baa69d3c0c8d885c983508701b26fba5b2c2f9dadb235d468eff8a1a7ce5a928

Sharing

Copy URL

Twitter E-mail

General

Target

Eclipse-Tool-main.zip
Size

7.9MB
Sample

240826-l49ssazcll
MD5

9b2babe75a26ad74584b3f4026dcb1a3
SHA1

3ec404a03b8d0b06652ecedfa243540ac63227c6
SHA256

baa69d3c0c8d885c983508701b26fba5b2c2f9dadb235d468eff8a1a7ce5a928
SHA512

7718104128fbeb47121cf4411d531ec876ea5c379701f8fd733a0feb2cdda39b00b72854c62fdaf568636552e3c7287572137c47715e0cec8b962a7023ab8504
SSDEEP

196608:hN/9ora/XCjOQr2N7aA4+YQeOLhdKD5azgY24d9jk7tBUxdEEluZ5rt:j/irdjbUvrYQeO3Ykfd9cAbEY6rt

Score

8^/10

Malware Config

Targets

- Target
  
  SETUP+RUN.bat
- Size
  
  11KB
- MD5
  
  c2dadc64ab4ab43a2bd14b6657ba59fc
- SHA1
  
  66e2c8f7b374b45ef190d3023e9c8fad7253626c
- SHA256
  
  dbd69fef133ccaa9557e489ca365061a27f862a84b7b735ebf65fea8a9aff925
- SHA512
  
  9b775d1f8d71fffb9e8333a606162b79593191c0a8d1fa38c5e926464959274969b20ed1b1500d33165504bcac678d370e9f3d9d6290b145880f98ad4c6dcc8e
- SSDEEP
  
  192:pincTywG+hpQyuPmhDGEhtKCsoKiNrUkA+sXeSIDnb4g7U7uNyTBVSaP8QewTQ21:1TOcpQyuPmhDGEhtKCbxA/X/hX7+ps8a
Score

8^/10

discovery execution persistence privilege_escalation
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1
- Target
  
  chromedriver.exe
- Size
  
  11.7MB
- MD5
  
  7f45280701af0b75eab76f41a39cb6a8
- SHA1
  
  e9c81ea041cd2187448f4e5560eafda1e229a0fd
- SHA256
  
  0a80a3bb252a5ce730a384ddb71d73799bd82d89144a73da930ca296e10be67e
- SHA512
  
  fd3487e8e65d5c86e06c38410d97030c47e3d8620eda36b92a60ee3234d3157989b40315e1eddfdcaae435d0f4386bdc8a97d6c2e703e25ce91319d72a07cc1e
- SSDEEP
  
  196608:Em/gCQVBvGc8mkijo3hVoYYo/giRTxkS8uBb3V75rbFErndRu23rR21G70iBRqGC:J/gfGhijo3hVoYYo/giRTxkS8uBb3V7I
Score

1^/10
behavioral2
- Target
  
  main.py
- Size
  
  353KB
- MD5
  
  46f1716fa65d2399ae5395aed65434d5
- SHA1
  
  82288efc89f8743be27b796f97e77fc4e6f0317b
- SHA256
  
  92af7cb5dc01a270f1697fbbbddab2fb10b3b86ca2558c52a5a0e25b0bf13dba
- SHA512
  
  934b6b8d35f85d6456d369d19f3b4a223285e836b54e799b938741f1903ff5c149e202eb10ffc6c40d85e58e726f0437a2f8d4141e9263ce578c070dfe87b178
- SSDEEP
  
  6144:jzSzjzj/cBxzOz4Rr/cBuRtRN/cB/j8jcje3R/cBQjfzej//cBUjhz//cBtzZzw2:XCXTgWe7TPpAQw0Zb+XJxXG5EdKf9bOG
Score

3^/10
behavioral3
- Target
  
  utilities/Plugins/AutoLogin.py
- Size
  
  2KB
- MD5
  
  18960bf388c0e52a3e00b70c8a217e85
- SHA1
  
  39549d852d2a73298347cba558301309de90f38b
- SHA256
  
  2969ca13e158413348f9184b9cf5b7ae4470559ddc9a776998fa46325933c5e8
- SHA512
  
  7ae7759fd89f308e69416a89566c4897e2d7bb58884f67a4e0e91da4da4e00df142bc0d0bd275cf3eda3422620ffcc7174b03d36968d00546b00085544b54093
Score

3^/10
behavioral4
- Target
  
  utilities/Plugins/DdosAttacker.py
- Size
  
  5KB
- MD5
  
  322b831bb3aa3c10ad8ef9f5512a46e4
- SHA1
  
  a77110643e12e76b4db081966bcb67eab0568030
- SHA256
  
  c425bc15f4a65d8fd1d6bf752d447159b821f6714d8f26fc967f9e420784003d
- SHA512
  
  4a5364102d15faf505bb4d99addb06e42639f888c4216d22c23cb88d4e41444c7cc219c28f58a9618bd6e1c9ed4405bb8c8fcc3436f7f10b7ef4db474fe2185d
- SSDEEP
  
  96:FEGFTSOfUg4en5/TwJ0eMjz0o0UY/JvzKncqhyegYQ0dG//7SaYYvogmhCX2akIV:GGZuWn5/TwJ0eez0o0UUJvzKncqhyeg5
Score

3^/10
behavioral5
- Target
  
  utilities/Plugins/QR_grabber.py
- Size
  
  7KB
- MD5
  
  6a5e6f01893a452e5b55e7cb9e55c88f
- SHA1
  
  cabd65dc9e6d3bc0ee84211abcf9dc6c95e31d62
- SHA256
  
  5dbfa2966cd0b582de5ca461b6bcd8e12af81ce8e4b06a7c4e4a83823241f4d4
- SHA512
  
  f0e702dbfce5b4e581e78d730a332cb59d4fdcacc7fbeee0f0078f5235947b3a49e544c7aed8c57462fe95bb33db166fd6793d2052dc62abc71a1c869f32cad8
- SSDEEP
  
  192:AgagQPmRnlRmNRUimKgZYpMbMQVQl3xfxu:AYxlwN+i3kYawl3xfxu
Score

3^/10
behavioral6
- Target
  
  utilities/Plugins/Server_Lookup.py
- Size
  
  4KB
- MD5
  
  8fc49be0f8173ba893b9bf22ac275afd
- SHA1
  
  2b08e624fc0893a4774b0dbc5258dbe1fb6ce323
- SHA256
  
  4c099bed686d15b04c1010b91e73abaa61a44bd24e0b07678e04970f2386be70
- SHA512
  
  7d4cf465534a82f1a59d1c0ac10b59e84cd35ac0c74bdd3697c688e2b63459d2978a68e202a35b190901a24cf945a3ba4088bdc3ec39df5ab8c55c9802e94589
- SSDEEP
  
  96:A4XphHpfsew1rY1KQ/d1DT71rY1KQ/dys1Y1Wgd:AeJw1rY1KQ/d5T71rY1KQ/dyUgd
Score

3^/10
behavioral7
- Target
  
  utilities/Plugins/build.py
- Size
  
  3.8MB
- MD5
  
  5905f654833a21d12e9805c367eb1696
- SHA1
  
  ba720f8b37d1d5329e38dc55a809226e22957111
- SHA256
  
  7f03c7cb57ff0dbbbefef8e52f2f0b30c3ad031587d08bf2d82ed5a520a41702
- SHA512
  
  1ba6460459dddf842ab72c933b8f3f7c54ae68c189e058b4cfd182a94aecca04c29e33f2b1aefeecd70778dc8ac5132ba481a4a4d829c44d2aaee840bdae912d
- SSDEEP
  
  6144:gsPeAABM2owMb8HnzMu+dVRbWCzl3bmRGJO/FECfvpqDOtKMMYu6b04cxBXMghHD:EjBMfoH4b49mPxXMghHRSm
Score

3^/10
behavioral8
- Target
  
  utilities/Plugins/massreport.py
- Size
  
  1KB
- MD5
  
  105d74648672efbe78b298887f1428dd
- SHA1
  
  c6e24e717616d30eb0ad92460ce3d3f31797de9c
- SHA256
  
  000ee7ebb0acc1914ca0db9edfd588c684a0d982936c2cfb6b7b45d666fe5a60
- SHA512
  
  03466c6f172a1c4646f78af411e48da8e84f4cac47dfe69acd4aca68dfc7cb810e0494773e3ad350e2813ed179a4c7c65b284b7702a57c144dfa6103d59f6083
Score

3^/10
behavioral9
- Target
  
  utilities/Plugins/tokeninfo.py
- Size
  
  10KB
- MD5
  
  459ef92d3240b54092d3987eb172874f
- SHA1
  
  7d51973b244c2e264ebc7fca37ed1bee0d8f4c8f
- SHA256
  
  46a1873bfe031804e854b568f7ce7e8e1ba3e3fdc0e57b28132c7457f3694077
- SHA512
  
  6b064ef3076b909836c71ec36447061d61e3184b2f1acadfdc6ac0261850b5a0cfbef9bb80c4560ad7f5b7619964fb7cffe582719295eab36e490b3d3de79b6e
- SSDEEP
  
  192:Sv/Cgv6oQ305QC1nwCeyd6qip6d+8YVCA9ah32yrmKcg:S3CcQk5QC1nwCeyd6qip6sZVCIah1eg
Score

3^/10
behavioral10
- Target
  
  utilities/Settings/common.py
- Size
  
  18KB
- MD5
  
  8b30cea48b80db840974e97cf83f9008
- SHA1
  
  da1139c1239fb67596e2939ef3c58bc8fcfad4d7
- SHA256
  
  aeb22b76353ef3c5fb9110fbf6eb8ef77025490250f732999ce51935d819a39d
- SHA512
  
  e074e3f5d0d9a02a148c45c520777b8da24f841e23cf376982a1fc38e043f26edc176fa4e909ae05aaf4630ad45c16a6e6fd846151ae53150a15c6ef4ff443ce
- SSDEEP
  
  384:jK+7RW+EYBxLZEzp15iB8Ja3omAbCCYACzbOYCjMIBzzCmW:jK+1xEYBMpqia3omAb7YACzbOYCjMIB6
Score

3^/10
behavioral11
- Target
  
  utilities/Settings/common2.py
- Size
  
  23KB
- MD5
  
  a7abdf62f85b13ea78999cbbe9094852
- SHA1
  
  de71e605542b6483539f7936f273ff2b9e5a8495
- SHA256
  
  dd2fdaec9432b8aa5e63ff47b00aefe0a0faaf16c3989615a3964ee06015d8e8
- SHA512
  
  3dc95ce83e089fa5140f2fe315993571ff867d339ff77bf27ad1e8b80efda45beae9111a67ea1a98131927c56317d199fe103a7788fbb0bf2d7fa760678820c2
- SSDEEP
  
  384:q7mxtQvPkft5xeoQTAPRhwSAHU4GopxFNTiT3TBTmQT7WSE2TStKmKI1xmKI1q:qaLQvPkrxe/APRhwSsUwVZODtt7/rmKc
Score

3^/10
behavioral12
- Target
  
  utilities/Settings/libarys.py
- Size
  
  5KB
- MD5
  
  b633a990ad3e12700526be8ac6c6efbb
- SHA1
  
  fcc26a9c45ca4c8a57708f832494f7de9e3db44e
- SHA256
  
  98f0d42546608c91e56ced2e7aa19d3444124db773030c2606e19960670f594a
- SHA512
  
  879d75cc590a52577d37e18b3c3f9331b6609df2834a9513cd07d6004bf1643f055b0f4c123a2ec6d9781554ad9e67d35e831f0bf0ceeacf932b9fb60750011e
- SSDEEP
  
  96:DHRqUXKp8MQFzmYxeRwj3mFTp7b2ETIp9tgPKcfEBWVPFcGIX++01QVEBW0B:DP1mfbVTStY+WVP6tXAzW0B
Score

3^/10
behavioral13
- Target
  
  utilities/Settings/update.py
- Size
  
  5KB
- MD5
  
  fe1e29fa4c0f211527e43b42d4571890
- SHA1
  
  7eca6911c3c1b5e2eba120a61161492091304565
- SHA256
  
  132e7d7dab9f80319a3d7f1437e532542d78d31aafc8f1bc45171c73e71654ec
- SHA512
  
  acb0b8665fb2907bfef43e33124dff165af299a1a341f3daadeb6e76244d3df2a3f669ac29ab36462ff4742b5217b89b0055ad2e7b59ae5196b5d3988541d684
- SSDEEP
  
  96:D2pDxHF+Y6ONXjq/HH32HQ1f5wNrGVJxS+1OokK7CA2kvgiNv2/f:D9O5G/HH32y2BKGA2kvgiNv2H
Score

3^/10
behavioral14
- Target
  
  utilities/assets/ignore.py
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10
behavioral15