2a572f51e2c64621f08d4a9253eb8d0efa2c44a3cc3d34254fed659c700a6606 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

oxygen_u.zip
Size

1.9MB
Sample

240930-g96k4azhnn
MD5

82879670dfe8994b54d76d499335a92e
SHA1

b4713f9223044746be5ce13d3e020d24535998c4
SHA256

2a572f51e2c64621f08d4a9253eb8d0efa2c44a3cc3d34254fed659c700a6606
SHA512

8ae7cb4033a18bfbbafbc3b4a090d9e44092627187593ec3964480652206c9dd7806f579443c61385dd8c9c4fec22c7a59219f17c535eb3181ce78bcac2275fb
SSDEEP

49152:i0QiVnTom/ugvnDPtJov6dMtB2qnFdA0zA/P7y:i0xMcusDPtJov6qB2qnFmA87y

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  oxygen_u/OxygenU.exe
- Size
  
  2.5MB
- MD5
  
  2f2fc53950b5074a9a2856dbb0cad192
- SHA1
  
  e6fddad494269767b2f3136b1c5c5793c8d5c627
- SHA256
  
  4635c9af7921ff99b0941d3d62574d39c4fc15f4897471c68734427d6cb8c49e
- SHA512
  
  1561c200e2f0126e3b9d6a8e2e4658f428c3eed8eef4fbbad3c5edeec9c04b4331ccfd27985ee763630ccbd3185e3beec550dc7a3aad7d6a2b36cbed8761fb85
- SSDEEP
  
  49152:F26vCbY8rkxYOPo4gtUUxJerbY8zBkqXfd+/9ADqanUWjuh:1CbY8rLOAmUxJerbY8zBkqXf0FhWK
Score

8^/10

discovery
- Downloads MZ/PE file
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1