599c64bba52c0d1fbfd50c810beddc1ba54ce31faa6052fff015033b10fc01cf | Triage

Sharing

General

Target

599c64bba52c0d1fbfd50c810beddc1ba54ce31faa6052fff015033b10fc01cf
Size

9.0MB
Sample

240919-ekl42szgjp
MD5

839f9bd480222113eb4eab5b5eff9d01
SHA1

83fb5eb21426cb982d85e93ee97ae21b72b7c2b0
SHA256

599c64bba52c0d1fbfd50c810beddc1ba54ce31faa6052fff015033b10fc01cf
SHA512

f5bd1e4d7f5cd5aa2d88fc71324c4f2aa8589493cc857e8f87c6e996f8ec922e66dd3b39d129283911c1522117d87a423739ec870248557d32b6681b2252982c
SSDEEP

196608:uAKsUMSNJfXoAC85rqjMA4G6dufV5TvZKMxTq1IbIOCzSjXUANy:u1YX85r4SQf/jlqlegL

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  IDM/!!װж.bat
- Size
  
  6KB
- MD5
  
  a6b1f69f95e76b3bd41d8aef72c6cb45
- SHA1
  
  254faebdeaeffe6f1b230c3b931d6b8968043e85
- SHA256
  
  2a0ce354ad26295cdaf36ca8dda63f5257dfc5aea7585adec5b28a486584cb41
- SHA512
  
  9235a2ec3a685fc83783fc150db75114733af285ff5ff7862debd61734175b4349d02626c4eedc9e63fbcd595d013dc8e26a5b237ceff8c52f40f1cbfa510dd3
- SSDEEP
  
  48:VwC8o6/nC/XnxHu8LC2m9NN0FzuUXRTUZgTC7XOBU05Xj14/uvWqIt5nb47IJ+fR:t1caXnxVOhSoXh8zrCJVBUja3Qa+Rl0a
Score

1^/10
behavioral1 behavioral2
- Target
  
  background.js
- Size
  
  59KB
- MD5
  
  cbf6653353caf78b54275dc5b40b75b2
- SHA1
  
  504eb86e289077cda77b96ed730ad7bd9de189a5
- SHA256
  
  8edd8af95ad6055c736aae55ea4f1c6d32eb7da6641a38b635e09e683573525e
- SHA512
  
  721950e344d29352757a27280b9af10ef23b2790c58d2433567d70a958f12be8474df2d25e4ec31ff3092b70be4cb3181f97dae2be821b1abaa5ab63c9a38020
- SSDEEP
  
  768:CkD2lGSrElKTj14BLmVOGW8hUmD9uFY/I5lJKoMiJ0z07yegbCtA2+mTqj0:HKE0T2CYNdYu1lRJ807rgbCt0m1
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  captured.html
- Size
  
  2KB
- MD5
  
  f35b53a857b516423ef2411e797fd966
- SHA1
  
  3b2261a6c72ab5325b8b6dc644154c0bb9cffcec
- SHA256
  
  2c387e39ab78ab8f283d623a16b946285cda96daf1ea86e20bc4baad68cfc49f
- SHA512
  
  10b0a8bfc957f6be3c3e54b3672938c7ec00dabe098ff751d4b36424dc76a2dcf1ccc02fc281e6d7d308376ad1288642125c8374cfff9511bc140b687c5dca55
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  content.js
- Size
  
  25KB
- MD5
  
  49ff14e2bb0a069821af232386344ef6
- SHA1
  
  2ec250f3c2ddb8998b3d5ac92d728f46deba7ac8
- SHA256
  
  772f2450ea1c0bf858691344aba4909cb63281fe9d51f5406a3b46220aa02eb4
- SHA512
  
  a166455292bc8a4b06b1dd7efa76744aa182839432a34c5ec573740b27f99a7fc7b25192ab62f4e7adef5d28cadd39dcb035d143e694e3ebfa061bb467d3207f
- SSDEEP
  
  768:bidzU81f4UjrVIxt2LwvzapVHC/NjhkeFf4OOKH56fav2EH7:bMU81f4Ujra72LWza3i/NjhkeFf4OOol
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  debug.js
- Size
  
  684B
- MD5
  
  913dc96d901f5f7a9b94c8d5d97e7f17
- SHA1
  
  1dfc109d7285c028818ba460b47ac61bdd7709d4
- SHA256
  
  842f312d5c68f3d1924229e8b55b1d7738308748d3177f8f71159b86830f01a6
- SHA512
  
  85f38b1d97e8ba3056ae7b3a8d079bc305a43ae6f8690f61655fcfdcdb6d3c109cdca43d33d08f6dd6636a1dc9b7fac51b3ac73cd53b1a90c16ed04a4486e9ee
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  document.js
- Size
  
  2KB
- MD5
  
  a0736f38adda9919c53fc757b4c31b2c
- SHA1
  
  14e5844d74a1e991fc35466be38b7a7043bb49a1
- SHA256
  
  86ae414b5cef3a0041ed3f7a4c2b26f79c64550fa3261b60b9400abc61e85eee
- SHA512
  
  262c18118067afd7535a39ee4e45064ce282fe911698f544561ba546b1a697c3d5155f0ebf8500e04be9bd762382679074a4e5a11f1e98b61676fb7f962dc963
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  welcome.html
- Size
  
  8KB
- MD5
  
  10c353e38104dca78317ab4ac634032c
- SHA1
  
  227cd9d0347d6f0f19462e4291c9c945e06cb441
- SHA256
  
  eccb095eb043b1ab896876d293615d086e5fd7c0bbe553791b63761610a154a1
- SHA512
  
  28f38aff66b5e3e2b1cb363cbbac4fa46b55c82b09c9e32f763b8c9bfcaf512da602df83e68bba427cd3143b54c0f17afd470e5dbc95a043f4ac391b9d639f9e
- SSDEEP
  
  192:GoDieDzB9K741IhS/isVomwTZRSBGF2GXnN8SGvoySYNumAcHdkhkfo:RH8oVKTZRYG/3BGvoySWumLHdkhkA
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  welcome.js
- Size
  
  2KB
- MD5
  
  062a825e6c487370fff1cbf455fe5c3b
- SHA1
  
  feca60e69f21b8f5c13ad5cff6812ff211fcfbf9
- SHA256
  
  ed9b0f5afa38d5ecf3ad2e4f28adbb37a97219bddebcabee8808d4b4bb91fabf
- SHA512
  
  f3086c951f70177d9744426e402d7289208de442ffa233d603bd6ccef5ad54cd1226db9f7d7259921e49d6aea6a9ebefa989076a42fc14dd2701ec87a636b6b2
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  IDM/IDMFType64.dll
- Size
  
  51KB
- MD5
  
  c976ceb4be1daf3a848c11a4adf224ba
- SHA1
  
  9ce2b9c6a3cefb6b5be69572c0c30f87322ef145
- SHA256
  
  0479dda9f82192a7c8881413f8ca6a220e63a4811efadc497dbefc0f4c290441
- SHA512
  
  3cb95b2048f5c62002656fec25c529caa6327481c0351364f1168a88583facf09631a7c20ae2fe125fd8eef422095528acf27183b242a5a36bcce45c4c327cb9
- SSDEEP
  
  768:eak1cQ6KfFSF1F2Rcyg1wgRKZMMNbKYk4PHQBpjhXnZwPs0DDYW1MmOdbCk7v:KLwL2Rc7caIbKYrKpdJwPVDRDOlCk7v
Score

1^/10
behavioral17 behavioral18
- Target
  
  background.js
- Size
  
  59KB
- MD5
  
  cbf6653353caf78b54275dc5b40b75b2
- SHA1
  
  504eb86e289077cda77b96ed730ad7bd9de189a5
- SHA256
  
  8edd8af95ad6055c736aae55ea4f1c6d32eb7da6641a38b635e09e683573525e
- SHA512
  
  721950e344d29352757a27280b9af10ef23b2790c58d2433567d70a958f12be8474df2d25e4ec31ff3092b70be4cb3181f97dae2be821b1abaa5ab63c9a38020
- SSDEEP
  
  768:CkD2lGSrElKTj14BLmVOGW8hUmD9uFY/I5lJKoMiJ0z07yegbCtA2+mTqj0:HKE0T2CYNdYu1lRJ807rgbCt0m1
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  captured.html
- Size
  
  2KB
- MD5
  
  f35b53a857b516423ef2411e797fd966
- SHA1
  
  3b2261a6c72ab5325b8b6dc644154c0bb9cffcec
- SHA256
  
  2c387e39ab78ab8f283d623a16b946285cda96daf1ea86e20bc4baad68cfc49f
- SHA512
  
  10b0a8bfc957f6be3c3e54b3672938c7ec00dabe098ff751d4b36424dc76a2dcf1ccc02fc281e6d7d308376ad1288642125c8374cfff9511bc140b687c5dca55
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  content.js
- Size
  
  25KB
- MD5
  
  49ff14e2bb0a069821af232386344ef6
- SHA1
  
  2ec250f3c2ddb8998b3d5ac92d728f46deba7ac8
- SHA256
  
  772f2450ea1c0bf858691344aba4909cb63281fe9d51f5406a3b46220aa02eb4
- SHA512
  
  a166455292bc8a4b06b1dd7efa76744aa182839432a34c5ec573740b27f99a7fc7b25192ab62f4e7adef5d28cadd39dcb035d143e694e3ebfa061bb467d3207f
- SSDEEP
  
  768:bidzU81f4UjrVIxt2LwvzapVHC/NjhkeFf4OOKH56fav2EH7:bMU81f4Ujra72LWza3i/NjhkeFf4OOol
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  debug.js
- Size
  
  684B
- MD5
  
  913dc96d901f5f7a9b94c8d5d97e7f17
- SHA1
  
  1dfc109d7285c028818ba460b47ac61bdd7709d4
- SHA256
  
  842f312d5c68f3d1924229e8b55b1d7738308748d3177f8f71159b86830f01a6
- SHA512
  
  85f38b1d97e8ba3056ae7b3a8d079bc305a43ae6f8690f61655fcfdcdb6d3c109cdca43d33d08f6dd6636a1dc9b7fac51b3ac73cd53b1a90c16ed04a4486e9ee
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  document.js
- Size
  
  2KB
- MD5
  
  a0736f38adda9919c53fc757b4c31b2c
- SHA1
  
  14e5844d74a1e991fc35466be38b7a7043bb49a1
- SHA256
  
  86ae414b5cef3a0041ed3f7a4c2b26f79c64550fa3261b60b9400abc61e85eee
- SHA512
  
  262c18118067afd7535a39ee4e45064ce282fe911698f544561ba546b1a697c3d5155f0ebf8500e04be9bd762382679074a4e5a11f1e98b61676fb7f962dc963
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  welcome.html
- Size
  
  8KB
- MD5
  
  10c353e38104dca78317ab4ac634032c
- SHA1
  
  227cd9d0347d6f0f19462e4291c9c945e06cb441
- SHA256
  
  eccb095eb043b1ab896876d293615d086e5fd7c0bbe553791b63761610a154a1
- SHA512
  
  28f38aff66b5e3e2b1cb363cbbac4fa46b55c82b09c9e32f763b8c9bfcaf512da602df83e68bba427cd3143b54c0f17afd470e5dbc95a043f4ac391b9d639f9e
- SSDEEP
  
  192:GoDieDzB9K741IhS/isVomwTZRSBGF2GXnN8SGvoySYNumAcHdkhkfo:RH8oVKTZRYG/3BGvoySWumLHdkhkA
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  welcome.js
- Size
  
  2KB
- MD5
  
  062a825e6c487370fff1cbf455fe5c3b
- SHA1
  
  feca60e69f21b8f5c13ad5cff6812ff211fcfbf9
- SHA256
  
  ed9b0f5afa38d5ecf3ad2e4f28adbb37a97219bddebcabee8808d4b4bb91fabf
- SHA512
  
  f3086c951f70177d9744426e402d7289208de442ffa233d603bd6ccef5ad54cd1226db9f7d7259921e49d6aea6a9ebefa989076a42fc14dd2701ec87a636b6b2
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32