2d11ced126c739f324fdde635375ebef0f2309d01e74a35de26c2d83fd49884b | Triage

Resubmissions

17/08/2024, 14:54

240817-sacphs1erd 6

17/08/2024, 14:52

240817-r866ca1elc 6

Sharing

General

Target

Lua - Loader.zip
Size

353KB
Sample

240817-r866ca1elc
MD5

4253a13146a549eac80b2a9be208b20a
SHA1

a9d758b5977065fed04873ca335f5519abd24983
SHA256

2d11ced126c739f324fdde635375ebef0f2309d01e74a35de26c2d83fd49884b
SHA512

6ebc2a62417464936666eb22a0ee0225db89e2a9487d6d4d1cdfa276bd5dcf54884ee219a6210df8e291282876be112c94a001f4934bea2500b08239f97f7125
SSDEEP

6144:N+DA0TS6Xy2sQL84WmZqP6MvydUyWJsualBw6oU/U3QHe69kEEZ0S/MZw2fc45:NmxTSEKP4AP6MvzJHEwfbXXKSEq2fc45

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Lua - Loader.exe
- Size
  
  37KB
- MD5
  
  bf75e40b3c6c3b103635f6206d155b7b
- SHA1
  
  3cad49bb187668619b8a456bd0a9ac4c5c8e3121
- SHA256
  
  28d5edfd0c9599363a9dcdcc10be33f679c600ef534804cdc1ef4f47a943a871
- SHA512
  
  7d36c4e0e43cad51d9667f310351bedafb404cc4ff8968adf469008e2fb00ed111dae5b9b6361eff7c3b0965a245fdfe407770090ea09671cd13bc983aad7083
- SSDEEP
  
  768:YUki59LXFuWo55tiRbMEIOnix7lqGwQV4IBnWLbPZ+ysfJ:xh59LToTtiZMEIOniZlvV4IBnm7Eysh
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4