7ff8d9f30b71199072b69ca2fd3c29b1ab3a8298aeb75407a425626c61abfd89 | Triage

Sharing

General

Target

YENI_HILE_THE_MASK.rar
Size

1.4MB
Sample

240913-s32jcawalj
MD5

5c9e087c4df7c3fcb07fdc8426657531
SHA1

ad7f41ac663386f9b97eeef81ed08113efe89408
SHA256

7ff8d9f30b71199072b69ca2fd3c29b1ab3a8298aeb75407a425626c61abfd89
SHA512

99d8021555c0b5a99aa351a3301a9a833a593159b571ecad7935b832063b7bfe94c6f0bf158c6241832bd47699806fcc47d800ddde8d56556ab93e80bb00258d
SSDEEP

24576:al2OaH9WHPChPccfi/T2WjsZHbfzGO623bf2Ts87LxvctM3PNe/NeABVwhonrv:al2jH90OPccqLUZHek3b+48ft3ENzBVH

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  YENI_HILE_THE_MASK.rar
- Size
  
  1.4MB
- MD5
  
  5c9e087c4df7c3fcb07fdc8426657531
- SHA1
  
  ad7f41ac663386f9b97eeef81ed08113efe89408
- SHA256
  
  7ff8d9f30b71199072b69ca2fd3c29b1ab3a8298aeb75407a425626c61abfd89
- SHA512
  
  99d8021555c0b5a99aa351a3301a9a833a593159b571ecad7935b832063b7bfe94c6f0bf158c6241832bd47699806fcc47d800ddde8d56556ab93e80bb00258d
- SSDEEP
  
  24576:al2OaH9WHPChPccfi/T2WjsZHbfzGO623bf2Ts87LxvctM3PNe/NeABVwhonrv:al2jH90OPccqLUZHek3b+48ft3ENzBVH
Score

3^/10
behavioral1 behavioral2
- Target
  
  YENİ HİLE/Extreme Injector v3.exe
- Size
  
  1.9MB
- MD5
  
  ec801a7d4b72a288ec6c207bb9ff0131
- SHA1
  
  32eec2ae1f9e201516fa7fcdc16c4928f7997561
- SHA256
  
  b65f40618f584303ca0bcf9b5f88c233cc4237699c0c4bf40ba8facbe8195a46
- SHA512
  
  a07dd5e8241de73ce65ff8d74acef4942b85fc45cf6a7baafd3c0f9d330b08e7412f2023ba667e99b40e732a65e8fb4389f7fe73c7b6256ca71e63afe46cdcac
- SSDEEP
  
  49152:NNEVtO1U1y1DDDDDD7Llngq7NNMqU0p2Vhk9a:NNEVJyZlng4p2V
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  YENİ HİLE/ZeroV3.dll
- Size
  
  5.8MB
- MD5
  
  1c4cdfdadd6e6cc8698c7bd73fdd15fa
- SHA1
  
  9dc72ae5619ba1798543687118dfce5d5a8f423f
- SHA256
  
  5537f0936ae16ed5929e83281fca8fc0f10964ef4be4ecc6ef34a2a77cefe45b
- SHA512
  
  9209ccac8b57b6a7ed1ea59aa858bd1e227c1f16032c0896df5d975bcab27226551bcdd41941be74326cd54ed4945cc9c8ba4a5da38159f3292c6949fe7978df
- SSDEEP
  
  1536:R7OfvSYeTbcqkgu2WjUbfPxSa2ps8/xo1VoYlEm0F:AfvStczgPWjUbRn2pNxo1VW
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  YENİ HİLE/ZeroV3.hl.exe
- Size
  
  179KB
- MD5
  
  12b9674d5a68f829f20214644e67baa3
- SHA1
  
  9f2681173105f628c7cb14b57540121c5dc667dd
- SHA256
  
  88132922084d88a606d4430b1903c2c7d2b48e4b1467253c3a51ed00b05954c6
- SHA512
  
  c1c47d6d7f2ec3d2cf6a50fe85acab653a4e81d7c56a2f1972f7de0b686272c3cb03f59be9512acb4530b94bbe90d4b81b00682d4413ed62bc69b6033a43a073
- SSDEEP
  
  3072:O2qkbSLWyjCkRtc8lsAR8Z4GkZypFuX6HNwTBf0aeEus/aL:xH+ayW8fWOCDRY0ouAK
Score

7^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  out.upx
- Size
  
  190KB
- MD5
  
  541fcba91b4381411b2b28754e82bed2
- SHA1
  
  3eac669a3dd83faa6a03e5fc4427fcb510cc8e78
- SHA256
  
  fae8c3960b919221e12d8b5084732e0188d4a5eec8bde1429564925ee80987fd
- SHA512
  
  bb90ec63fbd87989057d57b9203a516fa47c48be5ea681d3032806e4ee32b1893cb8bb8eefaf95a81038cd7e865b93cbbed1432faafce7a7d4b8f3bb52d2717e
- SSDEEP
  
  3072:ppiebSLWyjCkRtc8lsAR8Z4GkZypFuX6HNwTBf0aeEus/aL:pYe+ayW8fWOCDRY0ouAK
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  YENİ HİLE/Zerov3.asi
- Size
  
  100KB
- MD5
  
  fb72c0db020e1aeda78dc2d686fa1950
- SHA1
  
  4e3e0b5e50f388a09790b3aee0f4fa01d1d0bb6c
- SHA256
  
  7b03e94b6d075401ab792de77ec18ebbf6cd54b4bee96ca928619bdd1ac35085
- SHA512
  
  af50e03678354b6be0c3c9ecd10e6ad5de0dde5a2e961b7c1b1281866b99335f425d986ff83f4b41549159c5cb7337a202ad75e27daec148c3a707075dabc0b9
- SSDEEP
  
  1536:QQxqcQBz2MEc9TWwLHTR+B8lx3WUowNU:PJMt9BLHYB8HWnsU
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  YENİ HİLE/Zerov3.ini
- Size
  
  10KB
- MD5
  
  6f45b8cc5e80ff6c348bada9780108b5
- SHA1
  
  b7272402e1da3beabd4735d4a2ed020a4f2c90dd
- SHA256
  
  48ffbd94d87349ccf6f7e66fa637e6627cbf9d92019537b0679b3cb82f85f5e0
- SHA512
  
  feb378445506fbeeb2a054b334408a037c74be41c8d8e969a389d492eca0ce284aae4187acc8857031ed502f416d8f8b9391800b4dece27ec9178a8a90f166e8
- SSDEEP
  
  192:m7aszLb6yxZotZZotlfoiNZynfydDMoNGybGyqPGym4foVwfoV1foV/fyRfyCfyO:m7D/6yxZotZZotlfoiNZynfyxMoNGybF
Score

1^/10
behavioral13 behavioral14
- Target
  
  YENİ HİLE/injmthd.ini
- Size
  
  1B
- MD5
  
  c4ca4238a0b923820dcc509a6f75849b
- SHA1
  
  356a192b7913b04c54574d18c28d46e6395428ab
- SHA256
  
  6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
- SHA512
  
  4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16