87cbd78ff2d65bc1c266c4b4df296b2fb51bcd4e08c9846fb7aff3b2f192e677 | Triage

Resubmissions

18/08/2024, 19:58

240818-yp7fbs1flb 3

Sharing

Copy URL Twitter E-mail

General

Target

Phantom.zip
Size

4.7MB
Sample

240818-yp7fbs1flb
MD5

0a2694b53ab373b1161483871fce47d6
SHA1

b307a6caf7ce575d41fad9aaf94f497932a1ad2f
SHA256

87cbd78ff2d65bc1c266c4b4df296b2fb51bcd4e08c9846fb7aff3b2f192e677
SHA512

6f0bcf8ddc9b1f1ec38aef50e6fe25d468734d72832b88b2ff9a6ac34a64095fb1de51aaa60eaacd8f1cc14815baf66a31cfe053f26c88e2d4927d2ce3a3982d
SSDEEP

98304:pq54LvIWCe4SPmXVyIe4I6ZrnPM4lPcNAJ1LnAHzzccB2J0MKnZhjh:jvTQZVFIeLP4QZAHzV+0z71

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  res_mods/1.23.0.0/scripts/client/gui/mods/mod_a.pyc
- Size
  
  114KB
- MD5
  
  a2f3ded45da8870e93e5d2186dab27e8
- SHA1
  
  3f8e0cddecc3827b33ec02cd78d192c18f1ddf82
- SHA256
  
  fc19237a4e9ae65829dbde384ce0de2c78b22d9577384dded9d4cde569a12742
- SHA512
  
  438621491061c7f14f59c48d0d2fdd637a17c058df13417e21d660d81632dbb826a6144032f6f9192ab9bb0afb46b8f6cf3982879dc9942261c2538dbd17187c
- SSDEEP
  
  3072:k6BVH7SBjeSCbupKVfG2yQJ23J+Svsy9k/TukuPMh:zrbKeWmDyQ+13kOPMh
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2