f8b40acfa83436933d9991c0a0e8647665ac99d0678584f539bc3f715262410a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Apple Alert.zip
Size

216KB
Sample

241001-beyzwatank
MD5

0c06e4411f6c6f472789f5ab64a439d7
SHA1

7b29eb40616a8731b0eb6e045957f12443086a07
SHA256

f8b40acfa83436933d9991c0a0e8647665ac99d0678584f539bc3f715262410a
SHA512

d4034aead48fbb37c0d5b219db2f97c19975fa6ac30340c1cf034bc4acd84fb53759b6b35422efc3c12a1b41a3c4a89a022b4da3919c45a3fce644fef62482f6
SSDEEP

3072:edvqN/kflStB6SMMYkDsVbBC2ylVxlhQnwWuJP0ywt6bUkiZzhI6HytghfElh:edvqlslSeSMMYkDeiynD3BwShI6HUVr

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  11.html
- Size
  
  7KB
- MD5
  
  ad4a9397a513760d6b7b7c95949a0421
- SHA1
  
  d6284164627c386d2a2a2577c4e94cd22ba9fcf7
- SHA256
  
  31ee9a4d7bedce33c62b7bb5cca7551813ff7fd9c486293f749a58f4486f0300
- SHA512
  
  d49b4ee6eee88e2d0f81ca03871cd38e482aa26dec4016359237b0a71b297721e068047abefe09f714ddb77f4b63fcca88de80cfc4f27c0d94faf26158bc2cb0
- SSDEEP
  
  192:zzbRccMfnoFoj6FQjHRiO7hp/iL7z6/Jz0fuz55555555555555555555555555b:DRcNfZ/na7z6hz0fuz5555555555555V
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  12.html
- Size
  
  2KB
- MD5
  
  3e1beb3a3cc648f798284e78e948cb0a
- SHA1
  
  02c1f8d16a5667c3fce31354fe4a8a134bfc30b1
- SHA256
  
  15d6940e18fbce99ff0b7509c09c32ada4760a5e3a5f64d8ad8b3b8c8f564fbb
- SHA512
  
  dc0c5a5e9cf8e99c749c07fe7adcfbf20ab5db84e249861c4fad2577e0136d6dbabc5a7b96e8b99d0b86479c6a30a910857b7b7db39c884532eaccb08b9aabe2
Score

3^/10

discovery
behavioral2
- Target
  
  css/bootstrap.min.js
- Size
  
  35KB
- MD5
  
  e7d9a06cf9053c51cd4ad3386da0659a
- SHA1
  
  e45bf1054704a1fdfc4ee2713a16bf9283dea995
- SHA256
  
  9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
- SHA512
  
  62d02aa363b048e9355fe47cae7e42045488157c7dcff504807b963a9358fb72a12a262398a97323ab3e77b95a34fe13e089028672fce7055be70740be926402
- SSDEEP
  
  768:28iUD27UwlNEMl9RqNuCqNjhqg8epm5VCoFXflY8Gf3ZsbQ:1875vhqKGvl+3ZsQ
Score

3^/10

execution
behavioral3
- Target
  
  css/jquery.min.js
- Size
  
  93KB
- MD5
  
  a99941263f4e9e548c60880c3aa96791
- SHA1
  
  75eef7fa55661fa4169b1b711b9b67102b8c5a12
- SHA256
  
  e05ff9b09481b322ab7a3ec93eb24092f524bcdd770315be866420aa1488592d
- SHA512
  
  3440c3bc9a98a22e8aa1f24a63781007b8c4a62f535f2e087099f033a893d2257af4f68bd6554c8836eba966fade2ceb32589fcdebee57db4b188389e6f2bed4
- SSDEEP
  
  1536:BP10iSi65U/dXXeyhzeBuG+HYE0WEeLzFoNqLTW8+S5VRZIVI6xSb8Ch2ZbQnRmb:k+41VqLTW8xRrqSb8dGH77da98HrU
Score

3^/10

execution
behavioral4
- Target
  
  index.html
- Size
  
  1KB
- MD5
  
  053da040bef6c226a3e84c49b61cbf60
- SHA1
  
  84f6a1d2f4e2190e5d28c5110fe96443b64b4873
- SHA256
  
  6ea3e8640831be999b747818d9826a36de14beafb316a1b418afb04a2d092e58
- SHA512
  
  fcea9322dd7963362c96b98aa927a24607eb987a15948cfb9aa7c4e36b3bbc4a7eae371558d888c3bd8523d93809d65c95f4b9587d923b7f616c67a65c30abe2
Score

3^/10

discovery
behavioral5
- Target
  
  js/jquery-1.12.0.min.js
- Size
  
  95KB
- MD5
  
  9f7c65c84c8e8c3e317945e8fd89899b
- SHA1
  
  709c935c0a488ff7aa010157221eb07b4a041578
- SHA256
  
  c26cfce9caf7b965861956c1f173821f45f1e1f61aa4bd19ddd4b26723411c9d
- SHA512
  
  3fd2507196e21c9ce23bd281dff4cef49a6518ac2ac074193a481b60fcb6fc4e7bf1933238cb8bd0055ae67fd603ac990d0a6103009f816075f32fad308ee2a3
- SSDEEP
  
  1536:eYE1JVoiB9JqZdXXe2pD3PgoIK6alrUSTJWFk/zkZ4HWLZoHsrOa99fwk6b7/HpM:V4KZ+S3WLZICOaLfwk67qD1PaUa98Hr/
Score

3^/10

execution
behavioral6
- Target
  
  js/jquery.js
- Size
  
  276KB
- MD5
  
  3d93b072d14f2bd1ede58f4847f537fd
- SHA1
  
  73e5d044bd153dd912930e8be433059454ce19cd
- SHA256
  
  3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
- SHA512
  
  78ac19342bee3a1c5ca864d702e742f561f629429ff0877572a36831ce83299b8df2ea4bdb6c63dd990975c9320dddc68ec8b5407299dee8345d01d090644d26
- SSDEEP
  
  6144:eOWehmnQcHCAkwxc5cr4OfXKDoZOVJFpq3aK182bHjI1fusA2rM3:etJ4OfDZ2Is1fLAx3
Score

3^/10

execution
behavioral7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7