Overview

overview

4

Static

static

3

StealthGuard.appx

windows7-x64

StealthGuard.appx

windows10-2004-x64

3

VFS/AppDat...DME.js

windows7-x64

3

VFS/AppDat...DME.js

windows10-2004-x64

3

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

3

VFS/AppDat...DME.js

windows7-x64

3

VFS/AppDat...DME.js

windows10-2004-x64

3

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

4

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

3

VFS/AppDat...nts.js

windows7-x64

3

VFS/AppDat...nts.js

windows10-2004-x64

3

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

3

VFS/AppDat...DME.js

windows7-x64

3

VFS/AppDat...DME.js

windows10-2004-x64

3

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

3

VFS/AppDat...cmd.js

ubuntu-18.04-amd64

1

VFS/AppDat...cmd.js

debian-9-armhf

1

VFS/AppDat...cmd.js

debian-9-mips

1

VFS/AppDat...cmd.js

debian-9-mipsel

1

VFS/AppDat...dex.js

windows7-x64

3

VFS/AppDat...dex.js

windows10-2004-x64

3

VFS/AppDat...ade.js

windows7-x64

3

VFS/AppDat...ade.js

windows10-2004-x64

3

VFS/AppDat...ual.js

windows7-x64

3

VFS/AppDat...ual.js

windows10-2004-x64

3

VFS/AppDat...ive.js

windows7-x64

3

VFS/AppDat...ive.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    StealthGuard.Msix

  • Size

    117.6MB

  • Sample

    240918-fvrb7avcmj

  • MD5

    f5cd50ddad16efa86556383fdcf120dc

  • SHA1

    08f6746c4d65645e7fc040a335c55e600adf807a

  • SHA256

    1624e398132a247c73177d7f2c30699b59c8c6b1c4db7cfc9db4be8b9ac82a22

  • SHA512

    a3cfd0e7ac8887919602e0445edc974eed76f82e5ff4fcc30a2aa4e4a06f3e101afc1d7642f96dd3b0f24e8f137fbbb6e9f2e46e414ed0472ebe49df558da396

  • SSDEEP

    3145728:G/fRxFzC2+R9vySUPFmaPa/MXrnjjf2+wtpeExBcIz7:o3FWN76SGFT8kjS+wtTVP

Score
4/10
discoveryexecutionlinux

Malware Config

Targets

    • Target

      StealthGuard.Msix

    • Size

      117.6MB

    • MD5

      f5cd50ddad16efa86556383fdcf120dc

    • SHA1

      08f6746c4d65645e7fc040a335c55e600adf807a

    • SHA256

      1624e398132a247c73177d7f2c30699b59c8c6b1c4db7cfc9db4be8b9ac82a22

    • SHA512

      a3cfd0e7ac8887919602e0445edc974eed76f82e5ff4fcc30a2aa4e4a06f3e101afc1d7642f96dd3b0f24e8f137fbbb6e9f2e46e414ed0472ebe49df558da396

    • SSDEEP

      3145728:G/fRxFzC2+R9vySUPFmaPa/MXrnjjf2+wtpeExBcIz7:o3FWN76SGFT8kjS+wtTVP

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      VFS/AppData/StealthGuard/node_modules/mime-types/README.md

    • Size

      3KB

    • MD5

      ebac351d49a92bba249f0ce477831245

    • SHA1

      408b5358def667170fa7c41bfdc4bb828e46cd86

    • SHA256

      365573fbe4042cbdf12fc30e4966b45c657c9c1926453acc9a5566ee0d604961

    • SHA512

      cc06ebde9f2a56e35a11b76a6048e637fc0cb42fdc2cea0768ed521cef66da02322f2e01d316e950a91a1e4a1f7a1d0768be39df68c807e0756ccf65c2e869ae

    Score
    3/10
    execution
    behavioral3behavioral4

    • Target

      VFS/AppData/StealthGuard/node_modules/mime-types/index.js

    • Size

      3KB

    • MD5

      46ef7926b08857c43f28effdbe29bb1a

    • SHA1

      3cf07110597dc57987f78debefdfb673eda94311

    • SHA256

      c7ab5bed05f4b98bd9e8eba95ee84182110dcdc41c2562f7613ef38dc8715da5

    • SHA512

      9fb72948f449c41c24e8aa380fc0986dd911ef9bfe287a70e52a798595636aa24a0931ee474540db4e3215fcc2294ce6b5ce24ae1f1d116abca972f6b6e1cdf1

    Score
    3/10
    execution
    behavioral5behavioral6

    • Target

      VFS/AppData/StealthGuard/node_modules/minipass/README.md

    • Size

      25KB

    • MD5

      c4337286f40485fe553a2caa029d043d

    • SHA1

      0dea5d0db57172941b99324d7377b2380ccf5d7b

    • SHA256

      8179fca8266e1cd3b5f8e4d279c8d255515357971f0646ab52366af54148ce47

    • SHA512

      c32926517ef576503571abeb3d3b360d4fb90a809ea4355d9510bae0153a459153948390c1b46b994c3cbf222bc28dbe250c7b3cf814cd404184e27d9d3ab0f6

    • SSDEEP

      384:MyjhUicwSOrboV8mONbnI1ejTJesGd+VZpEl6dfyoUga7cb+h:MyCTwSyoVTWnMeIsGaA6zLagS

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      VFS/AppData/StealthGuard/node_modules/minipass/index.js

    • Size

      18KB

    • MD5

      6cd6e305cb0922ce5e2e9f68c4df7204

    • SHA1

      1e611c864d9e6a84497d3005a7f6a2cf2f40a8b0

    • SHA256

      d86124188d77d38942ee04b0a79013b942524a9b3f761e6114369a52091794f7

    • SHA512

      6ca059e4d7ecfbdf3639b8c43371a21ec00cfeab3b19383e3f7a9ebae09b4d199020415e499ba04da2b7275cb3a07b65e5c01d1795fea567308bd1c7655c22bd

    • SSDEEP

      384:njFrEMc8CIQrEO5Gpk7qBlWJXxK6+EcX8Pj4x0WpFUAPsBAf7BUNbPCpWI:njFrEcUhK3zFaut

    Score
    4/10
    execution
    behavioral10behavioral9

    • Target

      VFS/AppData/StealthGuard/node_modules/minipass/index.mjs

    • Size

      18KB

    • MD5

      647c881baa5642ece5e6f35fa2434a23

    • SHA1

      a1f23f26ac5ddd0effe159a19fe84b5daa5493d6

    • SHA256

      55857eca07d602a1b72b8637518aa535c5faed337f7a98cbb6cbf3ad024b5d63

    • SHA512

      9ca41958ad615bde3d594df958fb63c2390c28c5da39f4523cc8423c82de97aee08fde91eaea2dc4540940ba2057a40613c7ad394dcd6d93a40ddd5d952ce5fe

    • SSDEEP

      384:UjFrEMc8CIorEO5Gpk7qBlWJXxK6+EcX8Pj4x0WpFUAPsBAf7BUNbPCpW6:UjFrEeUhK3zFaul

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      VFS/AppData/StealthGuard/node_modules/minizlib/constants.js

    • Size

      3KB

    • MD5

      23ee85502880cfbc2f205bdf15461ca7

    • SHA1

      ad8afde6073fd8e9ce1bc7e90a77b95c9746677a

    • SHA256

      2c8b3869ab95b226b24d7cc6af62521558fc4fbc871b0f91b4dfeff54bafb848

    • SHA512

      96763d58aef41ca566276bcdd444db943176c340ad87555ff441ae893b5dd527ee27b20bdbca782504ef139ea5138589064dd8afcb0c934dee02a46b872f1cc1

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      VFS/AppData/StealthGuard/node_modules/minizlib/index.js

    • Size

      9KB

    • MD5

      6ea70e4289391410ff637b71a16702e1

    • SHA1

      a2275b19c35774b2ba7722661cac2e7047bbe340

    • SHA256

      fddd778ba9752a20ba3c45c054c42f7d8a180560f90527fa24919f302ff8d991

    • SHA512

      afdf92c5ccae8f6c7e8ec6cf77478831189c03b3d33d18d9e35ea476520b64c66d8aa082a371f66b237945b0c75ab56095c2ee805edc49df060cbd61c893c66f

    • SSDEEP

      192:ahZDMtR2f22oyAUxqjJWPE8PXTRySENygN41taQSSzARJ70mML3nc:ahCtR2ffqjJWPEoTRPLzaJgnc

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      VFS/AppData/StealthGuard/node_modules/minizlib/node_modules/minipass/README.md

    • Size

      25KB

    • MD5

      d1868835d38dc4d01781e938c64e9aad

    • SHA1

      278cb519ae75fc24d0d47a1f9d3b1d02914159be

    • SHA256

      bf1715ca476dc15cbd0b01de9a367a540addc24eb68914a57fb4f879b29a3148

    • SHA512

      58d095f11c991c81a18b735781b723ce38eece8a3a89e418436a0f7627837e7d00ab9329c76e8678a893c93e41e500502cb977d93b31a7266e866f5f78a00d80

    • SSDEEP

      384:IhJO5AaRDhC3jW1GP9mwijOPGMZQbpea1HHCUMKoU7cpcbTh:IhDafcj8GmwitecHCHmcKJ

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      VFS/AppData/StealthGuard/node_modules/minizlib/node_modules/minipass/index.js

    • Size

      16KB

    • MD5

      bc0c0eeede037aa152345ab1f9774e92

    • SHA1

      56e0f71900f0ef8294e46757ec14c0c11ed31d4e

    • SHA256

      7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5

    • SHA512

      5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3

    • SSDEEP

      384:PjFrIA8zJ08TEcGpIuqbI0WXsJY+cHK+34x2WkFUasBq7BmDWC:PjFrIKf8JKjV0DJ

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      VFS/AppData/StealthGuard/node_modules/mkdirp/bin/cmd.js

    • Size

      1KB

    • MD5

      4cdb5f8434ce714b5c98684f5010a02b

    • SHA1

      cc4ec8492cfa4a13de4f87746f23d2b5d44c1810

    • SHA256

      e01e9253a9fcfa53498791c40b881a610e46c668db9eac34d6dc866ae3f61817

    • SHA512

      b2c0b3af285218f83d1f2110bae8aec258dcd098da01a08edcba6ca760aaa8ce0b2779c434bd5ac34eb59e9ae186af48b94b03f060123380a5a4dd69c70c08a2

    Score
    1/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      VFS/AppData/StealthGuard/node_modules/mkdirp/index.js

    • Size

      1KB

    • MD5

      5d6047b2892972b3288edb99a5777a5c

    • SHA1

      4cc25f59f5f1eba59d893da5f3c502880f4f7b14

    • SHA256

      26180b8e5fa0d87525fe263d839cfd5e9dce51a61c735588e7d8c2681cad9a07

    • SHA512

      ebc5a96717ca6e4357cdedd635cec23941e9d22ced9d630f9b3d5e789a60b273dec578ff15e873d834082516a3bfae736d0c8198b104c51c798f65e41fd6f6da

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      VFS/AppData/StealthGuard/node_modules/mkdirp/lib/find-made.js

    • Size

      792B

    • MD5

      22f13e44a895b7a9438cc8a3207623e1

    • SHA1

      7118449ec81e5f2c12f0682cdb8d0291c52dea02

    • SHA256

      9154a9a25313c849f50296ed343fec3898926b7949e45d0826b315c7d9dab6d8

    • SHA512

      26031a0453483d84f5687a9366e714c031eb3c5d102fdacfc3932940b0709c68094bee85e39b87af191a2d59cbabc1ea4a13a4d82b35af6911c0cc7bcfd66353

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      VFS/AppData/StealthGuard/node_modules/mkdirp/lib/mkdirp-manual.js

    • Size

      1KB

    • MD5

      87d00a4bde8700616bd0d93e751259be

    • SHA1

      7c6cdbc91fd39a57ca62127699b9c3ffe58ac487

    • SHA256

      08ae177a4952899ce7bbe3f3cbc49f7746e5d1455b401cb6f8089256daffb0d9

    • SHA512

      c5e7048211ecf3661a1d892d7f0afe84b2dc23e2f65a49d2093af165ef6334d885ec564f72d47083f03e1da7fad96380a39c82c82b6a7bdec63d47b68032ca9b

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      VFS/AppData/StealthGuard/node_modules/mkdirp/lib/mkdirp-native.js

    • Size

      1008B

    • MD5

      354500fab2185552984518e4ff116131

    • SHA1

      1161e5554c2c1a79bf9c9654973ef62672a7411e

    • SHA256

      45f314f32784b7fd547a64ed70ecd6f5cfc83cc208468b0e602a9817aece76a5

    • SHA512

      688023a981518d5af5679856dcad5590136ecffcb0da363ff2467d7c35435488e84526cc22fbafd9c85aeae958ba2113d0b96878695b86ff7e71a372f3eb3ca3

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

discovery
Score
3/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
4/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10