5366657e96a7e5477a37c0c7a59bfcfb7d06235a3a9e796d9e218de875cbcc5d

Sharing

Copy URL

Twitter E-mail

General

Target

infected.zip
Size

27KB
Sample

240906-2l9m3a1gkn
MD5

1ab9f0da0a91d815532681e7121f66df
SHA1

1572548f496e630b6e0aa5ce7fc67109569080e3
SHA256

5366657e96a7e5477a37c0c7a59bfcfb7d06235a3a9e796d9e218de875cbcc5d
SHA512

1f1f2a01f0c2f0048ea845c4a74b6f5f4cb3584156f54615324ae102eab0a5494508d89e2f8f252e04948e73c44977b697815fb59371402e8ac3afeb560168b4
SSDEEP

768:QOukPFHNLitSXTH2J0zKiZ2y4E5wS7evZWSoG87N:hd1xy0ff4c407G6N

Score

3^/10

Malware Config

Targets

- Target
  
  infected.zip
- Size
  
  27KB
- MD5
  
  1ab9f0da0a91d815532681e7121f66df
- SHA1
  
  1572548f496e630b6e0aa5ce7fc67109569080e3
- SHA256
  
  5366657e96a7e5477a37c0c7a59bfcfb7d06235a3a9e796d9e218de875cbcc5d
- SHA512
  
  1f1f2a01f0c2f0048ea845c4a74b6f5f4cb3584156f54615324ae102eab0a5494508d89e2f8f252e04948e73c44977b697815fb59371402e8ac3afeb560168b4
- SSDEEP
  
  768:QOukPFHNLitSXTH2J0zKiZ2y4E5wS7evZWSoG87N:hd1xy0ff4c407G6N
Score

1^/10
behavioral1
- Target
  
  .env
- Size
  
  36B
- MD5
  
  65031d96a91b3579bae7b8da384d1000
- SHA1
  
  42bfd72cb37796aef204f60f50a2f3aa5b55a6fe
- SHA256
  
  7f361ef6bddefde1fe9c552ecae97b4cf020da64e76c161f0c674a5b1bc418ea
- SHA512
  
  e083ab51f75cf7a22c5e487cdaa365e2a4677c6e4be5948d06086dce73dcc9f9de63ad042199f9e29268075e65263ed49cc4382384a7d4f291d30e8a7741a973
Score

3^/10
behavioral2
- Target
  
  afk_data.json
- Size
  
  36B
- MD5
  
  3bad0b721ca1a57bf126f1244f6be3a4
- SHA1
  
  42a473ea1c5d7f69fef222a2b8bf75fd649b8066
- SHA256
  
  10e1182ace3c154ab14f72fc451b940b5cd69c53b5c0b56db21fe7b59651ec30
- SHA512
  
  cf11aa3b6b44b9863058cf9f2801a24815bc95f8ec078c55a122c1746da48e6c15a6d1fc83768d7225a001bc5506e8ae3bd4d5eef74c1112780d3dc71c818daf
Score

3^/10
behavioral3
- Target
  
  auto_messages.json
- Size
  
  2B
- MD5
  
  99914b932bd37a50b983c5e7c90ae93b
- SHA1
  
  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
- SHA256
  
  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- SHA512
  
  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score

3^/10
behavioral4
- Target
  
  auto_responses.json
- Size
  
  2B
- MD5
  
  99914b932bd37a50b983c5e7c90ae93b
- SHA1
  
  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
- SHA256
  
  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- SHA512
  
  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score

3^/10
behavioral5
- Target
  
  cogs/admin.py
- Size
  
  8KB
- MD5
  
  de6bd723d9920d3875924b254d00075e
- SHA1
  
  34e905744564bca287f5c6d03abc4a59a7907df7
- SHA256
  
  07f3235331bd170dd0fe4027eade998e7435ec81277f5a86ad1ea2d8df9ee648
- SHA512
  
  1200e22073fb77475b84508d05fc95703561495c34fd69384596bf3763303526dfa7746e333025f50db6246270efc9ee02320d6059378364b64e386d78ff97b7
- SSDEEP
  
  96:1BpK2e7ejapy3e95G6IlLQ0d8+1dJ6X3THk2gV28Q22/J2vh+sQI5:9Mej0y3eOX0+1L6HDhZD/85++
Score

3^/10
behavioral6
- Target
  
  cogs/afk.py
- Size
  
  2KB
- MD5
  
  d6af6710b84ed5bf8a92e69bc25a5342
- SHA1
  
  b3c36c3dfb363ba64bbd8f47019eb5f2b20454ec
- SHA256
  
  39f1f8f24bed40ba6e1d40204227d87fb4982247d6ab848c3719f2eaeb24c721
- SHA512
  
  1c62ce6407855013027255a0269bf06b5e04de5cb845d75921a1d8de1544c3ca5f1ea5e48d985c0ef70c3fe99c77338e2a7fc2a43944fb0a8a09da39b695ee02
Score

3^/10
behavioral7
- Target
  
  cogs/auto_messages.json
- Size
  
  2B
- MD5
  
  99914b932bd37a50b983c5e7c90ae93b
- SHA1
  
  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
- SHA256
  
  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- SHA512
  
  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score

3^/10
behavioral8
- Target
  
  cogs/auto_responses.json
- Size
  
  2B
- MD5
  
  99914b932bd37a50b983c5e7c90ae93b
- SHA1
  
  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
- SHA256
  
  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- SHA512
  
  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score

3^/10
behavioral9
- Target
  
  cogs/automessage.py
- Size
  
  3KB
- MD5
  
  fb1c0963132d5fe9de621d93d3e26a4f
- SHA1
  
  46ca8ba2c009f0df91ffea0b226175ee81ee0e2c
- SHA256
  
  24b345d79cdca52e3cf7d9be4fb8eb2b7283fc876ba1b4f62dd3a838edbaf121
- SHA512
  
  46d1ba43079f70525b918c38b4b0ba0287633b8f198e912b368bd2c90c532f5138b1fb784ee92ea93672be15cb029088c030de5f83992d53703e04b08b4b6ce4
Score

3^/10
behavioral10
- Target
  
  cogs/autoresponder.py
- Size
  
  2KB
- MD5
  
  927be71aa364b367fa745f8e75797097
- SHA1
  
  88e01dc22a5551ea5011b48d2b58aca26bcbf552
- SHA256
  
  113a7b2dc64ce6a920fd3ade77f615fc6fef46bea06a35e1bee095e737b53c73
- SHA512
  
  da4c50e2bfebded9045177600a580df80240cbc1a214cbfe0320fe29b38e2da0e5f68a7b951896e9fa7c53dc4c59db82d0d5b797024ed2f677bee527d60cd4d8
Score

3^/10
behavioral11
- Target
  
  cogs/crypto.py
- Size
  
  9KB
- MD5
  
  6e665a88075494958b342ab36915fcce
- SHA1
  
  6d76faf6c1b1daedda4f8c5de3b8e007bf08efb2
- SHA256
  
  538ba908aa76de7582629ed0db9242c1823d7b775079e2e4552aca25174b85b6
- SHA512
  
  7664d3a9e1fac2e0fbeb47bbc9ca118ebaa7205bfef11165f59452ec9ffc08009b6f5519ce985ada491093ecf8521d27ef70004604e821d397562985ed500188
- SSDEEP
  
  192:ZloREpVJgLRLoK4LzLGKLdjEMiQr20H5LRLb52LzLEPLBcyzj2rLgL0i2LzLYPLS:ZWEpgFEPvrRjETQK0H5FHcvKFcyzj2rF
Score

3^/10
behavioral12
- Target
  
  cogs/dump.py
- Size
  
  8KB
- MD5
  
  727245f4b02f7a6d5df1cd244001ce9e
- SHA1
  
  daf140cc290d3e7193885b739eddf982e8ba0183
- SHA256
  
  c349125c6cdce540a63505ec75e0d10dd5a5568a8a80b9da08913d783a06af8e
- SHA512
  
  762c2ceb869ad941876cd7e9c5bee42d0068584031287f9c787012812d41670d60c3d7177133b5b223ac86a1de28b39f98bc06655fe2d05ee8737899eb8de267
- SSDEEP
  
  96:9Fkn0De//nTXY26fzTNPRZ4xZbODzUY8SXBs8wUrUZl:9dLN8wPVM
Score

3^/10
behavioral13
- Target
  
  cogs/fun.py
- Size
  
  12KB
- MD5
  
  1f51bbdf5d74bf424b3a2df5d13c61b2
- SHA1
  
  4123d1f01bf0ea282a1499b58306b3bb6449a42a
- SHA256
  
  f21ca64617a78d704d0facd1a46f26e74c2f8106994d6f8099488e484ffce7e5
- SHA512
  
  ec2c77633b3adf0f7c381f9b975a7fbfd2ba5d17fbc0022421816d0e048fac9c40820edca18bc9e9e31c82aab4123df67934fbcd3a128dad19fbc3071c056a2e
- SSDEEP
  
  192:Zv3F1slQ3BgB0k1Zr35KKldIfSAyKZmcxBRtcSf9:xs+3BgN5KSdiN
Score

3^/10
behavioral14
- Target
  
  cogs/hentai.py
- Size
  
  6KB
- MD5
  
  98e400911344b5bf1023a96c2cbdc77d
- SHA1
  
  1cb2184b2b3f1774bf7407eda0fa94f059b09edf
- SHA256
  
  23a216f41032cd86660aa45ef8676b6c2245c1fb7e9402e8a4b5a96dd8b230e6
- SHA512
  
  77efd5cb08b9706883a85058e9e7cd2703083db5690ff5396d712b37a35df6e2b0e19472ca315d8acf5b48970d22ab5a4c1faf48b160ad07f04119b34727f8f6
- SSDEEP
  
  96:9FwNs8ENEhCEf0E6BEP6WE1kE4tMEaQsEJN1ESRE3ZbEXSWEq/EHZ/:9auFxNoZ0FGLDqZ0F+
Score

3^/10
behavioral15
- Target
  
  cogs/image.py
- Size
  
  3KB
- MD5
  
  3059ffc21eaef53054f8dea99e08b725
- SHA1
  
  74a1c3aeec2aa6d0ea79f0bce972a5d5bb4b8fad
- SHA256
  
  d9c46ec754d49b33740ae8b42a756393030f97dd4d77a6e7e44069c394ea184f
- SHA512
  
  940c36508d5107dc88ea03fd80583c35d0b2cd0bf1744e124d0f78f2fcf4e99067854b6059ca1c97cc6a63c01253dbe813f53574c94d8270a7d273fd4f7726b3
Score

3^/10
behavioral16
- Target
  
  cogs/info.py
- Size
  
  10KB
- MD5
  
  844baee02288f1cc00b868177c764055
- SHA1
  
  7a2f6f0f419e8eaba4b9fc245849fbdd291be36e
- SHA256
  
  71b1519ab7bfefef06e7e46077f1ed7321a9277d85833ac76e3d0dc1a843639f
- SHA512
  
  2dceff2c405af16f1a76bb6a2f7970649e62fa999d15238044952a306185b287bd11260317ba0aa8c88b2e93d60e96db71c5c21bc2716e506073d5f0b66d2d65
- SSDEEP
  
  192:l6JDPwL2foimRwGcpuutY+TrFYUKPHOUE9zEEtqCpdWFCXd2THCDbqjH8dL:g+agJRwFQufrWrP3E94EtNp8EXcTHC5Z
Score

3^/10
behavioral17
- Target
  
  cogs/nuke.py
- Size
  
  6KB
- MD5
  
  3a9d67dc656566d205cf555ab3837e79
- SHA1
  
  81933db35c11f504bd099320a507043ed12eee1c
- SHA256
  
  48626877c1742916109604fee697d018856046e62cf1c871fb1427ab061d79cc
- SHA512
  
  40b6cad816a175ad97ff18e5b14ad53059d411aa090afe2d57b2658ea871b3c4861995cbd505513c64efc8f5c202372019712640c09f169a9be58fc2e8f9d4dd
- SSDEEP
  
  96:1pzeH9/NdVSsfkHPmOtBkgAlMWzi3VMBqcd3dZ:fs9f8maQ2FM0+7
Score

3^/10
behavioral18
- Target
  
  cogs/status_rotator.py
- Size
  
  2KB
- MD5
  
  9dbc4fbcf468e9d7b6ee37931ea89f01
- SHA1
  
  e0bffffa4aba9ff0f830a8953d06f32fb81c0c92
- SHA256
  
  0fa8fc96fb4fe93d8b8980661efab044dcd86844f9d2a2cdd3002d5a74bbe4d1
- SHA512
  
  1d3d99151cd99ad7e19a77bda2388b57ba779ed175c4f2452c7a2dd98a2c6259ddb2e70bdc9b16601145cc56924615de7f9443972805316131d91887ee21c0ea
Score

3^/10
behavioral19
- Target
  
  cogs/utiltity.py
- Size
  
  18KB
- MD5
  
  d3a2fc4a07e4283791b74ea410fb62e3
- SHA1
  
  6dba12a250fa1cbb65e034d97908673608f9283a
- SHA256
  
  d0a61bc2e1bf27223fcb722308863ee7cfe5009eb115e8b8e670b04ff30a3b6c
- SHA512
  
  7298bdda4a95a3e2d6d296c17a8464ea0e717a41c075316a4d32265f278c8e9789e95ad73a206ee8babc1dcc62dd61a7ad00568078cb27ce4762dbaa5f708134
- SSDEEP
  
  192:wocQoroShn3nVDCQ1zFCxiQp3MhRMT1EQUCRZkzStH6F0Yxpw1tUv5:eQoroShn3VV1JqM6T1/GzSJIv5
Score

3^/10
behavioral20
- Target
  
  cogs/vc.py
- Size
  
  3KB
- MD5
  
  1dc7d86cd553f89dd79f0209a6839000
- SHA1
  
  92546c5b7643943fc79fd50a8afcc6292d220c24
- SHA256
  
  a7bd2d03fe9423cf030b2ecfbf3641f675c8dde712104c4346fa6562aaadb7d5
- SHA512
  
  8eb125fe84ed0bdcc943079b52caf0e580633ae7f5a4e054fd056058161f13b1fc5f5215244313ee2391386998dfd6ac22386b69e01fd04eeb858174c0889d90
Score

3^/10
behavioral21
- Target
  
  infreq.txt
- Size
  
  132B
- MD5
  
  7f44ef6fb9f86bb4f97e9b472c237939
- SHA1
  
  5ceada8b9c817c1bacf22b564198ab38e4def785
- SHA256
  
  49e3d90296c5b68dbefe39de7aa47169ec3dc50b4d7dac87f854d2110611eb2e
- SHA512
  
  f8ffdae0baf2d465b222b5253ed63ba4aced89e1b160af730d42ed2eb2510e57b277988faa139395abdae6d38c08464dbb17b7e4bcb26d22e198434fd9cb7d22
Score

1^/10
behavioral22
- Target
  
  main.py
- Size
  
  3KB
- MD5
  
  a496e72f3c983a46b68dd3df93d54544
- SHA1
  
  60ce7861d15977c2831274356515c0e728cdc72f
- SHA256
  
  6d04c27fc7e535f62db7b7d5ddbbfa587e211c6eeede849181a0282e9694d4fb
- SHA512
  
  217c5e81a85c8dab3b1007ad86c08bea0d2a3716bdd0935f1fab8f91048c781bc8c46cab50ba09560e878500b1e95d073f9d87f30669de29f03f5c608f9268b2
Score

3^/10
behavioral23
- Target
  
  readme.txt
- Size
  
  769B
- MD5
  
  6bc0eface078019e3d24c43be8bd48fe
- SHA1
  
  5c4638b5e241e24b0a6db315f4cee60e61a11d80
- SHA256
  
  27ac17145d05e5073f82428d0ac03ad22897598e80e012c89a77f0e80659afe2
- SHA512
  
  c944b4f1242facd6c1311c1f0dc01bc2aec9950a8fbeb37fc45c2ac973055c7bce022e6e0592515fb4ddf0e4b2ff9ed1ef7257bd2636c709d553a5db440a2ec5
Score

1^/10
behavioral24
- Target
  
  status.txt
- Size
  
  156B
- MD5
  
  f35ef9cf47bc8dca2ad6ab0bf0543761
- SHA1
  
  690663c45c3525c9a895f73d1600bb67691a05db
- SHA256
  
  dfa04e6c79b9704f3d09e6729649fa35a94752f276439addb628854eebc7cd20
- SHA512
  
  2c253b7444278c76a3b040830f4691664f540cac5cae7386e91a1a12e7a2c49e282bd74ab3ceb3e1a10ebc04bcb0350b27bc27a462c0a8790ee52ebf1a922283
Score

1^/10
behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25