General

  • Target

    fb8bd3e5777c57bd922090760ab0187c058b94c8c583013dc89ff533df3827f8N

  • Size

    218KB

  • Sample

    240920-cem32stepr

  • MD5

    158c79a20ed81992fab249adb9ce3f50

  • SHA1

    c12cd4d823af024f31156f7ac6099ed31976f7a7

  • SHA256

    fb8bd3e5777c57bd922090760ab0187c058b94c8c583013dc89ff533df3827f8

  • SHA512

    a30f6a91b58e9af4142b73e2ae10d117a885b0c332e34a490568bea5c02a6ebc25617fbb5506db1c4d0925610fae877c34a5f6830509732bca3bc3ab644658f3

  • SSDEEP

    3072:uvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2He:w1SyAJp6rjn1gOObn4b6h9Z

Malware Config

Extracted

Family

simda

Attributes
  • dga

    gatyfus.com

    lyvyxor.com

    vojyqem.com

    qetyfuv.com

    puvyxil.com

    gahyqah.com

    lyryfyd.com

    vocyzit.com

    qegyqaq.com

    purydyv.com

    gacyzuz.com

    lygymoj.com

    vowydef.com

    qexylup.com

    pufymoq.com

    gaqydeb.com

    lyxylux.com

    vofymik.com

    qeqysag.com

    puzylyp.com

    gadyniw.com

    lymysan.com

    volykyc.com

    qedynul.com

    pumypog.com

    galykes.com

    lysynur.com

    vonypom.com

    qekykev.com

    pupybul.com

Targets

    • Target

      fb8bd3e5777c57bd922090760ab0187c058b94c8c583013dc89ff533df3827f8N

    • Size

      218KB

    • MD5

      158c79a20ed81992fab249adb9ce3f50

    • SHA1

      c12cd4d823af024f31156f7ac6099ed31976f7a7

    • SHA256

      fb8bd3e5777c57bd922090760ab0187c058b94c8c583013dc89ff533df3827f8

    • SHA512

      a30f6a91b58e9af4142b73e2ae10d117a885b0c332e34a490568bea5c02a6ebc25617fbb5506db1c4d0925610fae877c34a5f6830509732bca3bc3ab644658f3

    • SSDEEP

      3072:uvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2He:w1SyAJp6rjn1gOObn4b6h9Z

MITRE ATT&CK Enterprise v15

Tasks