96a8b48d4ea92434412972afca47aee890254257e729795819bf34597b614751 | Triage

Sharing

General

Target

ddos_tool_cracked.rar
Size

18.1MB
Sample

240919-wvrkyssfkf
MD5

b91b6259eddd616417ef0fa8e0893158
SHA1

02de932a0adcbe68be11cb89e6ffe3434825fbc0
SHA256

96a8b48d4ea92434412972afca47aee890254257e729795819bf34597b614751
SHA512

70c909689b777d4c472e3174a1f6af323ed39294f18fc5d58c775f5478fa9709fa6cb8f2649966ec042da2d8bd00f3597284d8c1d46f432e2b397f7adcec9e02
SSDEEP

393216:DRJ8lDuzaBDhQ5mKOGNye9uneXjUi6YoD7G7iN1oplQk1BfzuXzmNyj9:DiiGBtqmKrAeikUHDvS5AyAj9

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  crack.dll
- Size
  
  2.3MB
- MD5
  
  b20aea020a8614176072da7b04296d22
- SHA1
  
  1508768117167ef69cd5c4182097304f520f9d9b
- SHA256
  
  5607f154872d0ba75144e05dc1a507a37d2e3856d6670cfe04dc7b0ec7597d9f
- SHA512
  
  3d1255e3f5e75957ada4eca53c3616b09a776bbaec5b80b530312503a1606f10768ad4dc0c2d6911fd4b9b3dbe79c016afff2785b5ddd52f8b057fee0126558d
- SSDEEP
  
  49152:5x9V/Kjom+KbrSFV3X/YCYp5WefdmjLdGGf:Aom+KbOYCYppfdmjLdGGf
Score

1^/10
behavioral1 behavioral2
- Target
  
  loader.exe
- Size
  
  5.3MB
- MD5
  
  448ccbb16a4b84ed50457089c4d85c20
- SHA1
  
  aedc3ef0636d759dcff01560ad158e10801912c4
- SHA256
  
  15fbb2aca01aa435afdc91636155a56e46ffe3749a00f58c600c6863c576c001
- SHA512
  
  c9457f0b3fc7840763a22e7bbd9a85bda38e7b89b318ff8435cf2343e72ea3936ad39d55b9060e5945af68198ccf0dec1efb7b3063deaa6aef40245a28257fcd
- SSDEEP
  
  98304:baSlkXdBUF2NQV6K1eiTzW14Cmov0GtmfYb6d+2ss0FBNcFlQOyyqg7:ba/tNeRVCIgmAud+/s0FsFPyyn7
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral3 behavioral4
- Target
  
  main.exe
- Size
  
  12.9MB
- MD5
  
  8e214d945f21d2e07b763ded73084a30
- SHA1
  
  2730832fe906ca64ffa473b9c871e5e023b30259
- SHA256
  
  042405431f3bcdc48fa6bdd3200bd190f5b512a92a6cdd062214e683184c4abb
- SHA512
  
  550a72b757ffa3bdc2f7b43a0734cb97907dcdcec21eea099e8dedd98cf2bd709ffa22f637760752f11d63c98a1b2c52a4c8ea64e5ac63f04e91bdd3d091f617
- SSDEEP
  
  393216:Gse9x7oKHi+2ohcyLYjPAfsWNF4xYGtrSa2qMd9R:m9x7vHiRyc0AisWX4LmR
Score

7^/10
- Loads dropped DLL
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6