYoc9R5P73XiEqzO:FyEmXQh39xfTIRhrYoMR5Lsq

    Score
    1/10
    behavioral10behavioral9

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Text.Json.dll

    • Size

      593KB

    • MD5

      07fe1237294cea8e60eef80c5645593b

    • SHA1

      13af4c2fdcb3c939f0e39192e6eeee1111cd2952

    • SHA256

      3c72ab0eb905aee982fa7dc86bd1f29e8a404263a8fb251b172833c87f6877a3

    • SHA512

      c89f228ca6f932b981ad30fe03b30b0672e38ddfa1fa76ae34679975a8872ef0362d66d857d3acf3650759599d4214dcc28281e18892cb50f436673bd0ab45d4

    • SSDEEP

      12288:LBmUxOwIx30c2jWnHvUY4H6ylVDb1Zhe9FZ/:txBIx3sR6X5/

    Score
    1/10
    behavioral11behavioral12

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Threading.Channels.dll

    • Size

      74KB

    • MD5

      ca82689ff97114b0e910c22f8f9a80d9

    • SHA1

      2fe227b0fc5d7a82e2aa65080413bd1cf96f21c1

    • SHA256

      31c7e3704c0477c53d9306362dc6abe741088efb7a7b4e46cded0169cf7bb0b2

    • SHA512

      433128cb08316368e3ccebc1f6d09d07bdf25eba73b89134b49e7f2a8505481f0c6798a0b3fce098be77c8c1114b0ad04cca2a94b881c09ef1af6281f0a4f3a6

    • SSDEEP

      1536:hOW/X2OQk548/jr9wEqFvTbmcv+ijzKMe:hv/XxQajr9mucvJjGn

    Score
    1/10
    behavioral13behavioral14

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Web.Http.WebHost.dll

    • Size

      78KB

    • MD5

      44ed390035e216b361cc7529eeadd2a1

    • SHA1

      eb0ddce19ba890f67cdc7bc7f83fd0c1c20ff929

    • SHA256

      9ceaef1c477e60981f37138e91c9ad8ed60b7416db9733c9ad156cab7b392c9f

    • SHA512

      8cf55c2fc046e4f99186f7e88216857ab6ebeaeb11383a8426b6503b6db048d076da81469b50b45e47840afb74a7f987b25a964dd87e7b7fb9d21201821f7682

    • SSDEEP

      1536:H66qCChrFMZz3cQSW+qGXi1gpxT8jAApef45CLOlzG:HMzMlSIoqy

    Score
    1/10
    behavioral15behavioral16

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Web.Http.dll

    • Size

      443KB

    • MD5

      e9ee73215ff2b30dc3d31f0336d09fa4

    • SHA1

      371923c0ac6f7142d0d201829ee413d59091de4c

    • SHA256

      fb2c216b321390fe726bdb842b14343db999d372b6293568cc778966fbd8f64d

    • SHA512

      60a3e80ac392de3c45d2724caadb5e2466b2956f3eff91296cb65d2a8f90bb9fc2c244ea3172d2a3d5022f92cb0dbb8775fbdd24071a1aa0ebf9a525346371ce

    • SSDEEP

      6144:giJ5Q3WxGPl7/q20xeIs6t3nYTKN+O4RP/KZ7vFXcUkOH0uIs:V5upNoKC3PYO4x/KZMqIs

    Score
    1/10
    behavioral17behavioral18

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/System.Windows.Extensions.dll

    • Size

      26KB

    • MD5

      8dca088da4b4fec0b7689cc43b51053a

    • SHA1

      e3f09450bb85093703710ac59bd8a9a3bd56d880

    • SHA256

      00ea9c9417b8a18676cf4033365efd17971840b7a9e343dab4f3e6f7ca34e631

    • SHA512

      fab7c5c30f64c8e5153d37e69a96dc14d21e758008aeb2a0895d5e4a6af986a292a5d7f85f97fecf473be042a1a4dec27f8d0f8144d7aa9419df789b63f3a622

    • SSDEEP

      384:j8DvVslxwCL7T7rUOHxrqGCVXbSkbNhWkmW9c/uPHRN7+JrOQImlOO:oDuhAAGGkbbiMl+

    Score
    1/10
    behavioral19behavioral20

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/TicketMaster.dll

    • Size

      48KB

    • MD5

      95abbc930bdbc7d1e60708fece90f08a

    • SHA1

      d36fc2c0e5b075329ea1113dd7d2b1495b04c01f

    • SHA256

      4b080e4f0df9ef25fc78aa1d0468b4b19549ac62ac9af1ef470ddf831953b753

    • SHA512

      0526948d3e2f8cb4e19899c5d88d7289e0c333dfed5f9c151690c8c92d452df720f88b6000ef416137cd131df818f407419d63375f5fd690165e607fc5d418aa

    • SSDEEP

      768:g1PrD9pwhdVi1QuPC3tz5DXti1ASfKicsOs5LVHeDJkJj6TAQ6ketaW1:iPrhp0jBO+zZ2SJs92Oj6T3cao

    Score
    1/10
    behavioral21behavioral22

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/TicketMaster.exe

    • Size

      154KB

    • MD5

      72ab7d5fb85893abc1229d2ba9822878

    • SHA1

      ced3ca57eef8b0ad3349a0984f5f9751de700f7c

    • SHA256

      da50d9fca3137408a583801c11436f44c19d46edfe8a674ff36b058fc080666c

    • SHA512

      8863ebb782b059240f4fc6ba3961dce8aa11c103a6aaf5673090adaaf2b8f831b2200e9a3c3c4c3192387cf74c444af2d72aeccf4aa2e0d9c48fc7ff7551f8fe

    • SSDEEP

      3072:VtL04G/O4BDom5hWkNX2xlkHmJRqAnoqOAcRRwo4wVYrXK:QxX5URji7dYrX

    Score
    1/10
    behavioral23behavioral24

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/runtimes/unix/lib/netcoreapp2.0/System.Runtime.Caching.dll

    • Size

      89KB

    • MD5

      3dc2d6fff89c7358792f2532c06a8104

    • SHA1

      19edff54176f42cee9ac21966510e361d74199a3

    • SHA256

      3ab0ef98bf881fca6052563559b3daf60b1dbfe7376dee4741c3de6398cb2518

    • SHA512

      c9797b6bef57b04b72966aaeeee2bf059a44abad674cd2cfc94c9e9993c74ffca14f59e5ec78b076df9b275eec0bf4cdf4809c1bc5a700a21fa01420df46ed61

    • SSDEEP

      1536:QiCCvFGMC7REdHHSXVEEZzd7WkdZk7kvXkZkEt1RlEYvWPHKyTETT2TETTsdQdGZ:OeFGMC7REdHHSXVEEZzd7WkdZk7kvXk4

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/runtimes/unix/lib/netcoreapp2.1/Microsoft.Data.SqlClient.dll

    • Size

      1.1MB

    • MD5

      4561bc7d7ca490e94542c151e3d7e515

    • SHA1

      cf39c8844bd8f7bfa8f02624426ba499eef63ee9

    • SHA256

      71d158556ee31c56eaaf423886844fcdd08963531613bdc705ead2c2316ed810

    • SHA512

      031e215c9feceda989ecf8e9e94183c678eb9bbcbea52d2e62da89762ff438104ae7ebd469949cc01e2806c7b809467af3447c56d5727ad516dfeadb5a99895b

    • SSDEEP

      24576:GttbpEJtQFeWXmT5pjB7Bg7g5yeolYeRCEEuaVvp7gvJLJ2k8/zdI4hcERvgDgRb:RJGFeWXWpjB7Bg7g5yeolYeRCEEuaVv/

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/runtimes/unix/lib/netcoreapp2.1/System.Data.SqlClient.dll

    • Size

      935KB

    • MD5

      53fad718704cefb53286c168b496191b

    • SHA1

      f101570352fbf6b23d391b1b97fe485a1517ad85

    • SHA256

      b8dd67b68e883bbe11c7430cbdbff8ea4392c81f5497f5277cc10e070e47fb14

    • SHA512

      9060f4f8f9c2f7db43698e91838c68673dd3c77b1f1cdbcc0e2ccc12ca3722bf5f24a4b3389a6efc63cc86ff0252b09db74f721a624bb2bd2c7afec511d32c90

    • SSDEEP

      24576:bzO3Oa+3FqWFAQrNPXAretd3IVT5V/1Cu4xl2YP1CNMGs3+7fWehVfP/2:bC3kqHQRPwretd3IVT5V/1Cu4xl2YP1L

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      TicketMaster/TicketMaster/bin/Release/netcoreapp3.1/runtimes/unix/lib/netcoreapp2.1/System.Security.Principal.Windows.dll

    • Size

      36KB

    • MD5

      0035b12417dfd1d22d43d696968cb54f

    • SHA1

      76ae451be0b87ac0a7cd5de80edbe117ae191535

    • SHA256

      f470c7ee0f99f5ceaa25f51970988cfbcddbe0f8dd8491ca3e9cf4f9f52fdb75

    • SHA512

      600a2ce00f779d0a2f87ca23cf3c6d280067666879a3978923056b094815830aea9caba7a5e32bfc6a0b973c8d2a6d706eea1f73658ead840cc05ae705841f43

    • SSDEEP

      768:hr8Jx005YLlU2mM0faosEbTnQD+o3J8RkK4Rw:4YpFosEbTQD+oJAkKIw

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10