General

  • Target

    wentra.rar

  • Size

    11.3MB

  • Sample

    240913-xynh5stemn

  • MD5

    63eeb2449e6cb1e9896002f19064bb25

  • SHA1

    2f863b7843cc900d53edf911a8efb76be847bfea

  • SHA256

    8ddabb3123e9ce339e10e3a37e583be80b790b415bd81f28ec960e0741fb2784

  • SHA512

    d8a4411128fa69ebb3f57c43f4fb4791a8f39e374c8c57b8d0cafd68848e592c50f463f04cf158df5eeba9dfa0710a937a1542691ad75a45199f578dea8c1ef4

  • SSDEEP

    196608:woVbd8yDhv/3oSowudnYeJetj+B5IgxKo1/resVDdDlbH+riHqy5+Pm4ofn51:wkFaRbYHCMK31DZVBDlbHwYU6nX

Score
10/10

Malware Config

Targets

    • Target

      wentra/Guna.UI2.dll

    • Size

      2.1MB

    • MD5

      fc5aba3c395c5f9098cb8e2f78e17022

    • SHA1

      217061a89757a1d6eb976ad48fb9c93a7a58edcb

    • SHA256

      cad8bb34cf070c10e995ebdb60d9d1b4e206bc763183a8cdfb29e17ffa30dd10

    • SHA512

      148b275edaccd403ee7dcb70e959b29a22ed1c5f61b674afb94af6e9e6b010bb0a7dd9e964d2811dff9c2642a49bb278cc1a838a4f384f5648470187ee83936d

    • SSDEEP

      49152:YTTFBySg6etzcwp8fB0hXGErGn9lut4XrgF0:irG8farRo

    Score
    1/10
    • Target

      wentra/Spoofer.dll

    • Size

      19KB

    • MD5

      b14851dbf9c880fa7e82f473f039e27c

    • SHA1

      6d75857683785ea7a521a276f208a2efd8ff8017

    • SHA256

      592b6be347b53a82d76df7d97abf289ae5d5c816b863adb40aa9d6a5cbd63c61

    • SHA512

      36a38bcebd99313a1a4fe7b766a5b5bb706c1bc7f80e938c8566fb399eabe186d0d556997af4744e4c2e3772e1de7fa209df26c35227c601f7ad9714b0b482f4

    • SSDEEP

      384:RAZiqa8rhY8Jf9l2Dv9xAzbkKf+iFD7ePUkLPyPfkl+vzwjKqPeW:Ruiqaf8t9oubnPgUmwRW

    Score
    1/10
    • Target

      wentra/alperenxrq.exe

    • Size

      11.9MB

    • MD5

      bc9ea1f205d6e0e52cffd65e0d5535c5

    • SHA1

      275646802d56921b1f92231d27da935048f53864

    • SHA256

      1bd7b1beeaba06d9f0edc6d8cf9a2f999b5b4db5a9a053ed0d9c1e06c4ee3aec

    • SHA512

      ddd0a6c97688429645a53143801432638a29bb2f6a602fcd715e54e1f36b5ac62a4daa258495713657e3ef68d3b6964d3b08eb55f6a0d9dc2322c7af99d626f9

    • SSDEEP

      196608:xJQNljpryeo6GdTbYFzLzpl80JXQT4EnbUaAf00BU3Yg7MPrDhdYTQ4ILDlL:XQNFpryrddTbYTlvJubUaT0cgPr1d5

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      wentra/runtimes/win/lib/net6.0/System.Management.dll

    • Size

      284KB

    • MD5

      83cda4cc597e6a0b2ebbd1b8f41e94d3

    • SHA1

      10415fa323a21d412eb36e583a98385088065d61

    • SHA256

      aa474c96b9fd17cb3580d89bb8eb716cb1407c89026b5e8180402666eeeb766a

    • SHA512

      ff7d869d416e3c47c082b8bd2d6907bbbe457d17d093cd84f66d42b978d143c088e008388041b440b01f7d82e373dde9b1b5c1acfd9553f98a63fa579d7ec8d2

    • SSDEEP

      6144:HG17jgxtTSfK7JK7XUUmhOzZiRZHhGASipzvZhHcx:HG17jgfefK747ZmhOzZiRZH2wgx

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks