1b01207c2a72f4e7b1a62254f62365152136b3a2450994a69541b3e7064f6343

Sharing

Copy URL

Twitter E-mail

General

Target

Cawt-2.9.6-User.zip
Size

6.8MB
Sample

240901-yyxbqazgnj
MD5

ca0c2056c8b2a57048b6f923cb2ead3e
SHA1

34846d4e346c49ad4897d7089819533dac06cb31
SHA256

1b01207c2a72f4e7b1a62254f62365152136b3a2450994a69541b3e7064f6343
SHA512

12c75fb2186c8ff9afa8856df93104ef231a8e7e847e61e8ffa75223306ac800c62d2f53dd7151254aa722f13eaf6399c90c49fae227166622b94d4e42276376
SSDEEP

196608:AFr5c797pzFLAU8HA0lNsVYYiIZS7e7ou4kG:AL479FLUAqYhinKLG

Score

8^/10

Malware Config

Targets

- Target
  
  Cawt-2.9.6-User/Applications/AbbrExample.docx
- Size
  
  14KB
- MD5
  
  51b89a9701feda959bb5f24942cb25ef
- SHA1
  
  1ee55c780d9caa4e901e95c72787ec4141863061
- SHA256
  
  2d10c0e453ca396d45fa1fc1e7a3208ef7d30ab85418b1ebebe68e5cd4d7e5fc
- SHA512
  
  e6cee4601c883c0b062e03e3321b7d703b946bee2faff4c546a27d277f776074d9aa8bc22b77e55865cef4c4934295fcc4219f95bf3e8d6f7780bd24f9c75c2a
- SSDEEP
  
  192:jhzqik691w33YU8G4TTVaVaBEfDgsxM5BdRO4S7q2jn5sklM2DKI0W:dzqikG1w4U8G6TVaVaK01O4SeGumKI0W
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  Cawt-2.9.6-User/Applications/DocumentInfo.tcl
- Size
  
  4KB
- MD5
  
  2336516fb44886b6a9d2ba62b59a00f4
- SHA1
  
  d5d7587d403cc3bf9bfd1d340bd77cd8ff9ce5e2
- SHA256
  
  d91f53a7a9f160f80f8b0a43355139f219e2f68140cf6b12d5a8d1233e4d7c7b
- SHA512
  
  f3c57c035dc8bdeed51b97a7efbc0da3c2a03483246aeaee9ed9c7d74ab3a17943ddc184c6246c5079d14559eb331aa23f488bd26fc881d0fd94134aaab219e6
- SSDEEP
  
  96:cf/aFnthkCvcs2mVAT4bfgMNy+WsEvCkPyidaIlb05MNw:SavhEs2mVDfgMNyIQCAyiv05MNw
Score

1^/10
behavioral3 behavioral4 behavioral5 behavioral6
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtBasic.tcl
- Size
  
  20KB
- MD5
  
  4be09b027e0e914910a2f7bbdad07dcf
- SHA1
  
  40da9c358072f7a21f55712c3ee8f146cf9e3065
- SHA256
  
  0f8be0103b575877c202012c7587a0054aa0d9f2b8c8b0ad0232ba70b0811c23
- SHA512
  
  ae4922a99a478935b979c6dad47d406c64d5176dbf387d2da91119f95a878ed7b251cd2787674d02af849fbd7d8c8d85ccb50e65f89898747925dfef23a236e1
- SSDEEP
  
  384:6F7AxnDcceq4IjFBznzUfmOLLrt4wds9u1Rou8ufhDRU0ed/GPi8xdGEevpzOKgr:6F7AxnDcceq4IjFBbAfmOLLrt4wdzWuL
Score

1^/10
behavioral7 behavioral8
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtEmbed.tcl
- Size
  
  4KB
- MD5
  
  ef1f274eb8b85cac496b5b53d524511f
- SHA1
  
  b7c275bd92cbe0609a0c3ad1ce49a5db8c847420
- SHA256
  
  e7c74e11e3c5df6bc357edeb048da4e197bb98beb56feabdb7c3ef2ea8135e25
- SHA512
  
  8247307eb96dfa16c593a6d881760766b235db4381bf2ef5f6c7f7986b35368baffc13be303aa82aa78130170e1be9a9fc836960a3d2ecdabfe6ee4048297885
- SSDEEP
  
  96:l0BFAmmMmWiOCY0UbiGAl3dWkA1FxQGi8PpvYlY8GlcT/3ZESlZrJ:l0BFArdXOLv2GACJi8PpwlRGlcDZESln
Score

1^/10
behavioral10 behavioral9
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtFileUtil.tcl
- Size
  
  5KB
- MD5
  
  682586a0fc3e7bb344c3b2bffa4d01e3
- SHA1
  
  8019158038acfde8a90848e37db87627c6f55449
- SHA256
  
  afaa12b2a9b9592bc7540c91b107a6d2cf161b8560e8863f4944da8c30e599a6
- SHA512
  
  754c85c3ac75e0f5a1ef753e50c1e10ed89fe88acf999612497cca1a1f96b9b2af51eb4aa1b42c39553aa0ab4996bb76f1a9721de2ead810bdf3a3c0934584a6
- SSDEEP
  
  96:l0BF0bKvKG//C1fBsQ40Wb9xctAoMca6V4k1LywSJah7/41SkTEASCyJ:l0BFeKvKG//C1ZWhxctHrV4k1Ly3JG7L
Score

1^/10
behavioral11 behavioral12
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtImgUtil.tcl
- Size
  
  5KB
- MD5
  
  3fa441a13194adbc6efd6549c1f03ed8
- SHA1
  
  cb31726e7863e8add6f0c896d82d0f314adc020c
- SHA256
  
  5faeaba2b9110ff033fe1f8c1e75f8af0a19a270dea02281c76859a5db678d86
- SHA512
  
  c46b0e090849113cee4c81a5b8ef78df991b15c414455cc1e06b55e24c18e2df394ecfa89823321c08caf53e28d1ce210c5c32f70e72ca703d8f76817db27241
- SSDEEP
  
  48:l5OvBFRg0OMNLNJshkAhe5oZrvN0imXZ11qdZcq/BOzlidXEiz9zXzl+HZQxFHg+:l0BF60Ou+s5onzZceQED3lkjcsBDcUm5
Score

1^/10
behavioral13 behavioral14
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtInterpolate.tcl
- Size
  
  18KB
- MD5
  
  49137c77cd3d694bf36e03e16c676a67
- SHA1
  
  5fc17cd2dedee651af151560dac3f2bfd5343475
- SHA256
  
  4e72053349a6cf57e09705e3fb10def19371f7e0e019bf913ebbbfa7a9ff45d3
- SHA512
  
  6f4a9585644b24881ad6e301cbd9d77b4bfeaaad60579dd114d8eb65dcf5ab1ed9a2a3a2e1c298c8452c37567ba9b3672a0d2d8ef2a82e7af672b446dde8f11d
- SSDEEP
  
  192:lT7U4KG7ITJZ0qFOayP15g9a6CLIHByBKyMGcwG/nG6X4:hU4d7IXP8Zbg06CcHG/6X4
Score

1^/10
behavioral15 behavioral16
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtStringUtil.tcl
- Size
  
  4KB
- MD5
  
  bc3d8026931b4a38c0a6bae43b51db81
- SHA1
  
  793cc505ae069028d8eeb42a0ace3f8b7150a8c4
- SHA256
  
  857053372422048fe7dcec164c30e8e7c96000da748e414641462f07dd1826ab
- SHA512
  
  a6e812adcb8b9731983e60d963e56b53995ce1d6399007e5a1fa7cc7692860bba4bfcb10118c7881bd73cb795c01cefd4bb813f8f9a11c7c6b05808a959bed66
- SSDEEP
  
  96:l0BFCDW+2Re5sslWXtvC40yq3+5/hvI5GVblfCyiE+ARTrL:l0BFaW+2ReDWXoQJI5aBfCyhJrL
Score

1^/10
behavioral17 behavioral18
- Target
  
  Cawt-2.9.6-User/CawtCore/cawtTestUtil.tcl
- Size
  
  9KB
- MD5
  
  814a46ed9b61d4d754f717758359303f
- SHA1
  
  f048c3023a3fd3c7f437ed8818589eb349216f80
- SHA256
  
  5f6a9f25143fc4551dc67dce8443cd9740f23ae27c509f630bd3268c41f5e070
- SHA512
  
  817ad65c27d2d7d0fbf9a1b7df00b80f193e0ebf1e0611651ec3415279c674b8f0a277884647d100439ea24b1b3d5489ca55abf2d23fcc3bff13493b0ae168e7
- SSDEEP
  
  192:l0BFh6zAH71bVhd8dIqeKd9hd8tX3hd8GA+ky55syVzcRB2T8JOeh0xEyiUzvz/+:6Fh6zAH71bCIEdyX/A4zFreWOUzvz2
Score

1^/10
behavioral19 behavioral20
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelBasic.tcl
- Size
  
  142KB
- MD5
  
  26e4c3bf3dedb5529dc248c3b44d7f64
- SHA1
  
  9de65f9f12595633d08cedc9c418f9c46d18a150
- SHA256
  
  5fb3ad8dadcf4e1f0b4292ea35c1eb95d24a393367ca799bdbb4e15e37cf8bee
- SHA512
  
  4f99c8a6ab511655d0da240a73f9fadf925e209b542fc07513491f3f0caa3ae1ec349bef85b3615463f2e1fa8bdd0f98a7978d6eb0d58077c242034689f7c443
- SSDEEP
  
  1536:0F11NW2cncVfamR3b09TIsNApxfAZbeK8mZ/PLLg1LKZDDQ6Atxa+gpBIpRJL07B:zJ4xGtWirr5Y57DN4lR8MqJt+
Score

1^/10
behavioral21 behavioral22
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelCsv.tcl
- Size
  
  7KB
- MD5
  
  c14389e818e3deb8dea9e3e731985a1c
- SHA1
  
  da22ece617472c85337dbe91d8a37f4008834999
- SHA256
  
  3fb60a0e20522109bd9f5ab3fbbefdf4f1a4e0dc74948b1a9c28a5752e25cb60
- SHA512
  
  86d8c60e7fcc1b9ec5fab21bcb86086ab92587540ffe7c5e98829cce10bb88b2229a944ea4fc377acb350d23945b5c8aab07aa83de3113776fe4c54aa812b8e3
- SSDEEP
  
  192:lyFl7VdzUpC+2naSCFLCyZCjf13EH1UXz/naHUz/nKdT:0Fl7VdzUpC+vISarnA
Score

1^/10
behavioral23 behavioral24
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelHtml.tcl
- Size
  
  13KB
- MD5
  
  c424e1c15bb0b8027d6f68c64d62c1e2
- SHA1
  
  3a1ad8bd31bf12223013a35bdd287b43a8228b18
- SHA256
  
  8f1c6e1cdc397851979a7fb3cc7d8d4112f6b6ba7fc7b2f56af17500373f2c77
- SHA512
  
  23342130a2cad050f259ffc45fa3852ff69eee41a2a4a8bbd2b10ca443d89f2f15a21c4817417ef81362b9a03813dd35d4e8246c6f77f2c9f4f3f5f8bdfea57a
- SSDEEP
  
  192:lyFp4K0E1Akc67Cn7dYxFxyphpk0CCWUUb6c/myEyZQS/sfY2+mDWOE/vE4mxL/p:0Fp4JPkWUeatz0k2phTKgX
Score

1^/10
behavioral25 behavioral26
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelImgRaw.tcl
- Size
  
  14KB
- MD5
  
  dda53ed87a7adec44eb01f75179bde65
- SHA1
  
  32f25529833973ab5381a7c4c3036da8b72df48e
- SHA256
  
  dd0b72619f302f67c42c1a4a8fdb099839a197ea3105049317caad5ca569fa12
- SHA512
  
  ab81b112fb4fe36ba2f9304e85b4822132340db9faf9e1ef1dd9d4aee08d7bb216f42eb3f9003c6240268cf4d218603ea5ec80700cfdeff91099d08c0f55f471
- SSDEEP
  
  384:0FXbiJyGIr0qdLz/g1/Ikovs/hQ7kfJmBhZA:0FXbiJyGIr0sT4N8g+zBPA
Score

1^/10
behavioral27 behavioral28
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelMatlabFile.tcl
- Size
  
  10KB
- MD5
  
  b68171a4dd2e179ffb03268e4e36cc44
- SHA1
  
  1e013daebe533b07799ca7e714c4a5cef119ebdb
- SHA256
  
  29005966edbee3dd250dc0665da26fd2f3f26005a624f6c705035f76e4f6c803
- SHA512
  
  1f5b05c4ab1f39c3ec3850b871d6a82196708265946eb2db167891a43ff47a4063bcbce632684ac8c6924a6e36988b0045d81b2ee3795d3be4450e6dbcc1d61b
- SSDEEP
  
  192:lyFJNgTcAISXEkv/wn5X/wd54lICU/w6YQy9WDIlwxBtMOI5t31z0oL:0FJNgTcAISUe/mX/e4lS/STcVIH13
Score

1^/10
behavioral29 behavioral30
- Target
  
  Cawt-2.9.6-User/CawtExcel/excelMediaWiki.tcl
- Size
  
  12KB
- MD5
  
  bc208e4031cd2627f3c210fc88c9fdac
- SHA1
  
  c0e2048727bac17a3ade1ebb01aebaf37898c10b
- SHA256
  
  52c9fbebc05141055d197ba6fc9fe82ef819e2d883b3a8061c760ae4cc389d53
- SHA512
  
  c71c3ed7baae24ccb41a709dea463172d0cdcf0a09a38d6f1e2a8b59d61f2011e227643dcd836dd095d07d7604cadc026c04090543a40e3af1d9241790775cdd
- SSDEEP
  
  384:0FKwZEdttBB4tKDQXtof43lJHCPLkUBgR:0FKwZEdHSoulJAkUeR
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32