Overview
overview
10Static
static
10DLL Payloa...ox.dll
windows7-x64
1DLL Payloa...ox.dll
windows10-2004-x64
1DLL Payloa...st.dll
windows7-x64
1DLL Payloa...st.dll
windows10-2004-x64
1DLL Payloa...st.dll
windows7-x64
1DLL Payloa...st.dll
windows10-2004-x64
1DLL Payloa...or.dll
windows7-x64
1DLL Payloa...or.dll
windows10-2004-x64
1DLL Payloa...ox.dll
windows7-x64
1DLL Payloa...ox.dll
windows10-2004-x64
1DLL Payloa...TA.dll
windows7-x64
1DLL Payloa...TA.dll
windows10-2004-x64
1DLL Payloads/GUP.exe
windows7-x64
1DLL Payloads/GUP.exe
windows10-2004-x64
1DLL Payloa...or.exe
windows7-x64
1DLL Payloa...or.exe
windows10-2004-x64
1DLL Payloa...ll.dll
windows7-x64
10DLL Payloa...ll.dll
windows10-2004-x64
10DLL Payloa...pp.dll
windows7-x64
1DLL Payloa...pp.dll
windows10-2004-x64
1General
-
Target
41cc27972b67ab9014eb00dae9262a24.zip
-
Size
13.2MB
-
Sample
241018-s9b72avemh
-
MD5
41cc27972b67ab9014eb00dae9262a24
-
SHA1
b07dc3f99baa10dda627b7f4881180755b9d392c
-
SHA256
5c3be59f85aa33ee9702c04132f7ec86317fdfecac4ca9d5f3f41d265037e164
-
SHA512
4b0798765cef39e5edecb03fb966cbf2f2312a3577473e9421bac99b2a48369ce0ee64995bcaafb34e0124c2aad20b1c5e794e13c2023c4ea77da49d0c5edd2c
-
SSDEEP
393216:6rhce1tfusgHkn+ztHSv9PnF/3lO3Nsuaxer8TDW:6dcejfSHU4BkP509suDkW
Behavioral task
behavioral1
Sample
DLL Payloads/AppDomainManager-Message-Box.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DLL Payloads/AppDomainManager-Message-Box.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
DLL Payloads/AppDomainManager_Covenant_Test.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
DLL Payloads/AppDomainManager_Covenant_Test.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
DLL Payloads/AppDomainManager_Sliver_Test.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
DLL Payloads/AppDomainManager_Sliver_Test.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
DLL Payloads/DLL-Sideload-BinaryInjector.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
DLL Payloads/DLL-Sideload-BinaryInjector.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
DLL Payloads/DLL-Sideload-Message-Box.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
DLL Payloads/DLL-Sideload-Message-Box.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
DLL Payloads/DLL-Sideload-Sliver-HTA.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
DLL Payloads/DLL-Sideload-Sliver-HTA.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
DLL Payloads/GUP.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
DLL Payloads/GUP.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
DLL Payloads/UevAppMonitor.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
DLL Payloads/UevAppMonitor.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
DLL Payloads/test_shell.dll
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
DLL Payloads/test_shell.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
DLL Payloads/vcruntime140d_app.dll
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
DLL Payloads/vcruntime140d_app.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
DLL Payloads/AppDomainManager-Message-Box.dll
-
Size
3KB
-
MD5
4affa718bcf8fda33d088d55a2638a06
-
SHA1
b286496e03fa7e06c5281e471a6f7fedd8c3d01d
-
SHA256
6986ab3833b6d627a0e8bc3b2e864b283595764140c12b4879b516aa6ffccca5
-
SHA512
c9c220e48bcd345f8ca270446027e0ad8e3d837923c6cefeabd9d3effc26f0232e4f55765e5a3c155863c9d8792fbcf4fa1f4a8a80aa30573b52bf57193128bf
Score1/10 -
-
-
Target
DLL Payloads/AppDomainManager_Covenant_Test.dll
-
Size
116KB
-
MD5
928234658d224c889962bb812e1cd40b
-
SHA1
248d9528c368a95227c0e357c2377c3d88f2c8d3
-
SHA256
0428cd695ee5c6b07ee41de1535deff27d879235f20ae613ef0f7ba61f1f57f9
-
SHA512
f1ff9d52c9637de0733f401e62d2f864f523af0dc639e1825a0067176ecdfa9422ab12cbb410d465eaf4552664e90b9ac6d3ca983e6bf99758caaa99fc1d158a
-
SSDEEP
3072:XfZWDKnvznGqzUmB7LaqkJotGXWZHBxtJrpyNmb:XQ+nrnDzUIqqkJotGEr8w
Score1/10 -
-
-
Target
DLL Payloads/AppDomainManager_Sliver_Test.dll
-
Size
6KB
-
MD5
1ee637a0bd340628d6979f2ce4752765
-
SHA1
3ccf39cda37e7a36ce5e3cbab378c9de9ab78c93
-
SHA256
e58ccc44c1f07cab2605032ab4754bb0c9d681562753830707d30c4acc59b321
-
SHA512
272ef8eb35fcf97ca32a14089701aa9f09761589a07b23532e95f00accc3046b5fd254d73c17f5134e85665a24aa4315a3e6c11e36a17b4de2e695bbe1a4d76c
-
SSDEEP
96:3sg8Mnbmvw+fYhjZB8QxI01p/9ov0z1fRbvXnTTT+iSDZFeQqeoG:3NnbeWLs01pBz1fJTkQ4
Score1/10 -
-
-
Target
DLL Payloads/DLL-Sideload-BinaryInjector.dll
-
Size
59KB
-
MD5
1cb96739ac8ff0f30dcbd6d12f37f585
-
SHA1
44c835c8522f46bf46e912d83cdca6cfb33e7393
-
SHA256
7c76d07a52fde94bb27bf42c1ad4cd761f570e7691955eb3eab6759b4f7a1542
-
SHA512
7c6cc4250be24964f9980b851868db6b119d064afb56a36b0142e135afbf98883f02f564fe83b4fcaf24070124d6633eb3a37162a638503cee18d5ee6ebaad9b
-
SSDEEP
384:0i29r/o2T/lIObbbIIz/urOjjHTLtsMrkKkQfBX+WUTi9u8g+:0i6r7l/bTDn1rkKdBRUT0g+
Score1/10 -
-
-
Target
DLL Payloads/DLL-Sideload-Message-Box.dll
-
Size
57KB
-
MD5
ae5284e2d2d5967cb39fcfe98616a855
-
SHA1
f6a9ad24f452f510a29372a99b752b7ad8d3f6bc
-
SHA256
e69ffee97b25e57ba9b747e7b092cae185fb7faa6a2c0c75ff7ac5d9da179b8f
-
SHA512
adb6314eb32c4e564cff46c94eddbf5233ed041d363533d0fbd06692e68bd94473ad68a72e6103f9baa68a29ccc5e1a8e586ecf58bf0ddc169355bd7a0ea70ec
-
SSDEEP
384:/0TznG3eLET4lAbpfREIPL/GU/ikHoJrdg49/MGQfBXbuABEu7flY2lUn9u8O+:/hKqbL7fort9/M/Brum17fS2lUhO+
Score1/10 -
-
-
Target
DLL Payloads/DLL-Sideload-Sliver-HTA.dll
-
Size
57KB
-
MD5
a40697a8054cb51e4f58aa43937a4060
-
SHA1
4d1b7788951e249c4d9d10ca0d97b0f263acb3e3
-
SHA256
f3b45c82af1799570ee870351fb6ef5fa06b4b3c57907b20b17f423b3a33c012
-
SHA512
640855c880087bd69b90c42dbe7a66211ca821d007052118ad2f3e2f5460804937d7170f289c066fae11cdb121f66a2500a68059d707db0b08c9c8fac7690efd
-
SSDEEP
384:/8TvnG3eLET4lAbpfREIPL/GU/ikHoJrdg49/MQQfBXbuAtEu7flY2lUn9u8O+:/FKqbL7fort9/MBBrua17fS2lUhO+
Score1/10 -
-
-
Target
DLL Payloads/GUP.exe
-
Size
784KB
-
MD5
773c362e58e96c892eacb85ca37d6ec9
-
SHA1
81789add8556450c23485a1fa234fd63450bd04d
-
SHA256
35de3d372fff37e13962e5f006718db8390f91a85ec40a28255113e3ded701bd
-
SHA512
967df83f887688ffe456d29b177b2067c827738f746db4fe60dad21581545b70a29438410339e9b0cb5c78ebf2690ea4ecb69d0334e41b52b6a7b7a69facebd0
-
SSDEEP
12288:muPnGZ8EU8L7xfaOk5CheTItDnimkAyZEbe+rKTvgqyI:7GZ84faOvxnimMZEClTvn
Score1/10 -
-
-
Target
DLL Payloads/UevAppMonitor.exe
-
Size
54KB
-
MD5
c4452ca851d9067655a1140371dc7552
-
SHA1
810e73381c4453c465695f15e19d0a6011cce73f
-
SHA256
5174a1adf2c7ebab1b76fd6fb23ff437aba0150bd994990ed56b093e96c1f48d
-
SHA512
f1e69dbd2167e21ef9acd9f51aedc468a82c213b45c84a3f8c07dbd9c19f6a11dcfbb77bb127c25cdd18f7858c86ed84070cfdfe3fd3604d9fe361b98e2e8ab7
-
SSDEEP
768:UQdiFsQ+wzon91slxN+u996swwiKEtycTY5lkQ7Vy9ylDXI:0lQ91szN++6NwiKE10Djlc
Score1/10 -
-
-
Target
DLL Payloads/test_shell.dll
-
Size
10.6MB
-
MD5
5ef536a42f6c73d35d28c40a0ec42099
-
SHA1
d1f95217a020302f194240074602338839555bf0
-
SHA256
d4e584fed5f3184c63becfd49069b976012c35a880f8896d1aab3c92468a2847
-
SHA512
12e298ca8fe9d4f5d776878b41cb30b75c7c219b7b24e804ad7b7e99ebd9af9c13bd62de14c839c595890dc3f2b55b4f1fd5a2c4c84f05b943e2b98d939bf306
-
SSDEEP
98304:mn0LwYgGMCnSTejwyc9x7DHNZGEOMxEi5:aASRf9xPHNZjOy
-
Sliver RAT v2
-
-
-
Target
DLL Payloads/vcruntime140d_app.dll
-
Size
181KB
-
MD5
71280e2407beb6d905b9def47daa176f
-
SHA1
6ee281b88cdb5c11ceac4c9d52ee0271f4f027ce
-
SHA256
d6cfea73789964748fd81e6c219aee734a20bba57b49a7c8120661a0cfe44617
-
SHA512
cb3c93e3bf6673f914f1176c445935f4e6755b5e233b2756cb5b5f7945313a85a0ca0088d258f4539b483a3cd1a916c7b8deb0c2d2a2c80cd0c584a0d7a77ea8
-
SSDEEP
3072:5gYUWwKd+iMFy67dx9LxBAG8D+7recbI5daou0+2B3BX:5gYUWrXUdx91Btg+7recbIQ6Jx
Score1/10 -