a736f554464845d4df520151972586bf4ea44fd5ad7c2f585f5aae61283d1616

Sharing

Copy URL

Twitter E-mail

General

Target

Lime.zip
Size

6.1MB
Sample

241018-hga46avhqp
MD5

de4a632318f064c24bb4b06f649ebd83
SHA1

e6d082e8e39f739566097ff3b69705815206a736
SHA256

a736f554464845d4df520151972586bf4ea44fd5ad7c2f585f5aae61283d1616
SHA512

8ddd060273b78f327387f22c9f1408431f4a043fb68d1b6c16e246bd1e77a58f78a351a71d825af688e6a6339f439669ad6b71d1449977aa4cadb431df2db4fb
SSDEEP

98304:NHvS39fvXaNsRFZ2h0W8Pgpj9njQRJHotnRnHv451nUTg1FX+UscsowyukL7q:s9fvaNslZPiCHotRP2D1t2oDukL7q

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  ForlornApi.dll
- Size
  
  12KB
- MD5
  
  2b17ecb3ef57f712223685fc667e2ed5
- SHA1
  
  f802322dfe8313a68eee6e014aa02a66d43e06ff
- SHA256
  
  6cfdb21fd609af354f6928068e78e2fb6f0d99e504a5637008ccf271c9943cb4
- SHA512
  
  6f931caff0aeb8e8648c7132605c321e0fac3a3b2018ceaeecee3ef47c0d458a2e8bcd8adfe4af88dd25a73c1eadba56d040cc22146380b2eefaa307c7b351f4
- SSDEEP
  
  192:u6Maj8sEUfsrKrcU8rcJ3XWS2yGxeKRRyW5E4qxVqc9:uPantkWwU3eyGxeKR9qxVB9
Score

1^/10
behavioral1
- Target
  
  Lime.exe
- Size
  
  12KB
- MD5
  
  df77b1248421e3ba062acce11fc65989
- SHA1
  
  7141cf7cbb1357b301086de51141ed02899385b6
- SHA256
  
  5022130d2079706847566b2a2a43c30ededb36986c254eeeacd49adf3d0bae39
- SHA512
  
  e26369074ab3e6a9e8b6643794e89e248b5c9fa58006eab8150818a809bf72150477136c6493c811ad4120da3a6e058dd69be0ca36a79956b8ad75e855cbd18a
- SSDEEP
  
  192:KBSeIeseafBda9bJEgIsB4+T1uLgZ5+9OY+6Xe2US07pSh6vWbQ5Iar5JVhMfHP:IVJQsO+T1VZ5+ZXcS07pSEX2w5JV+fH
Score

3^/10
behavioral2
- Target
  
  Lime.exe.config
- Size
  
  230B
- MD5
  
  89ef3711f8c1e7687481d83c9c400d08
- SHA1
  
  94dde3e1f64e389a3178003d81a8155d26c5bd91
- SHA256
  
  d6b960a012eea4937489f73041a358c425afc9d930cf13a5714e372cf8c6c08e
- SHA512
  
  1fb265ca1f0b333ae4c605fe47e2063f21ec5e6b26b673e8ad9fcc704cae2f87f054d18f2e55466d96e64116a2bdc746b140c4b871c2cfe2bc0755fdf83e160b
Score

1^/10
behavioral3
- Target
  
  RobloxDowngrader.exe
- Size
  
  969KB
- MD5
  
  aae4bee3410525041ecc01a0c0de56b0
- SHA1
  
  b10456110f3a6d5f802db3ef7ced675e75003775
- SHA256
  
  a5df226a516fdd4e00e8b49416f21700f307d22aa0aec5cbda1134a66a935d9e
- SHA512
  
  cd889f412dc0a135c34608e10bbe591722087c8fd2f5c0c6d14c9f2032a51e239364c399e38e516eeb89fabfc0aa2f8c3fa7ebd969a5c31f62595ca77f7c8e35
- SSDEEP
  
  24576:pB00+Pb+OzMTMNNd+g5Wk78GBBjgrIQtDP:oBf4jgxBBjHQtDP
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral4
- Target
  
  bin/ForlornInject.dll
- Size
  
  1.2MB
- MD5
  
  e97a7728ed78bde52df1bdda95cdbed5
- SHA1
  
  9822518a7110323b1b647d07ca65f4605b6e7743
- SHA256
  
  ef4caa777591d81a1744eed4d50df64a46ec740171b12e94527d2bd882277e41
- SHA512
  
  a2d47321baf2ddf4f1ed793488a2bdd14690df3fab446879ce7a0ecd7791a4a32154874cc07a0f37a531228abf566850ee3438dd3e20288a9917e97a762eeeab
- SSDEEP
  
  24576:Jd7ySdWPcWSVPIs6tBnAsZrchN0XjGfnO:n7rWP3SVPSnAsQ0
Score

1^/10
behavioral5
- Target
  
  bin/libcrypto-3-x64.dll
- Size
  
  4.5MB
- MD5
  
  be0f6d1d60e149cedaca33a04963e05f
- SHA1
  
  b686e1ed9ae47b8ae803a5d9e912b0e631bc4217
- SHA256
  
  81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86
- SHA512
  
  7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff
- SSDEEP
  
  98304:5l+f+Kv6t8y37re39P6k1CPwDvt3uFGCC:/Cyt8yLre39yk1CPwDvt3uFGCC
Score

1^/10
behavioral6
- Target
  
  bin/libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  733e3b58ee1760a442fec4712848c3ad
- SHA1
  
  529206caad19cce2424323bc29a9fb9a4bbd3e76
- SHA256
  
  159198cb8e740f9ad5918b51503121fd1b7e70460f6a4f6a6aa27576bbfa31c7
- SHA512
  
  10835ff09e35d8acb2739707219905b3ae2870af973d8f80040baeb732eb798fa93ef1bc599ad9898aff8e20ee21aa1f5e5e07340eda205aa938fc001cd83a88
- SSDEEP
  
  12288:uDYDcpeu9jFBOBJfbudc68KqLie1+jKMwmUxlcdEVB3ks:usM9jFr8OeW5wmNdEVB3k
Score

1^/10
behavioral7
- Target
  
  bin/xxhash.dll
- Size
  
  46KB
- MD5
  
  70c514826d9428f184d27f0c8f397404
- SHA1
  
  e6b0b1a396de9913004d9bcaa230972686416bb6
- SHA256
  
  aff59e91d222b75b3e3ac789baba9e24eff99796261ae5e887ef9e3c28bb3d64
- SHA512
  
  168c63cbb54865ca42a884fd974291bcadd9dd8cf8bc1980148214e84498af42a590cb3d3a394765ee0b7d2e337fab6e85ff4f85d9ced97b92b540152202a0a6
- SSDEEP
  
  768:tziPp7yW4k3QDn24NuDUSu0MKQVMNKuxYAuogba4Mk3Q18swN1WQ8hi6U:tziR74kgDn2rDRuIrN5mAvgbTg18DN1z
Score

1^/10
behavioral8
- Target
  
  bin/zstd.dll
- Size
  
  638KB
- MD5
  
  5b96fb0d4e6453680da278f5b7e51a29
- SHA1
  
  3c96a29248fa3644de2c653a5d97c1e21b13a769
- SHA256
  
  1374391dafd6262795243a58f9fb234be859d940683fe756c64692ca807f0478
- SHA512
  
  27d06b7182aa48a81cce18f8f7b1bee054f3a862ccebd77d273a67c6a15e5d0ef5ba8fd7430976f445eb8bff51d290f2bb50061ac7ef448255ba8a18b8baf193
- SSDEEP
  
  6144:fbauYl+rrR8uT4uB5uWYfO16oMynnjDHMkYHbpk5tRCEybNFZemMBLx4uQ16aSG:fbauYGT5BYMxjDHMk0petRCEyb9emHO
Score

1^/10
behavioral9
- Target
  
  en/Lime.resources.dll
- Size
  
  3KB
- MD5
  
  f0f2823a8c156c4a787c177a0d92c986
- SHA1
  
  0a493b9ae61af8ba00a2f2c8907724d51a5a8580
- SHA256
  
  b74faddf9edc9b6509467316e19e26ef02acc02e1bb28e4eea9b38865011db35
- SHA512
  
  d5ea916822ebaaa1778dd00fd993981659f69ccf22497ec56115d2d29a0d45e01f1e1a045399d4f4233bfd71dadfb9f1e228eccf410be666fe1e181462cb0262
Score

1^/10
behavioral10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10