c746ebecaf2ecd213856b81121ddb0e92aebc7b6a44bb6480f217fa94a48d6a9 | Triage

Sharing

General

Target

MantiWPF.rar
Size

126.1MB
Sample

240818-wse45swhkf
MD5

bd9792758b76ba95e96a99b92abf89ce
SHA1

912eeab7a4f9f85f8c3a8f526d096d5c9f1e8a85
SHA256

c746ebecaf2ecd213856b81121ddb0e92aebc7b6a44bb6480f217fa94a48d6a9
SHA512

9fd7bffd69982b777965ee3665b7a7192e7cbef57a7ba51c42a6580334d3af5f306f9c075f85fc8fc679c76635bf9b5ff04e1ecaf9879d35516c1060bddcd499
SSDEEP

3145728:hTPKxoK8eb4MKus3JFBvqVe8T5JqNjHT2Xnjpk137RgxuO2:hTPKxJF8du8J3vmxdINjHT+VYrRC2

Score

7^/10

execution

Malware Config

Targets

- Target
  
  MantiWPF/MantiWPF.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.54/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  MantiWPF/MaterialDesignThemes.Wpf.dll
- Size
  
  9.4MB
- MD5
  
  27f73ae1925eff84a67f898af4f47e14
- SHA1
  
  fb9a43b248418def845e6ed0b051e204d6b07705
- SHA256
  
  3802400c5164f7f6fdea70e6b688123cc8eb7274acd7af632cfae4e437441bd2
- SHA512
  
  36ef68e3d6a87bc11e9ff3a2abb09fd8a5b7d800182f382dce975386e2fea1ce1f62d302c782667fa55e1c3b56c2862448b9ef4d4f3e5349f85ebf8b6b327f69
- SSDEEP
  
  98304:IaXJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fShW:IknJ45/9iD54+V11bFv4z
Score

1^/10
behavioral3 behavioral4
- Target
  
  MantiWPF/Shaakey-idfk12-09d89e6/main.exe
- Size
  
  22.3MB
- MD5
  
  01d47112d18f6fbac82ca624446c4979
- SHA1
  
  7e9158e9a09995e9381f3e6349bc827f8216910d
- SHA256
  
  8f793075f2fdd4dc2a4ef27b275c4efd83a5a8ef64295c40dc92b8dbaac71279
- SHA512
  
  9d8743578c336a13279b6af709ba7e73ed4236ebb0634c9df0c6228b9f164cf73d06898eedd0a9310ef1fb14686b2b893833167f1a4b21db963d07a8ca31c2d4
- SSDEEP
  
  393216:Wqil0KbTLzUj/TwsIs0DLSPB0MgNb3W7PBuhxJWjSHHax4:mlRze6+PB01lEZoCSHF
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/abap/abap.js
- Size
  
  23KB
- MD5
  
  50f649f3e45a1f5c7f71f409bd5fb8a1
- SHA1
  
  1cce5441dee1f76bf158fbc0462c8e13e6b0ce54
- SHA256
  
  c7bc6470bfb0d82dbc422ca008dfb8b25fb02c8216cc3ee91e9e3971764efb2b
- SHA512
  
  0a74cd41751261daccf256af483197a844085c335c77076225801db48d580da92e295435057dfa4050ad84d1e6937779bf3849b3dbc5564159d4a7d35d5ef9b3
- SSDEEP
  
  384:rg0l1E3cOjsKpYDsv2JgYHb4AxJYmF7piUIFTyyxlcQMnOsjY:rgetOjs8M9gYHMANeJg6l0Y
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/apex/apex.js
- Size
  
  9KB
- MD5
  
  96d8e2d7e01af1bf87b50e397ef14e1d
- SHA1
  
  c58411cd9d819eca280d7aac743afb8c48941345
- SHA256
  
  12a9de1bd5188e228d1b225b93bc1de7545aa3eeb5df2942d1b30de8b4102279
- SHA512
  
  6c9920794f054f2a4c388dd22b0ffce9440fb04ea49b43b86d1bb9e7ed519255c2735a6fcd5be6e7835e5cbea99e7f44f67bf14ef540ba958d5193b76af1b1dc
- SSDEEP
  
  96:HDGkOt8DdWFF80lbEjNVhEB9ogBUqjoI0cai81ISgI/3kl0OsMCkwnI6NkPN8jhY:rOScFTbEjNVhEB9ogGTvcai81IIeZsw
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/azcli/azcli.js
- Size
  
  2KB
- MD5
  
  42a923c820d332ddff89a68c376d4657
- SHA1
  
  23ea23fa0dd03085bb92aa095bbc62d9df8a8722
- SHA256
  
  09f4dd1e73f6ba879f28fb7e07930279ab4c5a295483799c53c6417fae7b8d32
- SHA512
  
  253b80f3ee5a929f865f53ac237f673a3d505ce14cd80eb7f78e25c86a6dba58c4f87842fe2482932cac50ef4eb45733435da310f1cafcd863d15159f5fcdceb
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/bat/bat.js
- Size
  
  4KB
- MD5
  
  c0ea60d00820705cac4d2857da94e7f8
- SHA1
  
  b84fdfc23fb97f37e9134089aac916392a943635
- SHA256
  
  794ce7c333161e68fff0c6a4a1bc7cdc678073147dc48e1a49aa5313483fc4ab
- SHA512
  
  b5e2330432aba944abec1dd0450169d8c1060e42b52efb2c4aaab5750d1d7ed691d6524cd9c3249dd14de8bdc039acc08c3e969b06784c9f3236b72cfa79b24f
- SSDEEP
  
  96:HDGk28EmF+z+lDHm3vPP3jq8tHEDwrORJC3MB/mMw:rZEm3DG3rBGZW
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/cameligo/cameligo.js
- Size
  
  5KB
- MD5
  
  c6716edf2144eeca4ea7830baa11ba15
- SHA1
  
  b7c99a58b05afdc387621c30f7c693e304131b78
- SHA256
  
  fd96854fe7970a6e9839396e8daaed9412cdc531e36baf2dfbaa2f6b61937b22
- SHA512
  
  9c2c181cb9b46dc0121ad1ab647471dea5f4461c97d4c500cabf4e6cdff2e4fbf2a480e725955c02a351886cbff923bd97dac22a1a4de4d89901d15e77b75884
- SSDEEP
  
  96:HDGku8EiuNOcSuKjSap12fi/4OkwnI6N7eHCi:rhEiuSuhV8Is7i
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/clojure/clojure.js
- Size
  
  20KB
- MD5
  
  672e3b1b27b133f9bf523fed06b174d7
- SHA1
  
  2544e09064a4b5efb8577b3d059293e8487b3160
- SHA256
  
  cdc784ca79feaede6b98aafb4a9b09bc519261b44e0d58597d47ae1bd9b514f3
- SHA512
  
  2afb794f3b3c22d7993bcafddd57360d865554c7f2a112745542924b401e29ea9908cfcf3e7e0cc93b44644a6692cb39a6e9e01dde7e10c4f4db0576e16aa76a
- SSDEEP
  
  384:rqsXVeI2xzyOz3WNE4mWmh6WgcV8K8beAb:rqoeI2xzyEomzg4O
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/coffee/coffee.js
- Size
  
  8KB
- MD5
  
  778339eb31afb7882486697d98c53b3a
- SHA1
  
  94cd80e7ccbc14d86e2514f6736c376c145120ca
- SHA256
  
  dcdd9bf38160bbaf18d8f2a976d04bb17ba143a4924058466b82dda2c1be3bcd
- SHA512
  
  a0d65efe6ec6ec9053550c56a55d9f34713dd7e62856ca2a381162c573ebd5a6b36d859c5893734be7cb8a5b4019034b91da7f8bf72b01fc3e2d5adf32d05ccf
- SSDEEP
  
  96:HDGk08NBI0D/F8R5HFK3JPElZGHf4VTi8jQ5CQFvmieiadR0cRvv0e3v0mB9ME/Y:r/V/A5lIPmggVO8jQ5CQFvmieRRvHs
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/cpp/cpp.js
- Size
  
  12KB
- MD5
  
  4267c07dc0ea63d7ebea810584cd60fc
- SHA1
  
  6583cf1b42a9cd826f4785de661b35f49e8c0e3c
- SHA256
  
  7c0cf17651cf97b42714a99c06354822f98c676ea6f929bc25fa038e53a1fb48
- SHA512
  
  38b2cce9bd4d9485c9f0d4d2f2b54867ad0f4f5cd1ac4ab31b75f7be89a380864baebab8ba5ebf5d95f06d727b45cdd532c3527303f116cb745b20124e6ca845
- SSDEEP
  
  96:HDGkK8EFFBRSsIvp2qwdDAi9DYuOUphQbMgI/3klnnZHXkwnI6NvRwk8i8vLRsfC:r9EFJvIcqyDAiSuOUpK/IGasn0b
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/csharp/csharp.js
- Size
  
  10KB
- MD5
  
  213e7ed72b84eff30fd439aef1331fd4
- SHA1
  
  bbc95ab1948a1e6ab7a677b7bfdba09b57b1be06
- SHA256
  
  00e7837542dd16369d97e515d9063c015fd6bf143842723d1420f04769b4f9c6
- SHA512
  
  2dd5e536dbd93bebe19a6c5bb55c8e224ed5ccd1c3d34e8f3cb7b3f1a6a37b74d485c9940542aebb5d87393bbb462dcf3e35ab83a9faae16caa6e4a8cd2d7c1d
- SSDEEP
  
  96:HDGkyr8NlWFFYUlSjKjYrA9+GPHWpfFQjY5pHU6TGUdkwnI6NHnc3BxBvrOESOFb:ryAyFviRAtHsuW4s12/t
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/csp/csp.js
- Size
  
  2KB
- MD5
  
  79cd5272313cb73c70fba578ca644f4b
- SHA1
  
  6c41a20753948f5ef9276221b0232b2226027281
- SHA256
  
  cfbf56a632a506ef3caf41caccdbca476aa976c09ee3b4f8a10db6fa22e92620
- SHA512
  
  bdc3da4f897da8d36af2d0dde70cf61a3a96d83a85d9f31fe13eb58b8a9c6e603b25c73c1b7299a09fe20ebae9f070ad5f67c810f7193c7762026f133b6e50d6
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/css/css.js
- Size
  
  8KB
- MD5
  
  d4edbc51c51d0d21faa30ad73255f214
- SHA1
  
  26b62053ac2848c9149e317080bb1b181a08fd92
- SHA256
  
  d1c5c95b6a340b513a40c2561379647384842764a6b382dace0f327ec97502c8
- SHA512
  
  fef4dca1ddd45fa96c2bcc390b30d2b2752eaafc131244180bdc5de0fe34785fa020d34191d0746c37713550506af3f0affaff1ab2ce8190d884a00ff74c8c27
- SSDEEP
  
  96:HDGkO8NwqVSRaZ90jedTLxzJH+xqOB+dwDMS84:rBeqGw9z1X0p
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/dart/dart.js
- Size
  
  9KB
- MD5
  
  344862a7ac127396fa25152f9d3d3d02
- SHA1
  
  4d1062a142abc7d382ac9e65c1414c99078940b7
- SHA256
  
  6393139aa7fa19c2aa3207460a0b7ab5538ce96b470f7bb2cfd0dc6162da4361
- SHA512
  
  81613a29a27354bbce1e9bbba06f062e406037e6ebd8abd25fe97ead8ad02b361b4e570ecdd453056fea103a133a95d8cee7831407cee311754f0338c00a22a6
- SSDEEP
  
  96:HDGkG8EFF4fLlvGfI9Bm+amOg/kl03U5UOBSPkwnk6NGY6ZZKgDzbHTdpB:rpEFcefI9BMgEBUseAYurzbHTdpB
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  MantiWPF/bin/Editor/package/dev/vs/basic-languages/dockerfile/dockerfile.js
- Size
  
  4KB
- MD5
  
  cf73abbd1d975417c865e4e4d00ce365
- SHA1
  
  01a9fdfeefed907138b4d96823c134e1732c1ab7
- SHA256
  
  0c306c90e5a5165651068da54b1922490dbbed7715d93e1f5ef9174f441621c3
- SHA512
  
  e6255e4157e6fac1d7fc595475662250946b1e3c6b80c02b7adc49d4f15cd41284c2320be9bfffaa4bb17456cfb56435dd7d2866913a7ca51109311f4a351982
- SSDEEP
  
  48:V1DGkmMU8XwQuiXdiXGG0dRtm2nWqiOnDSE6S4V0a3MDqli3MDSR:HDGko8XF8GHdDWsnDt1o3Mei3Me
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32