634df453e6b56918f9837719ad9fc656079f631bcb897da1055d889d8891828a

Sharing

Copy URL

Twitter E-mail

General

Target

claimer.zip
Size

636KB
Sample

240828-n2al1syfnr
MD5

8c0cd97cd3049a18689b64d05addc2a1
SHA1

119670e9dd4e809d504a93d511750b16c648e2d8
SHA256

634df453e6b56918f9837719ad9fc656079f631bcb897da1055d889d8891828a
SHA512

96f2f0b13cd0bbd3a62327e6d6a4579736a62d843f372e0cfafcccd280d0dab32c42cdb9cb70006948543194e7627e529b4b521b36d4bfd4fedbe7a7aa3ea46d
SSDEEP

12288:ZJrc3uNH1ETWqXK2H9rSNDanAFkx5LWt4Ev8EczheabYoCY29cOS:ZJw3YqTZ19rSNWnAqxJDEv8Ec9eaEoCe

Score

8^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  Finder/.git/hooks/applypatch-msg.sample
- Size
  
  478B
- MD5
  
  ce562e08d8098926a3862fc6e7905199
- SHA1
  
  4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd
- SHA256
  
  0223497a0b8b033aa58a3a521b8629869386cf7ab0e2f101963d328aa62193f7
- SHA512
  
  536cce804d84e25813993efdd240537b52d00ce9cdcecf1982f85096d56a521290104c825c00b370b2752201952a9616a3f4e28c5d27a5b4e4842101a2ff9bee
Score

8^/10

defense_evasion discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Drops file in System32 directory
behavioral1
- Target
  
  Finder/.git/hooks/commit-msg.sample
- Size
  
  896B
- MD5
  
  579a3c1e12a1e74a98169175fb913012
- SHA1
  
  ee1ed5aad98a435f2020b6de35c173b75d9affac
- SHA256
  
  1f74d5e9292979b573ebd59741d46cb93ff391acdd083d340b94370753d92437
- SHA512
  
  d6bb7fa747f4625adf1877f546565cbe812ca7dd4168f7e9068e6732555d8737eba549546cf5946649e3f38de82d173aaf9c160a4c9f9445655258b4c5f955eb
Score

3^/10
behavioral2
- Target
  
  Finder/.git/hooks/fsmonitor-watchman.sample
- Size
  
  4KB
- MD5
  
  a0b2633a2c8e97501610bd3f73da66fc
- SHA1
  
  0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4
- SHA256
  
  e0549964e93897b519bd8e333c037e51fff0f88ba13e086a331592bf801fa1d0
- SHA512
  
  5168643c1768ec83554a9066754507a781b6d14251a46a469222d462efc6ca87a72c90679154e8a723349c91e7772b32ac9b08dfe313cded0ee0a6f17885079e
- SSDEEP
  
  96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
Score

3^/10
behavioral3
- Target
  
  Finder/.git/hooks/post-update.sample
- Size
  
  189B
- MD5
  
  2b7ea5cee3c49ff53d41e00785eb974c
- SHA1
  
  b614c2f63da7dca9f1db2e7ade61ef30448fc96c
- SHA256
  
  81765af2daef323061dcbc5e61fc16481cb74b3bac9ad8a174b186523586f6c5
- SHA512
  
  473ad124642571656276bf83b9ff63ab1804d3c23a5bdae52391c6f70a894849ac60c10c9d31deff3938922ce83b68b1e60c11592bbf7ea503f4acd39968cefa
Score

3^/10
behavioral4
- Target
  
  Finder/.git/hooks/pre-applypatch.sample
- Size
  
  424B
- MD5
  
  054f9ffb8bfe04a599751cc757226dda
- SHA1
  
  f208287c1a92525de9f5462e905a9d31de1e2d75
- SHA256
  
  e15c5b469ea3e0a695bea6f2c82bcf8e62821074939ddd85b77e0007ff165475
- SHA512
  
  cb78aa7e9b9c146e5db65d86dd83f04e2b6942a06fab50c704a0fd900683f3b6ad1164e74afe2f267f6da91cdff0b9ab07713e12cefc6f8d741b5df194f4fda6
Score

3^/10
behavioral5
- Target
  
  Finder/.git/hooks/pre-commit.sample
- Size
  
  1KB
- MD5
  
  5029bfab85b1c39281aa9697379ea444
- SHA1
  
  8093d68e142db52dcab2215e770ba0bbe4cfbf24
- SHA256
  
  57185b7b9f05239d7ab52db045f5b89eb31348d7b2177eab214f5eb872e1971b
- SHA512
  
  4fed684b7e262fc847610ca646074fca45c3c677c40d8fb6c7ae522b9c8a9be7327b41a59b4550ceadd41edf57ec5ed07e575e02dbc6c003951e1822ac3ddd5b
Score

3^/10
behavioral6
- Target
  
  Finder/.git/hooks/pre-merge-commit.sample
- Size
  
  416B
- MD5
  
  39cb268e2a85d436b9eb6f47614c3cbc
- SHA1
  
  04c64e58bc25c149482ed45dbd79e40effb89eb7
- SHA256
  
  d3825a70337940ebbd0a5c072984e13245920cdf8898bd225c8d27a6dfc9cb53
- SHA512
  
  e4dc204494f5062efa3032b00c64707a4f38978040482501b3e085f071e3ee5a9737d537e6a52002ceb4ebe2bfe09e555c5d969581e80b3eba2a922015c67960
Score

3^/10
behavioral7
- Target
  
  Finder/.git/hooks/pre-push.sample
- Size
  
  1KB
- MD5
  
  2c642152299a94e05ea26eae11993b13
- SHA1
  
  a599b773b930ca83dbc3a5c7c13059ac4a6eaedc
- SHA256
  
  ecce9c7e04d3f5dd9d8ada81753dd1d549a9634b26770042b58dda00217d086a
- SHA512
  
  cc98bbe0e3865e2023af04416e10689e3aecd3f3928cf90c2acc0d3d7306388886779025c8967c8ea198af1f4fe29d16c65d4e1d546c7a8fa513f5ba7df16850
Score

3^/10
behavioral8
- Target
  
  Finder/.git/hooks/pre-rebase.sample
- Size
  
  4KB
- MD5
  
  56e45f2bcbc8226d2b4200f7c46371bf
- SHA1
  
  288efdc0027db4cfd8b7c47c4aeddba09b6ded12
- SHA256
  
  4febce867790052338076f4e66cc47efb14879d18097d1d61c8261859eaaa7b3
- SHA512
  
  00d21d5d72386c3d9b5a1c36ba85201f730556a8295d4353af54af7892ab81010d42aff209ec1fda61c54e4dda3737cea5fda64f09d40ce5004ae28239565025
- SSDEEP
  
  96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
Score

3^/10
behavioral9
- Target
  
  Finder/.git/hooks/pre-receive.sample
- Size
  
  544B
- MD5
  
  2ad18ec82c20af7b5926ed9cea6aeedd
- SHA1
  
  705a17d259e7896f0082fe2e9f2c0c3b127be5ac
- SHA256
  
  a4c3d2b9c7bb3fd8d1441c31bd4ee71a595d66b44fcf49ddb310252320169989
- SHA512
  
  ee08c11fab7e896b2e09c241954ba7640338b12c75cd8040daf053c31b2f22236d7a0deac736f89d305236312fdb4f560a38d4d8debdcc9dcdd23b2d975907d5
Score

3^/10
behavioral10
- Target
  
  Finder/.git/hooks/prepare-commit-msg.sample
- Size
  
  1KB
- MD5
  
  2b5c047bdb474555e1787db32b2d2fc5
- SHA1
  
  2584806ba147152ae005cb675aa4f01d5d068456
- SHA256
  
  e9ddcaa4189fddd25ed97fc8c789eca7b6ca16390b2392ae3276f0c8e1aa4619
- SHA512
  
  50ec8a0dd98427e80a82a8d8ce44462a845876e1594c9d0e89483ce9a8aaad616edea0e5c45c1bb69d8fe7f520c6f2260d6fa350d77b400899c3ae375e965bfb
Score

3^/10
behavioral11
- Target
  
  Finder/.git/hooks/push-to-checkout.sample
- Size
  
  2KB
- MD5
  
  c7ab00c7784efeadad3ae9b228d4b4db
- SHA1
  
  508240328c8b55f8157c93c43bf5e291e5d2fbcb
- SHA256
  
  a53d0741798b287c6dd7afa64aee473f305e65d3f49463bb9d7408ec3b12bf5f
- SHA512
  
  586efb6a206f73d8a94561266153a624e2753830bc431a283bed998c46ac00a9df4995ddfd0aa852b1a22b4672c80f2c33cee3fe2e3321e392ff4cef26dbf75e
Score

3^/10
behavioral12
- Target
  
  Finder/.git/hooks/sendemail-validate.sample
- Size
  
  2KB
- MD5
  
  4d67df3a8d5c98cb8565c07e42be0b04
- SHA1
  
  74cf1d5415a5c03c110240f749491297d65c4c98
- SHA256
  
  44ebfc923dc5466bc009602f0ecf067b9c65459abfe8868ddc49b78e6ced7a92
- SHA512
  
  a19dbbc2ef6c367aadbfb900ae58c377d88ac9b6c0ac6de49c962d44d993418875f64143defda56bae8d0697dcd15be2928d32aa77508d3958769f18a4a53154
Score

3^/10
behavioral13
- Target
  
  Finder/.git/hooks/update.sample
- Size
  
  3KB
- MD5
  
  647ae13c682f7827c22f5fc08a03674e
- SHA1
  
  730e6bd5225478bab6147b7a62a6e2ae21d40507
- SHA256
  
  8d5f2fa83e103cf08b57eaa67521df9194f45cbdbcb37da52ad586097a14d106
- SHA512
  
  be3780974589d06eddba6fa0aa15a3e3dfe390e2827a1a6ae5cb83d6ac47e79ef9b1bbb53f067372f8dc70db0350d3770e78537fd3cfe734200ff824eca4cada
Score

3^/10
behavioral14
- Target
  
  Finder/test/__pycache__/proxy_updater.cpython-310.pyc
- Size
  
  636B
- MD5
  
  f5be89b7e17261a011293a5ee4001469
- SHA1
  
  d4aa64179677def53faf4162f8034466dece96ee
- SHA256
  
  02d600c92ce4c637f4b0b4c2844f3851c4183ec29f61abd0ce03275a617fc2ec
- SHA512
  
  81f736e2f2e11d336f17121c6f9ad603b7c6eae84e11b5cf6f85856445f5480a14104243e5760322e90c7f3f7a86cb671e9acf14e3c2b7e6fda95623619657d8
Score

3^/10
behavioral15
- Target
  
  Finder/test/core/__pycache__/__init__.cpython-310.pyc
- Size
  
  138B
- MD5
  
  1feb38bcf58518c97c2bd297ad570c64
- SHA1
  
  c1e8bffe15eb00f928ddea42f77b48c6dcb50084
- SHA256
  
  979482a3f08d27e4b23988d1033114fcb8c13ea4fdbf68f8f7983c1ceff0d7a8
- SHA512
  
  1305841ecee864833523d06fe641b07094551d2b6cb5c59930d970555565db11654f429bb441692d9daab1bf882c914aeae688e33cb5f977175d4ff193c53541
Score

3^/10
behavioral16
- Target
  
  Finder/test/core/__pycache__/__init__.cpython-312.pyc
- Size
  
  186B
- MD5
  
  b83648de42f6b44be86f97d7824b3136
- SHA1
  
  3c276a1766fe2c57537a5a8a8ef9a47b5954bded
- SHA256
  
  8ff0f4d560a3999bf40999ac4c532c289b8c93b2529e8cd724af74d86f3b09a9
- SHA512
  
  1fe291c4360942168562f1c78ef8da38571fb05e83c9e068cbe7d180546b4e5a446dc439fce419c1563d4dad97c5899f54d213d917d30ab530a523b371851a4c
Score

3^/10
behavioral17
- Target
  
  Finder/test/core/__pycache__/arguments.cpython-310.pyc
- Size
  
  1KB
- MD5
  
  6c94ea89d068ab28d8c824519f92162d
- SHA1
  
  f48e7324078882527b506d95b10772b932a79f3f
- SHA256
  
  fb3d3b4c97514ce2253fed9fec7c3e0b9a59fe1d963b32507b92ada423955a10
- SHA512
  
  aa0377087df1896ee2112e1663f29a7f435214b875ff77378e24d431fd7c81a21dee4bf1eabae6ea7598da8f4ccb8b27d75358c8f4ccf3d75d5f9f4e81f377bb
Score

3^/10
behavioral18
- Target
  
  Finder/test/core/__pycache__/arguments.cpython-312.pyc
- Size
  
  2KB
- MD5
  
  a1a35afa572859ea97820102613b2429
- SHA1
  
  8e1cd9d6d265a6e6e98256bd2e9ed8d6351c7527
- SHA256
  
  99ef632bf946a943783325f9f0913be2e5a954c736b56ff162b9bd48ee9eadbe
- SHA512
  
  f6c080686247e1e0d487f8cba1bcd03a974d2995da904d61a72501ff8d7c36f079f2ef70e8cdf3a2c5903d8c41a9a6254581af12560d9f69d44f5b8b02fa918c
Score

3^/10
behavioral19
- Target
  
  Finder/test/core/__pycache__/constants.cpython-310.pyc
- Size
  
  288B
- MD5
  
  ebfdeaa7de4e988376ecc1bc7ab62f87
- SHA1
  
  9561ffb44d5a9496aef36029480d85302fda3e41
- SHA256
  
  7f8f7313ba94c2ae28602a25f8a3055dedac5d4db397a8f9ed018802a219f3aa
- SHA512
  
  234e1a6055652af54e41c0086f54f6e207d83f31da5983e2915e0faf9b80beee4b106bce83aaf975cebe3e978dd02cd7fb2b9153d8580e0b2d6be7af627093de
Score

3^/10
behavioral20
- Target
  
  Finder/test/core/__pycache__/constants.cpython-312.pyc
- Size
  
  351B
- MD5
  
  3c3782c6af42cf6a6c551d940f270238
- SHA1
  
  2534358a3a31033a51666187bd0602ec84376e41
- SHA256
  
  d36fa7845d62d7d33b51b2ae73421165b00b7c20c6e933095415aa252946d61d
- SHA512
  
  d0532a4c76328010922fae2adee644c2ca1970a4d34aa780a01553145ba1fbddc0189a4791db0942144eb9e07a26225579f335b03bb66756c9bbbea58c446ebf
Score

3^/10
behavioral21
- Target
  
  Finder/test/core/__pycache__/controllers.cpython-310.pyc
- Size
  
  2KB
- MD5
  
  4991a87ea3dcf5b947b5860489b08a3a
- SHA1
  
  33cf2eddcb6ba04f2c6d930dbe8f97dc79dd7c15
- SHA256
  
  479d4f87a92a0fcc10b90e8b780cc4343a4fda00bc4fdf2009bc445a5fc1515f
- SHA512
  
  4bba4082f5c3d960644f84dadcf5ee235232e7cdfadc02254941afad58be466ac70cc679a5b0e975b308e2507876153fd3e19e5ae62776287576d65e24c82764
Score

3^/10
behavioral22
- Target
  
  Finder/test/core/__pycache__/controllers.cpython-312.pyc
- Size
  
  4KB
- MD5
  
  dc15acd4e28a4055c74c018854c717c7
- SHA1
  
  073725f48af81af0013aead8602bf73063433260
- SHA256
  
  4620d88850cff4fcb0c9cf68fa8b3fce3c939b548c6a4e365f76dd8ee93acd55
- SHA512
  
  a66e74432f79876645605d21bd6b6fae06b34e74715a3880d70a57cb26558ccce99a2ba8e889722eef4a45f51dfa664da0d0e6c495acf0e99460297901d013d0
- SSDEEP
  
  48:65WqVRcZyXPGuMLtcxXa31QBIaUo05oh3nihLM/TAEt6GOfR/AkY2vCw86jt:gpV+ZyXPGuMJ1QOajihLc70FC2vCwl
Score

3^/10
behavioral23
- Target
  
  Finder/test/core/__pycache__/detection.cpython-310.pyc
- Size
  
  4KB
- MD5
  
  8434d929801dac141156a6e9888afd85
- SHA1
  
  44dc2ec04ef0364fbabf3dde204024d0846dfffa
- SHA256
  
  11f4740ff99e72a70cca198331e2faefb7a10289c7746184a9a7cbdfe0d0af32
- SHA512
  
  8a7d63d95cead3741c061e374c5fbdc548acd002547ea71fef46e9da6fe0c7590e9a3a863e637f8da4c7c86102bd0a7cc5df563974f757a08b1aee40d972677c
- SSDEEP
  
  96:Yr12nq+FQ2A+rzvRPA3lS/nwHwjadDF8PNXdsQSNX8C32U6gfGmXyRhS:5n1FQ2TvZAkvi4a/8PXRSFmU6gfGmXyu
Score

3^/10
behavioral24
- Target
  
  Finder/test/core/__pycache__/detection.cpython-312.pyc
- Size
  
  7KB
- MD5
  
  a9894fe509384fd69117e3bec929b875
- SHA1
  
  e84a653b726ecdf842e4a6b1d2cec6e6b2354e41
- SHA256
  
  d716a5d1ffaf4421ce7d7a5bc39c39de15d4c75572e5bf68a16247b68288c473
- SHA512
  
  8dd613b48aaaf523d76a88c87be0f69fae8c9debbd16da074c89e505137563ba22226117c137374eaeb3ef89ef6a5682fc64a0136eae94c1660acce93022868b
- SSDEEP
  
  192:fn1FQ2TvZAq5UIaE3K/Lov8Auok5cYI1AAgos50bf5uC+fzYukdb:tF9340aov8Rok5cYopgow0bkfzY9db
Score

3^/10
behavioral25
- Target
  
  Finder/test/core/__pycache__/utils.cpython-310.pyc
- Size
  
  4KB
- MD5
  
  adea6b4690facb3341ef7ae0926488e1
- SHA1
  
  7209228c325424fbeea48a18e16fd19ef7de7968
- SHA256
  
  8e75cf809ba976ff1f45fa09d9aec79eee0bac6ccc6e34c1288aea1dda220d08
- SHA512
  
  a9a29b67dc48f1e4391bdd74d296268d6bc468d46232f7dcb64bc457aa758a62a59e61bf6b872eac97664b638bd1cf0b0f3c36b62da79e86919f709b73410a62
- SSDEEP
  
  96:V9QEPRtmP2LoSXB29TMg0b253W/DQN3ZhfOagMRZEAFSC2pYqKkAIZ:DtmSXB23N3Wc3ZZOagMRZ/EC2p5K5IZ
Score

3^/10
behavioral26
- Target
  
  Finder/test/core/__pycache__/utils.cpython-312.pyc
- Size
  
  7KB
- MD5
  
  ec680424fb89ffe732f492d682606451
- SHA1
  
  f1f954b59617e9de8df116536518ed105b1cf462
- SHA256
  
  7773980b1273ce1bcc8b6db195fab493caf47ffabf4b769d1845bad130bd86ba
- SHA512
  
  65e0e9128fb601c9e54c391641f69f2d7f65a7f1707ee54244ebe85a906412e54f95ff9aaae56b445fb6de42d24d619ee21bcf53b4fcd3f9c755c7c5bc9afe74
- SSDEEP
  
  96:URLdPhV61VF6w3+w8dMDxQFRASgm2f/2v2OOJhGwl:EQV2SDAZgmkC2bJ0Q
Score

3^/10
behavioral27
- Target
  
  Finder/test/core/__pycache__/workers.cpython-310.pyc
- Size
  
  1KB
- MD5
  
  09a53a72479e2caf198b5cabced37933
- SHA1
  
  8bef454b6c56a91438d8123e3806ef879bd0c117
- SHA256
  
  2d73e12ec6b9dccc59f9ece0faf985ecf980a8a15d882194d5c1674ef64c18d7
- SHA512
  
  7aac14a91aabd143d5ddabafd607e77a25cfea991fba843a54d70e457e5a4d4974f22125f18939ef8e38f392883b3533e53630de703a2853190cc8ef7d000c59
Score

3^/10
behavioral28
- Target
  
  Finder/test/core/__pycache__/workers.cpython-312.pyc
- Size
  
  2KB
- MD5
  
  789da1efe3ba3c6d039f1c9fc1ee8829
- SHA1
  
  9f5047d0d05f581718f83a07594f1af022c09322
- SHA256
  
  9bea73a8af09ab87d3ab34c24f10ea32a8aa42c52ecb42ec8a8dc0504e3edcf3
- SHA512
  
  22790a4e72d1e23319b24e38dd857d5239593298c0e6f7c9341b32c1d621edc4a06a96277fb84e7ff22920a65a34f493293f2625eefb54e2f0012fa7bc2821ae
Score

3^/10
behavioral29
- Target
  
  Finder/test/core/arguments.py
- Size
  
  2KB
- MD5
  
  ce81ce0a38cd0eef8d0111c5dcd61f4f
- SHA1
  
  9f1b91d78feab8418ab85e033ebaa5543fc04a12
- SHA256
  
  817ccdda9ff455f8e11f3cbfbe1ae2aedc4260acbb4d19c05814c3469d5d8357
- SHA512
  
  19413f4a22b07c0db504b840010c22065782d85e4e7a0fabf976e6af91b04c8f964409f35e83e71ff04e25cc0996252dce90f2eded4adf846202a2e9c073e27f
Score

3^/10
behavioral30
- Target
  
  Finder/test/core/constants.py
- Size
  
  206B
- MD5
  
  73a8e71e804b0dba71d1b164dbbb3e9e
- SHA1
  
  91f9b3b3e32fa43fa7c7a1b509a037ab1bf8a1d3
- SHA256
  
  ef8c31ee463d8e8f13929f0e3fa4e56683d73e3bd6f42e0c425c5fef093ed5d0
- SHA512
  
  4d656d02a823bb49e21ec2c83f1a56c02b204c4401781d61b24a0618960fa009fcd7f523ecf7a8f2518fa2156aa201c78c9dee7910a5c24ac4b9cbfc6925fcb8
Score

3^/10
behavioral31
- Target
  
  Finder/test/core/controllers.py
- Size
  
  2KB
- MD5
  
  0ce79f6818754fc61846cf6ab2fbd5e2
- SHA1
  
  25dbfc76e26020f4c6272018312b7e32129b483c
- SHA256
  
  6b7ce59c0e78fb7f9bb99aeae6aea3e14100e3421335a58e9665bb0a038d8bf3
- SHA512
  
  bf7d9bdcd46d627334c90d8818b22818173d7f91df2d2981102f88854b5e7ea4e88fecde049f73a137c8e9a990524149350f7ab1048e79cfbb537ec545d23560
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32