93b3aa6cc71389a94949d77607bc75a2fc30dc5526f0f9670e8b75c2e6c7248c | Triage

Resubmissions

13-10-2024 20:30

241013-zalezs1fmn 6

13-10-2024 20:28

241013-y86cdaxalb 6

Sharing

General

Target

Zorara.zip
Size

507KB
Sample

241013-zalezs1fmn
MD5

6a6712d0f27578dc985ecc783f251473
SHA1

ddfefb6a37ced03aa22fea76fa87c9dd2b070d99
SHA256

93b3aa6cc71389a94949d77607bc75a2fc30dc5526f0f9670e8b75c2e6c7248c
SHA512

e89385af8fcc7df0be0e1a9ff7c2fffd0a84bf838e4be096351db8e95cc866e42e3b016b75b67ee0867215dfac74b9c1e19c80297e910b4c5898bf4242fd3c37
SSDEEP

12288:JkwR4Z3ybM7U0Yz3jBL75xwc4XscIFl4zA6fzvBL0:JkLZ3y47KjRdxwr81FlQxfDx0

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Launcher.bat
- Size
  
  5KB
- MD5
  
  79e427676f790a73c7eace4401235a43
- SHA1
  
  522b5b923e6711bbdeff463f95b863c724a16593
- SHA256
  
  199066e589da3542f2540d91dccdb512561d2241ecc1199ca9fe4131566954f3
- SHA512
  
  5e8383871e2397ee4eccf11f2494f9196655961ddb941681e8574158dcfa19d11f42ffc97f418f5129479fddb2570e7bf3347eb8aff1d8657ea6d3b61804b804
- SSDEEP
  
  3:LjdIV9ZbLRJFFaR2/+ZFBW6:FIRI9FV
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  compiler.exe
- Size
  
  89KB
- MD5
  
  dd98a43cb27efd5bcc29efb23fdd6ca5
- SHA1
  
  38f621f3f0df5764938015b56ecfa54948dde8f5
- SHA256
  
  1cf20b8449ea84c684822a5e8ab3672213072db8267061537d1ce4ec2c30c42a
- SHA512
  
  871a2079892b1eb54cb761aebd500ac8da96489c3071c32a3dab00200f74f4e12b9ab6c62623c53aea5b8be3fc031fb1b3e628ffe15d73323d917083240742b0
- SSDEEP
  
  1536:Ee7h7q/J6K3nHC+AGUob2f0DBFPbPWNPWp350NHcHkDsWqxcd2ZPSAv:Ee7oU8HC+AGUu2abPbPWQpO8E0A2tSAv
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  lua51.dll
- Size
  
  592KB
- MD5
  
  3dff7448b43fcfb4dc65e0040b0ffb88
- SHA1
  
  583cdab08519d99f49234965ffd07688ccf52c56
- SHA256
  
  ff976f6e965e3793e278fa9bf5e80b9b226a0b3932b9da764bffc8e41e6cdb60
- SHA512
  
  cdcbe0ec9ddd6b605161e3c30ce3de721f1333fce85985e88928086b1578435dc67373c3dc3492ed8eae0d63987cac633aa4099b205989dcbb91cbbfc8f6a394
- SSDEEP
  
  12288:rs7/mj/73RaLHIW5BmUeUhoE4RgiF1q1bPIBKsg4Db0S:rc/u/7IoRnUKfq1Dl4DY
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6