74ee925da0f9d9fd238a8c7a1e858df22b32e244b5f2c4b774307ad7c3c7ab8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Toastify (1).zip
Size

4.2MB
Sample

241015-gnmabssekl
MD5

98322697c8c84d5cb191376c9a6615a1
SHA1

2305bb1aba34c941bb230c60df7c571269ba7c9c
SHA256

74ee925da0f9d9fd238a8c7a1e858df22b32e244b5f2c4b774307ad7c3c7ab8b
SHA512

8653506c5243bda7093b624d64c1cb40202fa2fa75ff4fe874ee0d44eef89a86249e5fe4d6999e68807986056176cb77b361f07c89bc38bd3e22b8380da274f5
SSDEEP

98304:MULMWA0ziAikylXA9Ftv6IG5RchU8UOAiBTd/oRAsNubPT:zLPAYi7XA9Fti15CERAqMT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Resources/ManagedWinapiNativeHelper.dll
- Size
  
  3KB
- MD5
  
  59010bcaa77176e2bf1257d09a26dd1a
- SHA1
  
  1030f72d62df998eb1b973b3f07a87562627fbc8
- SHA256
  
  31a0ecbab83d6e1efee28ace17015f4631c26558a17a8dbae4388419a895e76c
- SHA512
  
  73f8581c20d8f283725ef561dfff492085f982cc48def39582842bfc0732d0c270642c198e6a3c8b1008f3002792e5add691e8fedaaf89fd7d007d4528f0d5b9
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Toastify.dll
- Size
  
  4.2MB
- MD5
  
  6d5078279fb02d7d7de7bd686c9fd7a7
- SHA1
  
  d8c4b99a08c6e90dd4521d436d780d9fd0154022
- SHA256
  
  96ebc0d095ab6f59e585151d149672fc60faff1f06437386a9a01aaaae7af837
- SHA512
  
  25589da54743be755f80783ab082bcbb44e5d3bb4306fa3f9b9fac9385f566b820577d4a677003a6888da216f5c8eb3168cf28a1286b78c3a170775a373dfa8e
- SSDEEP
  
  98304:jV+9mpAcLiJNMkHMxukIdlTPsbgWRuXygq+tkrcq/:ggpDLiPJkIdlAkWAG+Cr5/
Score

1^/10
behavioral3 behavioral4
- Target
  
  Toastify.exe
- Size
  
  195KB
- MD5
  
  58d404490e4b55dbbadef8061afb8512
- SHA1
  
  79dff8fde694fa7e4327733f6c43dd42788ed4ea
- SHA256
  
  a6ca59d2f73992a3ab2e4649561cbeb61bac8da1d8facd7be0e3b6c7ad306983
- SHA512
  
  113c9ee440acfdc8cb03a624710fb2efad74f747f97dad7bc413feeb334a4081a76049d459450402779349caecfd5916a2923bf64c0efc25163cc1ba9f02af34
- SSDEEP
  
  3072:Jczkitvo4BpYN/6mBPry8TXROLdW5m4mURu9OOGj0kBQGp17Ei9mi5jx:JA4NCmBPry/N2KOO6ZpD9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  runtimes/browser/lib/net6.0/System.Text.Encodings.Web.dll
- Size
  
  69KB
- MD5
  
  48591d83db07feb428445be9f161fc53
- SHA1
  
  aaeb2ea8ff1746aad3e27b6cc0c3c75067750a76
- SHA256
  
  ef9810f0a4ce5ebe98a5448847b56d6ca3f31ad51f5e405cd99e1aad858f0005
- SHA512
  
  b2a2be8fdd6b7562e77279c1d0ae07769097129b98feaa137ed05ad8bbdc4c22a0ebb8b45b03d025490fe44d9a3263b521a6231b0df530d963b10fc286db381b
- SSDEEP
  
  1536:pxuAEP6SrduX7NnEowblsQD6w0OlLr7YVczS:fEP6Srdux9Wl/0grEcu
Score

1^/10
behavioral7 behavioral8
- Target
  
  runtimes/win/lib/net6.0/System.Diagnostics.EventLog.Messages.dll
- Size
  
  781KB
- MD5
  
  6a205c78d14fa91efca3ae531d1ff7e8
- SHA1
  
  9e26e81dfdba74ae261912993de875d13bb0891c
- SHA256
  
  6444dfa03609248effd398e8562af484ad0163a6c47cee6d3a287ffdef809ad2
- SHA512
  
  fd797f528519bd9b864394c2a45afa5c7f94f58d1f2b55e0017987fb521c9f7292dbe1366be778e60352fa8f9a08c10b7299aea39deeee3a164bb105857fe7ed
- SSDEEP
  
  192:g/r3V645uWOL8/pCuPHnhWgN7acW5RjroUEKup3JdqnajvsKyhr:gx6Yi/uPHRN7y/oU7aJdlrsKK
Score

1^/10
behavioral10 behavioral9
- Target
  
  runtimes/win/lib/net6.0/System.Management.dll
- Size
  
  304KB
- MD5
  
  a9d07609f161c1b90ab5ac4f4d11569e
- SHA1
  
  458b9a6ddf85a5f5c8a96de4eb416b5e737bf77e
- SHA256
  
  fff7c1e9f12a99c2c52a6c0ae81075be78dbef7dbc4f1162164990b4ccf6eadd
- SHA512
  
  811bbc018352e144afd2c8ba5d10a379ca058bbcea553431544ac747c654d5d21e3359aca024b26c192d3e6639682a601a173f1624a8e8052539a22caa884fa6
- SSDEEP
  
  3072:KgHBEFyIHS/PsfxJj7TgQq3XZbIkE1HhnDQ/NpydzhI0SFpkFUNygucwycrSB9v5:REHS/PsfzLZ0/DyDnQVVvcA
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12