8e59a9de633fc1e0a9da10268c606b898e7d5a6645ee21851465e027aefbaec9 | Triage

Resubmissions

19/08/2024, 04:28

240819-e3rr9axfpm 3

19/08/2024, 04:26

240819-e22k3axflp 6

Sharing

Copy URL Twitter E-mail

General

Target

Solara.zip
Size

438KB
Sample

240819-e22k3axflp
MD5

e4d9a66c67fd58430116913f95d076a8
SHA1

ae25552288d8f53d14a54008128693f65142a088
SHA256

8e59a9de633fc1e0a9da10268c606b898e7d5a6645ee21851465e027aefbaec9
SHA512

21ca35159491a15f98b5cb744b30bdc6e31900d33860490d078839943dbad561952b4b1499c10540ee1f6dcea241e293c1597fd4a27abf8d2f809f5573be4573
SSDEEP

12288:njSS0btupfE+SzsPVKY9ouGWMgd4D1oqt6ZVfZ6I6GWv8xx/6nEE:njSS0kpxSyVroNXb0PhZW8x/6nEE

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Solara.zip
- Size
  
  438KB
- MD5
  
  e4d9a66c67fd58430116913f95d076a8
- SHA1
  
  ae25552288d8f53d14a54008128693f65142a088
- SHA256
  
  8e59a9de633fc1e0a9da10268c606b898e7d5a6645ee21851465e027aefbaec9
- SHA512
  
  21ca35159491a15f98b5cb744b30bdc6e31900d33860490d078839943dbad561952b4b1499c10540ee1f6dcea241e293c1597fd4a27abf8d2f809f5573be4573
- SSDEEP
  
  12288:njSS0btupfE+SzsPVKY9ouGWMgd4D1oqt6ZVfZ6I6GWv8xx/6nEE:njSS0kpxSyVroNXb0PhZW8x/6nEE
Score

1^/10
behavioral1 behavioral2
- Target
  
  Launcher.bat
- Size
  
  1KB
- MD5
  
  e02a61bcdd5399b4cf6d65e7036246b6
- SHA1
  
  7e7228e7c3cf2d9617ae0f117f57968b2b2ff56c
- SHA256
  
  2c32c45e65d5fc8b337a89e6b9959573e7654f44208ad6e46ac077088aa27c57
- SHA512
  
  5769d12c660f45816971340735421062a09ffe82420396d7d6259bb360677882b0dd9f72b639025791d6f69ee17e246ca8010206dd69d6457264c7e307638d7a
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral3 behavioral4
- Target
  
  compiler.exe
- Size
  
  203KB
- MD5
  
  ae0a7389808274cf10ef95d35e68234e
- SHA1
  
  455b1a411fbaa6bf40c2abdcf418c5a542582485
- SHA256
  
  e2f53b44793f8b790cc3a94b83fbed8e5b683fa2b52bcda7e7d588784f4e557e
- SHA512
  
  9d4784e7d85bb89c2aa2279ae59bccd4b9ad24de4300d08dfa7e72c3909b1ccc71cf79de36fe0b3074593cad986b24d37bb941f5d01b10450e6554941bd27415
- SSDEEP
  
  3072:7nvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+i:7va5TMRXs0IKiBDbZt4Ggn77+ez368
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  conf.txt
- Size
  
  300KB
- MD5
  
  d308072c68b192b4761faf3b90a82f70
- SHA1
  
  65e201e4dbd248c9cd51606191afc1bd7e86e9db
- SHA256
  
  b81f53ab7c7474da9054980c3ade62cc8c62d5cdb8e4cd689f5b26015ef3c4e6
- SHA512
  
  9f2147079caa74627783a191ef8f10c70dcd5c85299a879c915b2fc4f6535666cc356603b2ad8298e95ac5acb3052ff8ff75e195183aa34cc1b40c0bd2cf028b
- SSDEEP
  
  6144:HUub2DoNwlLa6UbXf0sLbbefV8aYQ/FQu:HUubVNyu6Ujf0IJtQt/
Score

1^/10
behavioral7 behavioral8
- Target
  
  lua51.dll
- Size
  
  389KB
- MD5
  
  49a4d0bbc6f39de905a3b25087ff8a7d
- SHA1
  
  079ae16196d50eebb2c53266f42b680d136c1432
- SHA256
  
  b93651e364b25b718770f76561856171c2ef99df0f9b391778f69bc55f0af615
- SHA512
  
  637ea04fe7a2a057229a43b3781fdec96d47b1f4867e8d3a3baa0255f9d9df51bec9ba3955d95756bd04f72b2f18d04413019055d36e6b568838d99b553fdf5b
- SSDEEP
  
  12288:JiZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABx:Je19pm7pCuCt6+w
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10