35aafa54f74d51268c1c99389dbafb2ff5835a30e5dec0bb6e8c239608e4c194

Sharing

Copy URL

Twitter E-mail

General

Target

Executor.zip
Size

3.4MB
Sample

241012-q4nb1atdje
MD5

c54aa5e8517df29f759d118731ef6289
SHA1

ddcc3931d474ebb341f7732c13096d20d0cd4a01
SHA256

35aafa54f74d51268c1c99389dbafb2ff5835a30e5dec0bb6e8c239608e4c194
SHA512

f0999c0306f7e2c1dc588acbc7cb5e47bdda3be80b6616d196da846953405b568f94161bc14a8ddc52fdfc1b2201a844270ed9d79e35475d31e5ce4867198587
SSDEEP

98304:OjHn2Htb9EG4lcvzBHdnpsi8BRb1hXf7/xlufgdrySIpWFW:OjHAROWzB9iPR5hLzdr6b

Score

4^/10

evasion macos

Malware Config

Targets

- Target
  
  Executor.zip
- Size
  
  3.4MB
- MD5
  
  c54aa5e8517df29f759d118731ef6289
- SHA1
  
  ddcc3931d474ebb341f7732c13096d20d0cd4a01
- SHA256
  
  35aafa54f74d51268c1c99389dbafb2ff5835a30e5dec0bb6e8c239608e4c194
- SHA512
  
  f0999c0306f7e2c1dc588acbc7cb5e47bdda3be80b6616d196da846953405b568f94161bc14a8ddc52fdfc1b2201a844270ed9d79e35475d31e5ce4867198587
- SSDEEP
  
  98304:OjHn2Htb9EG4lcvzBHdnpsi8BRb1hXf7/xlufgdrySIpWFW:OjHAROWzB9iPR5hLzdr6b
Score

4^/10

evasion
behavioral1
- Target
  
  Bypasser Community.exe
- Size
  
  209KB
- MD5
  
  fbdf47ab77591c1c213d9a61a1f32f22
- SHA1
  
  5f25fb4697dcb6ff6dd09792c4a990c09949fb5e
- SHA256
  
  dd176b6ecfe7e596c6d8d84ab5da657d95600c364277d8482e1199f2078c4fcc
- SHA512
  
  e3bd5e78d111f053ad1bf5dffa5a22461c35233cef4b1d42910ec64a81503e1f6954163c6b5cb553bf2bd468ec94d6f2cda8c1527ea9f333a50a782306857cc7
- SSDEEP
  
  1536:JKez3q7jCYsRRRRROUfI79gCqdNzqlaAndNzqlaAUX7DPdtAUsKpT5gbgvDK61sU:Jdz3qSdRRRRRrfqku/fI2DN1scDJ5AE
Score

1^/10
behavioral2
- Target
  
  Bypasser Community.exe.config
- Size
  
  189B
- MD5
  
  9dbad5517b46f41dbb0d8780b20ab87e
- SHA1
  
  ef6aef0b1ea5d01b6e088a8bf2f429773c04ba5e
- SHA256
  
  47e5a0f101af4151d7f13d2d6bfa9b847d5b5e4a98d1f4674b7c015772746cdf
- SHA512
  
  43825f5c26c54e1fc5bffcce30caad1449a28c0c9a9432e9ce17d255f8bf6057c1a1002d9471e5b654ab1de08fb6eabf96302cdb3e0fb4b63ba0ff186e903be8
Score

1^/10
behavioral3
- Target
  
  Bypasser Community.pdb
- Size
  
  87KB
- MD5
  
  7e2c961472779edb30c2e7adebac99fc
- SHA1
  
  99c2ba0e3b23382f234d718cfb6de4a786f932bb
- SHA256
  
  068e739624a14fa3f6340efcac05923a6f1244b052ef51b84198f7db176630c9
- SHA512
  
  6b06aa64ca73c9adee1631a0e2e1f116054a2e5e3df02c30434c91a5916bd4d44fb3784a211629fdf28f2558375e2d6a50b0c0cf591ed5738c19b30ff082a5f7
- SSDEEP
  
  768:cQtRsItRhk4jhu6/Srom2esxDTL5ePvzXTkxySUnV5k4jhu6/Srom2GDTuXV4:8qx/Li7X4JUVc/m4
Score

1^/10
behavioral4
- Target
  
  Bypasser.dll
- Size
  
  12KB
- MD5
  
  2b17ecb3ef57f712223685fc667e2ed5
- SHA1
  
  f802322dfe8313a68eee6e014aa02a66d43e06ff
- SHA256
  
  6cfdb21fd609af354f6928068e78e2fb6f0d99e504a5637008ccf271c9943cb4
- SHA512
  
  6f931caff0aeb8e8648c7132605c321e0fac3a3b2018ceaeecee3ef47c0d458a2e8bcd8adfe4af88dd25a73c1eadba56d040cc22146380b2eefaa307c7b351f4
- SSDEEP
  
  192:u6Maj8sEUfsrKrcU8rcJ3XWS2yGxeKRRyW5E4qxVqc9:uPantkWwU3eyGxeKR9qxVB9
Score

1^/10
behavioral5
- Target
  
  BypasserAPI.dll
- Size
  
  12KB
- MD5
  
  2b17ecb3ef57f712223685fc667e2ed5
- SHA1
  
  f802322dfe8313a68eee6e014aa02a66d43e06ff
- SHA256
  
  6cfdb21fd609af354f6928068e78e2fb6f0d99e504a5637008ccf271c9943cb4
- SHA512
  
  6f931caff0aeb8e8648c7132605c321e0fac3a3b2018ceaeecee3ef47c0d458a2e8bcd8adfe4af88dd25a73c1eadba56d040cc22146380b2eefaa307c7b351f4
- SSDEEP
  
  192:u6Maj8sEUfsrKrcU8rcJ3XWS2yGxeKRRyW5E4qxVqc9:uPantkWwU3eyGxeKR9qxVB9
Score

1^/10
behavioral6
- Target
  
  FastColoredTextBox.dll
- Size
  
  300KB
- MD5
  
  4719b02693486f3610a0cba3f88e3719
- SHA1
  
  ff4335aacf19037c3879d371788650d1681e5dd1
- SHA256
  
  a19bf2722cef29430e75f09c1f7a17baf456ccaed16ec6584f417d03214598f3
- SHA512
  
  3980726c6ce280973089b38c81242ddb5f22713abb66072df43bfd58eb9d2c476540475cfae2105a2109452e5cadaca310df99d3cf673d8335f2ba0f743d9b72
- SSDEEP
  
  6144:Wvl+A0dPbhYOwPB//BWIheHGnW+sqmLDIDeNLz:++1PbhcWl4eN
Score

1^/10
behavioral7
- Target
  
  FastColoredTextBox.pdb
- Size
  
  625KB
- MD5
  
  e02fa2337baa20735416203b545b3815
- SHA1
  
  19c472b97e328371f0605d34a7ad28a902ed5c8b
- SHA256
  
  33cc56f087a10dde7282f3597e3db6f13805886590ce7a6e3b98a51eb1ed7ab1
- SHA512
  
  03406ca848507e0ab1c3b5a54415a2991bf4f23113b55da6d9c2fe81055d6efea54ef08edb19b95f24bbcb8df82ee1f75f98b4c5bb319a02af967209520ddf0b
- SSDEEP
  
  6144:yGmzFH3koBBeRdMRg1yFkOnNF3H37/v7rs2l3kZ3FwnSj4upMALPI+nYk:C3OdUg1yFHDz7c3anSj4U
Score

1^/10
behavioral8
- Target
  
  ForlornApi.dll
- Size
  
  12KB
- MD5
  
  2b17ecb3ef57f712223685fc667e2ed5
- SHA1
  
  f802322dfe8313a68eee6e014aa02a66d43e06ff
- SHA256
  
  6cfdb21fd609af354f6928068e78e2fb6f0d99e504a5637008ccf271c9943cb4
- SHA512
  
  6f931caff0aeb8e8648c7132605c321e0fac3a3b2018ceaeecee3ef47c0d458a2e8bcd8adfe4af88dd25a73c1eadba56d040cc22146380b2eefaa307c7b351f4
- SSDEEP
  
  192:u6Maj8sEUfsrKrcU8rcJ3XWS2yGxeKRRyW5E4qxVqc9:uPantkWwU3eyGxeKR9qxVB9
Score

1^/10
behavioral9
- Target
  
  forloninject/ForlornInject.dll
- Size
  
  1.2MB
- MD5
  
  e97a7728ed78bde52df1bdda95cdbed5
- SHA1
  
  9822518a7110323b1b647d07ca65f4605b6e7743
- SHA256
  
  ef4caa777591d81a1744eed4d50df64a46ec740171b12e94527d2bd882277e41
- SHA512
  
  a2d47321baf2ddf4f1ed793488a2bdd14690df3fab446879ce7a0ecd7791a4a32154874cc07a0f37a531228abf566850ee3438dd3e20288a9917e97a762eeeab
- SSDEEP
  
  24576:Jd7ySdWPcWSVPIs6tBnAsZrchN0XjGfnO:n7rWP3SVPSnAsQ0
Score

1^/10
behavioral10
- Target
  
  forloninject/libcrypto-3-x64.dll
- Size
  
  4.5MB
- MD5
  
  be0f6d1d60e149cedaca33a04963e05f
- SHA1
  
  b686e1ed9ae47b8ae803a5d9e912b0e631bc4217
- SHA256
  
  81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86
- SHA512
  
  7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff
- SSDEEP
  
  98304:5l+f+Kv6t8y37re39P6k1CPwDvt3uFGCC:/Cyt8yLre39yk1CPwDvt3uFGCC
Score

1^/10
behavioral11
- Target
  
  forloninject/libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  733e3b58ee1760a442fec4712848c3ad
- SHA1
  
  529206caad19cce2424323bc29a9fb9a4bbd3e76
- SHA256
  
  159198cb8e740f9ad5918b51503121fd1b7e70460f6a4f6a6aa27576bbfa31c7
- SHA512
  
  10835ff09e35d8acb2739707219905b3ae2870af973d8f80040baeb732eb798fa93ef1bc599ad9898aff8e20ee21aa1f5e5e07340eda205aa938fc001cd83a88
- SSDEEP
  
  12288:uDYDcpeu9jFBOBJfbudc68KqLie1+jKMwmUxlcdEVB3ks:usM9jFr8OeW5wmNdEVB3k
Score

1^/10
behavioral12
- Target
  
  forloninject/xxhash.dll
- Size
  
  46KB
- MD5
  
  70c514826d9428f184d27f0c8f397404
- SHA1
  
  e6b0b1a396de9913004d9bcaa230972686416bb6
- SHA256
  
  aff59e91d222b75b3e3ac789baba9e24eff99796261ae5e887ef9e3c28bb3d64
- SHA512
  
  168c63cbb54865ca42a884fd974291bcadd9dd8cf8bc1980148214e84498af42a590cb3d3a394765ee0b7d2e337fab6e85ff4f85d9ced97b92b540152202a0a6
- SSDEEP
  
  768:tziPp7yW4k3QDn24NuDUSu0MKQVMNKuxYAuogba4Mk3Q18swN1WQ8hi6U:tziR74kgDn2rDRuIrN5mAvgbTg18DN1z
Score

1^/10
behavioral13
- Target
  
  forloninject/zstd.dll
- Size
  
  638KB
- MD5
  
  5b96fb0d4e6453680da278f5b7e51a29
- SHA1
  
  3c96a29248fa3644de2c653a5d97c1e21b13a769
- SHA256
  
  1374391dafd6262795243a58f9fb234be859d940683fe756c64692ca807f0478
- SHA512
  
  27d06b7182aa48a81cce18f8f7b1bee054f3a862ccebd77d273a67c6a15e5d0ef5ba8fd7430976f445eb8bff51d290f2bb50061ac7ef448255ba8a18b8baf193
- SSDEEP
  
  6144:fbauYl+rrR8uT4uB5uWYfO16oMynnjDHMkYHbpk5tRCEybNFZemMBLx4uQ16aSG:fbauYGT5BYMxjDHMk0petRCEyb9emHO
Score

1^/10
behavioral14
- Target
  
  workspace/IY_FE.iy
- Size
  
  539B
- MD5
  
  20f4609a44596cf5b11f4d45985b3354
- SHA1
  
  137262a54f5c8842546144c1da654be30fcc3925
- SHA256
  
  ddeae9bfacd5ff15baae353fc9f8b78a04751db1c25b99c4c1d647aabec11b57
- SHA512
  
  d04fa1a39049f75aee60476fcef6c3bfe4cf1a3a72bb7d37dbb6cb23fc636f5f8076790156bc7e46460facd80499a41c82715ffebe94be0af6b4305e2b9ceb37
Score

1^/10
behavioral15
- Target
  
  workspace/OrionTest/111958650.txt
- Size
  
  2B
- MD5
  
  d751713988987e9331980363e24189ce
- SHA1
  
  97d170e1550eee4afc0af065b78cda302a97674c
- SHA256
  
  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
- SHA512
  
  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
Score

1^/10
behavioral16
- Target
  
  workspace/OrionTest/6578392500.txt
- Size
  
  2B
- MD5
  
  d751713988987e9331980363e24189ce
- SHA1
  
  97d170e1550eee4afc0af065b78cda302a97674c
- SHA256
  
  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
- SHA512
  
  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
Score

1^/10
behavioral17

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17