b2ec54685b1596259320fe92f11cb2f081372b6d80676ba95f278b03ad12493a

Resubmissions

04-10-2024 18:21

241004-wzbqasyfkp 6

Sharing

Copy URL

Twitter E-mail

General

Target

lunar-client-qt-2.0.0.zip
Size

576KB
Sample

241004-wzbqasyfkp
MD5

f3dcc5ecf89eb25adf666e16194ef625
SHA1

0bd0ad7a74168bf99de90e723cf022882204086f
SHA256

b2ec54685b1596259320fe92f11cb2f081372b6d80676ba95f278b03ad12493a
SHA512

b8198b4a55da1546128a58a3bbee7ef036fe568e55c7a279676a2fe1e0ceacc47e366c089ff9662b2b07676acdeda03af85eb4e7f269092a30aa5def4a3ac8e4
SSDEEP

12288:YgRh2w3LbueRbTDgmz+RU8DpdBmlZQxj0/g2FtDGPe8OU:XyZSrgc+GOpEZQZ0/LFtSWc

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  lunar-client-qt-2.0.0.zip
- Size
  
  576KB
- MD5
  
  f3dcc5ecf89eb25adf666e16194ef625
- SHA1
  
  0bd0ad7a74168bf99de90e723cf022882204086f
- SHA256
  
  b2ec54685b1596259320fe92f11cb2f081372b6d80676ba95f278b03ad12493a
- SHA512
  
  b8198b4a55da1546128a58a3bbee7ef036fe568e55c7a279676a2fe1e0ceacc47e366c089ff9662b2b07676acdeda03af85eb4e7f269092a30aa5def4a3ac8e4
- SSDEEP
  
  12288:YgRh2w3LbueRbTDgmz+RU8DpdBmlZQxj0/g2FtDGPe8OU:XyZSrgc+GOpEZQZ0/LFtSWc
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  lunar-client-qt-2.0.0/.github/workflows/build.yml
- Size
  
  4KB
- MD5
  
  d404bc5f4a3ae100f9cccdc158479a45
- SHA1
  
  db4c39d43a9f272e7cc4af463519710c5b21a4c9
- SHA256
  
  11cacf8e50f36782666ab4b759c170faaed54e40b495be93539ab86b551dbe5f
- SHA512
  
  699509539c226295760b95e2f5f21f6f779eee04946218282e698dfce33eef186c1a6e00d5c5765290be592f67dc1c85c6625c7fb0ccffad33a67bc9eb7722d7
- SSDEEP
  
  96:WgW3YFL+T0C1nOW/ys3L8OidxnN0UfWtU/H9oHUBvAU:Wpc+oLW/13uN0UfWuo0B4U
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  lunar-client-qt-2.0.0/.gitignore
- Size
  
  30B
- MD5
  
  545766cfe999458541f3cde7c3ccb1c9
- SHA1
  
  4a722f9b50efadd31bfa8704e7d54810d4216a12
- SHA256
  
  a9f3d8d2a98a2839666802ba1c23361776ef2c1c9ab47326a8d157ac4d03578b
- SHA512
  
  51506525e246727e08946762fbc111e23a01e573c3907776fd8297e788dd81ee7cd65ef4e84517b7099c2c24ffa4564b84ce1a4f8faf67899c6b78d0e8dda1c1
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  lunar-client-qt-2.0.0/.gitmodules
- Size
  
  97B
- MD5
  
  ada8d8059c985898ce596b2dc9496b20
- SHA1
  
  96176586060f2549208b8744ec297644002f7b11
- SHA256
  
  e474f2579c37ac4827624f33320dd7c5c56e0a8a9bef3c5acfaa76d2c3fb0c79
- SHA512
  
  04961f343258e40e9322b719a0ed56b9be098426274c855ced370f4ec298505d4dc1dc2761b7f889f0c0196002344523c80ab411d343a78ceb04bdbaf61d8fbd
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  lunar-client-qt-2.0.0/3rdparty/CMakeLists.txt
- Size
  
  78B
- MD5
  
  beb0fb10968f6cdfaeff286e76eb3c2a
- SHA1
  
  910f106e1e07f5c24a003b4321bbd9d7c424c6e4
- SHA256
  
  2226a71064b064d2eee5de0bc05a1c2702b961e1e8169f2ccde5df16c07bf53d
- SHA512
  
  9d2cd42af167e29fd7539364fa5dd3cc4a924bd671b1721f0016428c4f0423c77de159682a263842680baa082d72875c42615be1e4dcef6a82d2a9ce3fe636f7
Score

1^/10
behavioral10 behavioral9
- Target
  
  lunar-client-qt-2.0.0/CMakeLists.txt
- Size
  
  4KB
- MD5
  
  65e6764724f87c21287f8ff494b32631
- SHA1
  
  85e45dcf6b0ea5b3a474d00352e79185c88b3fe1
- SHA256
  
  acef052eab8d202181f6964b036b0a80d1c4c9227ab0d7c21d17fcf6673a67f7
- SHA512
  
  bee85b395cd337015ce8d341c610c527810788a676c3644469036ad16b3001e42f917cd857624cc9ab6cbe0726a4f41ccc7475b8f02c7bef22d6abd2d8da88f6
- SSDEEP
  
  96:HGL14814cXdbXUXyXGVvpdF6ig0wwOvJLqZQtQH4b4IQtQ1pk9NNsjU3nNjupCoE:qPRtqycorwuPUspSIKtusfbOhfRE82
Score

1^/10
behavioral11 behavioral12
- Target
  
  lunar-client-qt-2.0.0/LICENSE
- Size
  
  34KB
- MD5
  
  1ebbd3e34237af26da5dc08a4e440464
- SHA1
  
  31a3d460bb3c7d98845187c716a30db81c44b615
- SHA256
  
  3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986
- SHA512
  
  d361e5e8201481c6346ee6a886592c51265112be550d5224f1a7a6e116255c2f1ab8788df579d9b8372ed7bfd19bac4b6e70e00b472642966ab5b319b99a2686
- SSDEEP
  
  768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum
Score

1^/10
behavioral13 behavioral14
- Target
  
  lunar-client-qt-2.0.0/README.md
- Size
  
  1KB
- MD5
  
  e7ac4e457bee12e75377c50977d958f2
- SHA1
  
  210bf4d25318358e85e2c9db26f2c21458822dbd
- SHA256
  
  9596ad57c749a8a0ddd7028eeb424a3abff314f59edef433547ffe509a072d5d
- SHA512
  
  6cf2fa587586e3689ee8d210cffadae8d1512d87e2bea5fe490fbd1680d29e54889a73be6c41cf7eb2132b4c3eda81bb7c03d4e609898bb3ea7c2d5dc85f123e
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  lunar-client-qt-2.0.0/buildconfig.cpp.in
- Size
  
  305B
- MD5
  
  e54c0d07ac31ad7d1053da3bc8b7d9f3
- SHA1
  
  a1a19c1adc60910e477d12e733e581dac4b2a5e5
- SHA256
  
  f09f3a7decd2dc6c05f58554fd91da09adf5c6e931469265a69eeb4b5a3581ec
- SHA512
  
  a37f33f1977e839516cfe6af9a035e1e4a4e296bafe63886befa0854df9e2ad1e74988ed231cb29f1d46f4033f329c7c24eb17cc8c6f83b64b7476a02a905e2b
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  lunar-client-qt-2.0.0/cmake/copy_jars.cmake
- Size
  
  287B
- MD5
  
  bf27b737275eb22ac07dff4e3f8b251a
- SHA1
  
  77ead6aabbcdd9d137e8a50baa9982505367a040
- SHA256
  
  7397185cc05288c7ebded5377e0583c3f396121a1e3cce62ee2cbcd2aded0425
- SHA512
  
  716a3b46266ef815f7927a855ef474647869a13fe988e42ab8ef4f4c33e3cade2487fdcbaefa5248911673c960a6e6c242f16c94894cf0cd9cc4ef9895d6d339
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  lunar-client-qt-2.0.0/config.json
- Size
  
  137B
- MD5
  
  a8dded26d395094a0aadb2b167cf736b
- SHA1
  
  10bb1344994b0ec74806cd391ac11b7fe667db81
- SHA256
  
  daed8f696e1c71ad5a95487243ba345a89c63f0d4eea478ca42233a04659f45d
- SHA512
  
  2b7bf8baa6287c86a8a371dd6abd430c0c5c7668f8e9106d43704e94f579289c17092ed0998a14c8f6ee1d6354b394573288aa7c45f72cc03b0406dc7c40234a
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  lunar-client-qt-2.0.0/java/agents/UnlockCosmetics.jar
- Size
  
  563KB
- MD5
  
  fe43cecf015b2991fa1ef69abf834238
- SHA1
  
  ecda71b09b6816630cb571167fa09df9f451eb9d
- SHA256
  
  cd24b33057f1fa4da6deb971a5ce50a479716672119d5a1fd6d6a0de89fe5318
- SHA512
  
  1ab8687626f64c906ee82ef2b4f6040ae127122b2e1ae61e1a7e0131618495dfa011eb942c96d09282e378f60f7de62ccd0000e1470dfa9b6a2b722ed800fad6
- SSDEEP
  
  12288:KqoB1wJELKUhek8lmmTDP94sMjOZTXopDHlUXTVlU6HMZjzs4CeFkPaZ:K1vwqhe5DSsMjOFXcHSXTVuwMZjqykSZ
Score

1^/10
behavioral23 behavioral24
- Target
  
  lunar-client-qt-2.0.0/res.qrc
- Size
  
  244B
- MD5
  
  48764c78aebc6aa7fb2fe69b1cfa71ef
- SHA1
  
  cda67e0997fc751712e3a929c86a1ffc333df185
- SHA256
  
  03ba2fcfedecb17a665fcf421cc49f95a31cfb58dd5818832c835f2f07bcfd0f
- SHA512
  
  fef9004491142fd5820fc69896c2d98e55de610b7841b2d8ca53b6afc911fbaba361406fb77601c21c97a9ebe858fcffa69c34549c91bf55376817848cf1cb23
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  lunar-client-qt-2.0.0/res/icons/agent.svg
- Size
  
  3KB
- MD5
  
  dbb032fef55f49ec9f0e7c81056a21b1
- SHA1
  
  4e8df5bce139d05f74b647cc395cb0f187e504ab
- SHA256
  
  a0e45909dc1fb10bfaaae15424ec6d98fbeb9ca19891a6de5e3ddfaa4bdcdfc6
- SHA512
  
  4c38f29bba3e198c47b5f06907e8b7a2631abd6871aecb9725ab91214b268dfe1aa2a9e90c4f4f8e535f8a60dd025f558b18d3b00a0de573804d1b06b9cb8204
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  lunar-client-qt-2.0.0/res/icons/cog.svg
- Size
  
  1KB
- MD5
  
  1a984a1a4664614275c427a6a194c477
- SHA1
  
  0b05f4e57c3e297fa9d1731103a53f4540d2be28
- SHA256
  
  9fed7a36e0cbf21d8bc141178b1d1ded682930431446f4138b06ed69a8ad4a5c
- SHA512
  
  0b55eabc77ec80816bd64d61f9f6c133de4a822482e385a246e56e7963bf9c54a6d4f93961f7f8efe33749920b4ba6981fd290325a757fbc7738654aff4b3394
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  lunar-client-qt-2.0.0/res/icons/minecraft.svg
- Size
  
  1KB
- MD5
  
  4d7f0bc2387a7d7614eb1137200fb009
- SHA1
  
  41a1ff5b02c94bff85a6fdd3827cc5242a71af5d
- SHA256
  
  24a9b47597e7956d80cebf5c9e82190b700ea9cc129491ec806d6a634fadd690
- SHA512
  
  c1d60f3884d4fb64e247fd136a0db9c923490b1693d92a38e7b4b590db7063d61abeac72729eda165ce00510bef4ebb494a344c910bbe5464f2250dcab347734
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32