2e82a97d5d66d5ad76ab52e8cc583bb3c33997207220e815de29637d5a74f18b | Triage

Resubmissions

13-08-2024 22:21

240813-19156ayhrh 3

13-08-2024 22:16

240813-16tlxatemj 5

Sharing

General

Target

MalumMenu-2.4.0.zip
Size

29.9MB
Sample

240813-16tlxatemj
MD5

24e5bdceca9400c07d0886fb1decd90a
SHA1

ac8f7657a9fc383d5a70d934b66c327c84abbd9c
SHA256

2e82a97d5d66d5ad76ab52e8cc583bb3c33997207220e815de29637d5a74f18b
SHA512

ecde5c2a9866631394d16ed71c14770bc5a45510f17183786687943542b30a673687aee9cf19a99d6090a09015db3b9b85e230df7b1d726dd4ed03556c9bbcde
SSDEEP

786432:GCp/hKcQ4/LbFGhcH6ldGKm2/cQpYBV9pz+W8U5h:GCp/hKgVscH6ldGBec4YjTj8M

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  dotnet/System.Collections.Concurrent.dll
- Size
  
  219KB
- MD5
  
  7cc393035dc78b2910aa24abaf8ce7ac
- SHA1
  
  ff54227b61158a7e8ec881ff1e2f5ee9233cfbec
- SHA256
  
  3c2d86541f567250028457c7a7c66420db91eba19c7042f910d19ddacb140044
- SHA512
  
  099b60cc618884d028af5df4a754b2abb6f1b57d6df673a20f046f02d3ecfcce2ac5bfbbd0b7b298d3a1d37f47f48052f8965ef28cd72a0d00ca4622b86c6dc8
- SSDEEP
  
  3072:40VSOoFe6hUr3+Lv7UalTf5cORHX28Eo846h7dUwmkQrE4G7pg90yO29RyvgcjQQ:LBo06U3+Lv7UGTCOR64GyO2IgNfnY
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  dotnet/System.Collections.Immutable.dll
- Size
  
  584KB
- MD5
  
  00d0241cdce4e55ac3a801d1fb788c9a
- SHA1
  
  b6772d9dd3982652b6a2ce7b715a38ba8d2166b8
- SHA256
  
  21efb392eac8e650fc1cf24c2d65cddabef793889f1d847df105c70d03559b07
- SHA512
  
  b15c7a1cf9e3c10aba9202db37eb95a5e5a283cd852b506b4e14b0e3e40196689c8cb62176d43eff4c95699d07ef4bd3cddf245bdc4526bdac22983c42d82842
- SSDEEP
  
  12288:Pui6xNhQrAWLpc9IrlisNuUmdJQYhD7pMXz66M4cR1cuS9h5l3eA:PohQUWLpc9IhiiuUmdJQYhnpcwueA
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  dotnet/System.Collections.NonGeneric.dll
- Size
  
  88KB
- MD5
  
  e1e5737c1104df86292d86476af48e9c
- SHA1
  
  7c72b3ab3a28b46504563f4e56d06908786cbc09
- SHA256
  
  0f154ad791da18d8d9a02ab5759573bb1f9697427d23f1c2a6899d154f76ad21
- SHA512
  
  ad74ef921db105ba0435b52aaf7fc3a7b0b5f04542e6736a4a3f0d96578ff414508d9cdff766e81a57c9409af5f8f1d4cf42ca2f05136a75c55818848a5b4401
- SSDEEP
  
  1536:b7HIi2kL2jg6pVWf/luD+XBQCCeJEafNtjWZzz:brfV96IE+XBQCCeuafN4/
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  dotnet/System.Collections.Specialized.dll
- Size
  
  85KB
- MD5
  
  53687e100f184ee2989faa0c6c053767
- SHA1
  
  f137416fc519b658ad55d51af5dce8204d6d1dc5
- SHA256
  
  8f84e72236a663590c00aa8695f304383dbc155421d40c6b95c6d1733ed718b8
- SHA512
  
  38788dba93e2909c70afa40de6d39f335121ecfb74f50ca574b8dcffbf1571bca68f35122eeec65b342cf9c7a5814337bf5eac565b38037687dec5873bd2f3c3
- SSDEEP
  
  1536:QHo5ByLCiYvkCj8vYyY20Y5sTbk1o8DvWZzT:QI5HiYsCYgyY20Y5ybMo8iv
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  dotnet/System.Collections.dll
- Size
  
  238KB
- MD5
  
  8c7cf260eba50454653ce44becad81a4
- SHA1
  
  e5ef3a2162a6df79e904fb82781f8fdaafed9ac0
- SHA256
  
  879d73082e641e5f4feb86d5ad02c4bf6f78edc88a0a1b2b4b9e886274cd3cee
- SHA512
  
  2a613269b1d22aba40f689ed729f669417012f451ebe0d0907d99bfbc8b7158cdc0f53447a1db93fe4b50b6a67c4ce4079beb87c8ed0c184af495053bb4cca79
- SSDEEP
  
  3072:iwksAJb4iJWBlPsXOL5Ts3yfgL40Y7PVvmtfYw1CqFAGCLpv4/7e2lHNNcQGD0PM:Wchs45TjM56pAje2lHM9CIJ9lbk6
Score

5^/10

discovery
- Drops file in System32 directory
behavioral10 behavioral9
- Target
  
  dotnet/System.ComponentModel.Annotations.dll
- Size
  
  168KB
- MD5
  
  6de2256146508cc5acec4b647132bb03
- SHA1
  
  880cdd7ebbcf1ff6f987a0185720bc162665f41e
- SHA256
  
  3d070ec7429f99b2d3ec4d601c8e0e0dca6fcbe7c51f19ac42bb431dd8dbaa0d
- SHA512
  
  50b67011d2282c94d0433d784e9a7095e9a72f1ee39d960d1a1b8aee45b1d13cfdec8f3f86b61dd6c824cf94c72a36d9e8e44bd832a039a0f3e110f228c6cc36
- SSDEEP
  
  3072:Iz45lpttZtON7kPJrGILvEXc1GumTG5D5/vbF6D+F70wh8l8jF8lCep:a4/p3O+PhGM1QG53F7xq8Op
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  dotnet/System.ComponentModel.DataAnnotations.dll
- Size
  
  17KB
- MD5
  
  999cb91924b2d8ee22080b3f9a39cb03
- SHA1
  
  98cb69b70d5e2c3fddfd20cd811ddcf87b432195
- SHA256
  
  ade682d3e52b24e47d7b14b1e71aeb8dff77f5063006e5cb1bf0caf03629db1a
- SHA512
  
  400fab898a6e623aceb629d42a6a654ae1db26d5a697aa01d383d3eb66bf1d8aca0ca21ef4ff8af21e71e3d9968550ccbc06b4be502778bd21a3431055309ec9
- SSDEEP
  
  384:jY8fmyfJe9eGXxa4WcUvWsXWhsBlHRN798KNcM6a1R9z/W5f:s84NwJj99n6K9zg
Score

1^/10
behavioral13 behavioral14
- Target
  
  dotnet/System.ComponentModel.EventBasedAsync.dll
- Size
  
  35KB
- MD5
  
  8c320cf17d0f850967d05a87d40488fc
- SHA1
  
  1accf420a478b2a67df559a1c9f1a22922fe83f9
- SHA256
  
  01d569a966d43bea5519562fee43ed4b4a7b972521b1b1d5538d3b0fec4cf534
- SHA512
  
  91cece87d414d013f6a762306f37876e4f18e77c508ee606a1616ec3debdeac1b98cf83d1e1dfe910714d46df4c99ede0c1346304cb0c03a468f0ad951694887
- SSDEEP
  
  384:4WMwW1ax2QhlWyiIo/D5wxVOH3p8XipGX5lAFDXSO88+6EZccdwVpR8T6Zb4g8wB:2SV8PtVp8fDe84t1fCjElQ9zT+
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  dotnet/System.ComponentModel.Primitives.dll
- Size
  
  68KB
- MD5
  
  597afc5b004297cbfe394da8e2a39ec4
- SHA1
  
  c46b9adf3d1a29193a7c47942d844fa01b47ebd6
- SHA256
  
  89a8cc280f23bd086b3e2c392ebedaadc95e0232b07a6b846a6e7f2747ac8d7d
- SHA512
  
  ef4fecfbfb86bd7d54c4b25f4ee97e077cde5a771f5ba15f9226f085c81ec18d628a70a77978adfdfe824de70a9475533507f42d77fbaf89362287f5b55f9ccf
- SSDEEP
  
  1536:p7/Egc//Lw/Rh/FekTnNKfXn2XUorKl5NC2oKQfxiKs9300qKFz4:p7/5cOofeU2Kli2o3fx+9Rqk0
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  dotnet/System.ComponentModel.TypeConverter.dll
- Size
  
  663KB
- MD5
  
  8586958d0b9ae107341801aaef8be9a4
- SHA1
  
  712dc5428311a58f38a0e9e67f8a58483626843f
- SHA256
  
  9e55b8e2e897579a12dba62e3b91814bf03ad2697266f35dc0c8ad94444eb1d4
- SHA512
  
  107e5cc0d5cb383169c94ae055027f009b1f2c36060a246331d8ef640166bf9e187317273a2fc55c3f11478164b878ab4564b80b0d12a7bf6f06ad246291e771
- SSDEEP
  
  12288:lc5CzNIpNjOozyxKK+Xzz7bU9CmSU3V6RD8VieepWr9VPJ5joZiGn7b2AmrfSsTJ:lkOoc3MmS0B3e2D7hA86OrAQcBnadahi
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  dotnet/System.ComponentModel.dll
- Size
  
  18KB
- MD5
  
  5e7a10a386c310dcc1d6290285aeb74e
- SHA1
  
  d2cd4521f2736cd6d5dd5eb96cc946aef879672d
- SHA256
  
  a63517ba1ee43a2f708562fd54172f536e469a1a7dbb9879b7514e2dc0057b01
- SHA512
  
  1e69d8a0f964708331b995ed267d702a5b0c6cbf863bb69d99a54ba9623c4c462e37a97185cc792941565588d6062ed9b322e2bb8f441891e4cdb18506f92c74
- SSDEEP
  
  384:cWc1Wzvi3tHHA+nCo0WIYsBlHRN7tIlYXWF//dJR9zJhy:y/hxxGjqlYXWF//dj9zu
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  dotnet/System.Configuration.dll
- Size
  
  19KB
- MD5
  
  981c2862d67b2f75e5c81ecfb1772644
- SHA1
  
  d648f80303ae8951ac4a4fc0c07db0e486ec1e6a
- SHA256
  
  2c724a2a5b4e6926c5ebb56adb3f33f27067e2e3d319e814a8537b9a579b32e1
- SHA512
  
  d3ce18a2c1dc0451c8e1ec7c03082a1125c91d2ffb993146ffdc78d25ab5be8f7f3dad43255c95670818e0086fab42726771044251f1025331c17a558f90af7b
- SSDEEP
  
  384:qXoWX0yXQB1uXTSv/fvNRvGZYdf3zyP/weeYEyYDzWTNWzsBlHRN7THGlD/LVNSq:FniZP1jSxLVNe9zZ/Y
Score

1^/10
behavioral23 behavioral24
- Target
  
  dotnet/System.Console.dll
- Size
  
  141KB
- MD5
  
  523021aa69173ba709c78056b599b87a
- SHA1
  
  79b0169aa88998e41b61d2846ae8c70b58c0e251
- SHA256
  
  407db7860141e54ed1487432bb905320bb9ada3afbc4a5ce601fab7faadf30a7
- SHA512
  
  5829f2197c1aa080a71c02a3a332c098645ae1ca006dfcaf81035883a1a289cc1b32c480e5f3408d2eb27f6252fa0bdf46998551b77ed6798d29365d75ae09c8
- SSDEEP
  
  1536:hPZmkFWRf8+ZzEgWIFIqFJ+7VDFPQespWh1gr1hCuToGcjqPrQ+99kcGgzN:hPAI8yea0y+K1UzX6IrQdc5R
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  dotnet/System.Core.dll
- Size
  
  23KB
- MD5
  
  78b50239c21f6158f2134d32d63de1a4
- SHA1
  
  b2beba43cb69727b620beca3f54ddcb70d72fee4
- SHA256
  
  8b05cc2dfd7491b709caab31c5fa5d58da1bc321210536360ad20d19be39e508
- SHA512
  
  e9a9a0efbfc8261aecab935ef999fa95f353854ac6ab23256326d022d359e2b0818fc22dc9c8eec9aa0c9ad47822b2b1626387aadbf3a754689672c57aa2ac58
- SSDEEP
  
  384:GEfbPFWOUSnPEW51b04H9DGMq/tE8aQjryAkxkBm4U1zXtPC1MHRIQWO2W/sBlHw:GaPFWOUSnP751b04H9DGMq/tE8aQjryh
Score

1^/10
behavioral27 behavioral28
- Target
  
  dotnet/System.Data.Common.dll
- Size
  
  2.6MB
- MD5
  
  8d754c6e71db5e20be33874eb34c41b5
- SHA1
  
  3ec0dc5a2cee348769a3ab43a60f95c4f89ffac4
- SHA256
  
  300d1047cdceeb129ce1a8272cb530624dd6e938c38c33e6256625a42563d41f
- SHA512
  
  e09a902985942d33a58ee3d076bd97ba1a75847b35142724311069f8016c7ca612a84744067453ed2749ab9af5bd3345064746687ace522d9ba530cdeeb31be4
- SSDEEP
  
  49152:72eBuyDiE0OabEPba92I7aE0Vnv1XgVi4nNmcMKDpBsVRNH1mE:tBeGxNH1mE
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  dotnet/System.Data.DataSetExtensions.dll
- Size
  
  15KB
- MD5
  
  d268bbd8bcf206bf54474a30919ad41c
- SHA1
  
  f0f4e046f7ddd34830c3d34c1eb8d45099d5a095
- SHA256
  
  0f5e8441ce28f0771f8fde9a5d1c6b65e6e25dfbf2c1b24420c2dfece3a29631
- SHA512
  
  ab94c0aa45ca27b959a8a4a6e89f45fce4cf315ff2c5039d41f26c3abbf3cd88b13cd1ceaa1fbdf87df8f7fd3150c29dc258d68a604d8e1a77abefcd5df44705
- SSDEEP
  
  384:KpuSrhoWk7WLsBlHRN7wG2teR9zmXtD8zT:MuDPjwG2tC9zmRyT
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32