7e4163a4231f2489dfd347f542fbafd7a30a5cd13b728801d43691c1283137e5

Resubmissions

19-09-2024 05:12

240919-fvzcsssdpa 6

19-09-2024 05:02

240919-fpjedssbnd 6

Sharing

Copy URL

Twitter E-mail

General

Target

net8.0-windows.rar
Size

7.9MB
Sample

240919-fvzcsssdpa
MD5

47af08e8eeda1e7f971fe6deb7eb7a82
SHA1

b38b8723db4571a900244306306bfe15d4794111
SHA256

7e4163a4231f2489dfd347f542fbafd7a30a5cd13b728801d43691c1283137e5
SHA512

4cce6f6d063f6407ee15fbd3bdf98ac1309dd0baccbafa2068792f2d9ca5c4c990a38acacdf2118d27a49bd23b0e956d2f592da9ef865fe7cb21bba48c2e8d77
SSDEEP

196608:nqf1IyEH6vmvrrKj3t7OZyMx3q6VujaOmCfchkl9OmWp:qtho6zrtepqabOchy9OmWp

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  net8.0-windows/LettuceUI.exe
- Size
  
  389KB
- MD5
  
  9477c8bcbf1f0f513fd10bb5a34ed5e9
- SHA1
  
  72d3a4412b43c8ed0c10aa6fcd3c396c85c2a71e
- SHA256
  
  d07db79a12d4710fed9a3f591f016a49dcb3752e4acca40f477b0f1f5c720108
- SHA512
  
  5297b46323b0974723ddbd3faff08899d8bde9ada7e44cedcf91ecd1bf3aba63d334abfbd70ef1286c950458ca5648ab03af89967c9b0c32b87b10cf453d44ef
- SSDEEP
  
  6144:EjK4TDUqgpqWDLZ5H+xuZ04dhAxnoBiLLZ8XY8Xl9gTkHr:EZW3bkWW98X51N
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  net8.0-windows/Microsoft.Web.WebView2.Core.dll
- Size
  
  557KB
- MD5
  
  b037ca44fd19b8eedb6d5b9de3e48469
- SHA1
  
  1f328389c62cf673b3de97e1869c139d2543494e
- SHA256
  
  11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197
- SHA512
  
  fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b
- SSDEEP
  
  12288:6CxswUBor35JrpQ322zy+uFKcDoRFNCMmeA+imQ269pRFZNIEJdIEY0lxEIPrEIE:6Cbmv
Score

6^/10

discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral3 behavioral4
- Target
  
  net8.0-windows/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  8153423918c8cbf54b44acec01f1d6c2
- SHA1
  
  f0c3c5412b809725e6d4809230adb15cc7d83ad2
- SHA256
  
  5696366f7458da940cc986dc5d3d4549a2368512acd769014ecbb07b47bd88b4
- SHA512
  
  f3dc771e37c71479d332142ec5a9c5c3f39ca71937f595a0f7482ae5aaaafd92e932efc9b0363d4511d547f3c8b2e0497ebbf8356e7d07fc344f4e5715b0ee87
- SSDEEP
  
  768:1sjCEEHJ9l0EeFZ2sxIHzttZDgcEST3p4Jjrjh2jJ+SG2au8vxJKia5/Zi/ZGQKk:wCEB15azttZDgcEST3p4JjrjaJ+SG2a/
Score

6^/10

discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral5 behavioral6
- Target
  
  net8.0-windows/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  50KB
- MD5
  
  4a292c5c2abf1aab91dee8eecafe0ab6
- SHA1
  
  369e788108e5fb0608a803fa2e5a06690b4464b5
- SHA256
  
  b628d6133bf57b7482a49aa158e45b078df73ee7d33137ac1336d24ac67ed1b4
- SHA512
  
  ca22adfff9789730e4c02343e320d80b8466cfc5a15f662cefe376b7ee29dea571004c1c26cd3f50c0d24e646f2b36b53fa86835678f46f335d65eec52431cde
- SSDEEP
  
  1536:gpGhWMhWLF9jwKi8LDP/ryEH0GBy4JjrD1aah/UaOzk6hKKa5/Bi/IGCv0Z0T6Cc:taBi8LDP/b0GBy4JjrD1aah/UaOzk6hz
Score

6^/10

discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral7 behavioral8
- Target
  
  net8.0-windows/bin/Monaco/index.html
- Size
  
  195KB
- MD5
  
  c4bad1d0e1c2eaefb44e3d5664669c0a
- SHA1
  
  ea3313bfd5772a7151719bef9d7256ccda944b16
- SHA256
  
  09d2c9982fd6c56643bad79bab4b1864917cd37c89c99787b1db5ea4e07ae440
- SHA512
  
  6a482df51fb127b7f85cf966a1f680cfe27174b0808a39f2d20ec6b32e334b36a67b3d584096a1ee36dd4758d14f22f3709cba51e0259eceff385c59062784cd
- SSDEEP
  
  6144:hkQSuHluiJu/bgcWBts8TYyCoMbdU44LY2AM2PqPcujF5BVQAurwQMyyYp8QDfyy:pXwXQO5
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral10 behavioral9
- Target
  
  net8.0-windows/bin/Monaco/vs/base/worker/workerMain.js
- Size
  
  133KB
- MD5
  
  b838e4d4ca3a40a357225bd920ade768
- SHA1
  
  4108724d46fac36b42521b70c99cc6a3ac32e2d2
- SHA256
  
  b19ada1ffe036707eecf00f4e1bc0e3c4c6ab546fb7e5d4d52f5a62de4caf0d6
- SHA512
  
  9d689e2be1cfc52444d22ffc590efb5ff2fd9ead6ef7f01323b57156365eff7b4f31c3a0b9e97872844373791ba40384f768f4f2655a75f37d0a5f2da74cfe46
- SSDEEP
  
  3072:W1DOqzYJv4cw7ktL4JqX8PPiz93don3F9s:gDOqzYJv4cw7gL4JqX8PsI16
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  net8.0-windows/bin/Monaco/vs/basic-languages/lua/lua.js
- Size
  
  4KB
- MD5
  
  ee5ad27a99a4740d57fb4382b93115ff
- SHA1
  
  63cd68497ea351005a3b73db40ea0f031de9fd6f
- SHA256
  
  4ea76aa12e7e1072dd553b93e0c17b34b6d11a28640ce0dad2d193f75e940ba7
- SHA512
  
  b915885921c5cd783f7061a153d476521b8b0ba6da4bf14b67fabedd973d46affd40afd8419d56e991f54eecfbb9ae8ed9da2cb5074bcfc5b149c1350111982a
- SSDEEP
  
  96:SD3OXPlI+iI+6OOfCDv9VtKI9fTxdeT2Nhq6i+G/uMB:jXtI1I+7DVVtKI9X6y7G1
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.js
- Size
  
  2.1MB
- MD5
  
  8fc60410aaf374e79953adf9d711c5af
- SHA1
  
  83ee02480a62b7ac5d48c421b1315b84f1aa58f0
- SHA256
  
  02d2a1d4369056be8bdb63f3fb53f507aa30f21fa4040eea0ca7eb69a84e56e4
- SHA512
  
  edcbe8f1e4cb5776121949bca97e7d8dac289d2297b5b4ea6fc4ae1409d889fe735acab694b3d0506643ded39e0838be3ac12e601b3386b4f2a3937e46b3c558
- SSDEEP
  
  12288:SOX+W5dL4JbNfMQpSoQ7S6IkqrQXP84Kf9gOmAoaoLwgdRZC17REQLhhVrDAoxJY:SOoh3kqrQ/6f9gOmA5oOEQLhjrDpRpTw
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.de.js
- Size
  
  46KB
- MD5
  
  ad9bf818536f91931fb650b3216dd18c
- SHA1
  
  403d2a77da3ef57d26ae8517ab1911a2e06bc18a
- SHA256
  
  4840ce5d29dbedcc21e3aef15fd1c4ebb82371e7f967d298fcf9668b6ab7162b
- SHA512
  
  a7489f6e059edd044902db53a486c3881ec363d9db065651692b60043b2a3b388dcd2f8041d460a5fb0a11201e94277815cea27145a3df00792953b602c95bac
- SSDEEP
  
  768:HuYC1xYdRB1a3XqGzdigBdQqAaI/23LNdPxFpST1kF4AJhYmz7behjYWMuRBk3hv:HqxgVuXqGzdi6QqAaI/27NdPxFpWxAJ7
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.es.js
- Size
  
  46KB
- MD5
  
  b5d76ad10828693d4789877118b40bce
- SHA1
  
  0368e36c2dee4e6135e5d619870ef49feb932769
- SHA256
  
  39c20b04dffe19f781303934bb52275bca7163b44f395e6caf37db4ca29e2ae3
- SHA512
  
  81e8e6f77ea88765333a127858c709df146d1d4ce7bc0106a5106b6ad1035250bf09a6de87894004e2c6f25d87a5705aa8c6b645b17c420dda3db82077c71ec1
- SSDEEP
  
  768:N8nKFyVgAYwTQG8zHqIkGMvnmvoKA9OfxjB3EVuU13pjbazPnBANt7+OlzDKPp4I:SKFyVRcdzHqIkGMvnmvoKA9OfxjB3EVs
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.fr.js
- Size
  
  49KB
- MD5
  
  609979a6bd0e729fe66215c1fa383a89
- SHA1
  
  6daf268486dec76a48de52731addcc2f450d6618
- SHA256
  
  2476075bf25a091da61bbeee0c870169f796e68f30dd70ee6c8d28995f3920d6
- SHA512
  
  5afb9b43b684d2c517792947702dbe9a7ac7446abd4628b00bfb14ce90854995e06e7c5135056b52aa2450cec5644e66861a8ce98a51ba49277c37109e55f9ac
- SSDEEP
  
  768:ILjlgb2uZ5CcXQ6Q3edz3uzATaY3l0y+dg90TWIvkUqBkiuP/oOjF4Zoczc3A4qJ:2liv5Ccg67SATaYVKEkimTjFAoAaZw
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.it.js
- Size
  
  48KB
- MD5
  
  3e3d0b63e450ec97e699801d491d91e5
- SHA1
  
  8d28e0cfbac8ce6f70664a054d61c7ad69e1882e
- SHA256
  
  01d14ba84f1e2efe3d153fe5ca48e04391620fc39a01b35f90e2db89ea3d9e7d
- SHA512
  
  a7eeed13a281d532567cc53cae6ee9fed68e57b7ff68868b7814dce90a537d9a3b9972757d9333866c7557023c37b13f3c7a3f8ed0e50d519445080726d785e6
- SSDEEP
  
  768:gqEy7izsuMa01VaiYR2L8XoXNj8YtvnYbP4ymMb3d/gyKJdnPTrysribj5K3m0MR:j7fQL/j4Qq2FA1J1qn4mB7agn
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.ja.js
- Size
  
  52KB
- MD5
  
  1b4528114945e6cada91efe8ce5c19f6
- SHA1
  
  0d49f278175e0711af2f1d539934b98e9de995b4
- SHA256
  
  61c4daa3f0e1358fc78e69a057b5e1da3b639c94a70ea5ad6de5623d496d5517
- SHA512
  
  aadf263e9dd6d4722a76154d0a521774e7d51500b5233c661ed55bce95014a94b724e6a196cd5ac47032ce508c00b2b183ae3b570576b633e45568df8d4928db
- SSDEEP
  
  384:hg2PXPtm+04LZ+FFHr0ZA9qOSTvvIEveG1vz14NdahWMpA1Uj4vHba3RPDScLBkm:bPfLsIOCam3rJrYEIk/872rpvsk
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.js
- Size
  
  38KB
- MD5
  
  25a6f54d69d6ff2426396a68e19b53fa
- SHA1
  
  6edc8f277381e88de77d0f4462366c6fc7974b98
- SHA256
  
  d91fb15a406fa334895f5fa5bdf1da02afca9cdc50220b4b597f18ca6869e75a
- SHA512
  
  2340b961e83abfc4dd067cf4e51ad71b48b16e4ea6c7d224754912cd5e3711c4eb63d70adb8a7f42fb5d42dc9dc68bc32ace46ef005373f579ac0d937f9e3947
- SSDEEP
  
  384:hO8LKmvQkKEQq4xlX7lrp1E1bIJUeYB4jV87XfVGZ3H6Sq6B4wCJjocN986t7J9L:U8LlfQq4xPp7pFBsZjYKqk1Vetbe/
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.ko.js
- Size
  
  46KB
- MD5
  
  43f772044f04b44c2db113388a6a5fb8
- SHA1
  
  cc6714152dc7b7ae61b0a74444f84d0462f9a9ac
- SHA256
  
  ae5895709821f36a7edc58a61967e925a3d3d7b0a3ae29042a948743cff8d0a9
- SHA512
  
  c36cf14b60fcf431949de5afbee0fc836afea5c01632560df704848332d43277cfced62ea38c89488350b66db539d64b3e5982fac55c6a0d2a11e28bf6f1fe6f
- SSDEEP
  
  768:cOnmkUxK1pLkKgljQM1r0xXDj8kCpY2XlGyrHuivU1Azrtu1QrWp4cX6v:RZUxKgKzxzrCp9GyrHuiFrCQKp4cX6v
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  net8.0-windows/bin/Monaco/vs/editor/editor.main.nls.ru.js
- Size
  
  75KB
- MD5
  
  8e4f383a3091adcf8902b126d58d2bd5
- SHA1
  
  fe277bc0dc079282b51f38486d3d609edf3de599
- SHA256
  
  25fe81d3e67512248d7c361a44f65b6902818a27a6674484fd168524f6e10e2b
- SHA512
  
  1730546448dec4f573f53caa088f0efbd583395b181f35e8a0b28f04a8600d727b13908d7c2f413e2b80ee5fd57a53bfefc729a89d23f614aa20287aa4d90061
- SSDEEP
  
  1536:U/0F6MhjpIMbBBKOXnFCSHhEUVCcan9oARyGuYQI/c:tPhjpIcB8OX/HhE1canGARyGyI/c
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Time Discovery

T1124

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Network Share Discovery

Network Share Discovery

Network Share Discovery

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32