General

  • Target

    41cc27972b67ab9014eb00dae9262a24.zip

  • Size

    13.2MB

  • Sample

    241018-s9b72avemh

  • MD5

    41cc27972b67ab9014eb00dae9262a24

  • SHA1

    b07dc3f99baa10dda627b7f4881180755b9d392c

  • SHA256

    5c3be59f85aa33ee9702c04132f7ec86317fdfecac4ca9d5f3f41d265037e164

  • SHA512

    4b0798765cef39e5edecb03fb966cbf2f2312a3577473e9421bac99b2a48369ce0ee64995bcaafb34e0124c2aad20b1c5e794e13c2023c4ea77da49d0c5edd2c

  • SSDEEP

    393216:6rhce1tfusgHkn+ztHSv9PnF/3lO3Nsuaxer8TDW:6dcejfSHU4BkP509suDkW

Score
10/10

Malware Config

Targets

    • Target

      DLL Payloads/AppDomainManager-Message-Box.dll

    • Size

      3KB

    • MD5

      4affa718bcf8fda33d088d55a2638a06

    • SHA1

      b286496e03fa7e06c5281e471a6f7fedd8c3d01d

    • SHA256

      6986ab3833b6d627a0e8bc3b2e864b283595764140c12b4879b516aa6ffccca5

    • SHA512

      c9c220e48bcd345f8ca270446027e0ad8e3d837923c6cefeabd9d3effc26f0232e4f55765e5a3c155863c9d8792fbcf4fa1f4a8a80aa30573b52bf57193128bf

    Score
    1/10
    • Target

      DLL Payloads/AppDomainManager_Covenant_Test.dll

    • Size

      116KB

    • MD5

      928234658d224c889962bb812e1cd40b

    • SHA1

      248d9528c368a95227c0e357c2377c3d88f2c8d3

    • SHA256

      0428cd695ee5c6b07ee41de1535deff27d879235f20ae613ef0f7ba61f1f57f9

    • SHA512

      f1ff9d52c9637de0733f401e62d2f864f523af0dc639e1825a0067176ecdfa9422ab12cbb410d465eaf4552664e90b9ac6d3ca983e6bf99758caaa99fc1d158a

    • SSDEEP

      3072:XfZWDKnvznGqzUmB7LaqkJotGXWZHBxtJrpyNmb:XQ+nrnDzUIqqkJotGEr8w

    Score
    1/10
    • Target

      DLL Payloads/AppDomainManager_Sliver_Test.dll

    • Size

      6KB

    • MD5

      1ee637a0bd340628d6979f2ce4752765

    • SHA1

      3ccf39cda37e7a36ce5e3cbab378c9de9ab78c93

    • SHA256

      e58ccc44c1f07cab2605032ab4754bb0c9d681562753830707d30c4acc59b321

    • SHA512

      272ef8eb35fcf97ca32a14089701aa9f09761589a07b23532e95f00accc3046b5fd254d73c17f5134e85665a24aa4315a3e6c11e36a17b4de2e695bbe1a4d76c

    • SSDEEP

      96:3sg8Mnbmvw+fYhjZB8QxI01p/9ov0z1fRbvXnTTT+iSDZFeQqeoG:3NnbeWLs01pBz1fJTkQ4

    Score
    1/10
    • Target

      DLL Payloads/DLL-Sideload-BinaryInjector.dll

    • Size

      59KB

    • MD5

      1cb96739ac8ff0f30dcbd6d12f37f585

    • SHA1

      44c835c8522f46bf46e912d83cdca6cfb33e7393

    • SHA256

      7c76d07a52fde94bb27bf42c1ad4cd761f570e7691955eb3eab6759b4f7a1542

    • SHA512

      7c6cc4250be24964f9980b851868db6b119d064afb56a36b0142e135afbf98883f02f564fe83b4fcaf24070124d6633eb3a37162a638503cee18d5ee6ebaad9b

    • SSDEEP

      384:0i29r/o2T/lIObbbIIz/urOjjHTLtsMrkKkQfBX+WUTi9u8g+:0i6r7l/bTDn1rkKdBRUT0g+

    Score
    1/10
    • Target

      DLL Payloads/DLL-Sideload-Message-Box.dll

    • Size

      57KB

    • MD5

      ae5284e2d2d5967cb39fcfe98616a855

    • SHA1

      f6a9ad24f452f510a29372a99b752b7ad8d3f6bc

    • SHA256

      e69ffee97b25e57ba9b747e7b092cae185fb7faa6a2c0c75ff7ac5d9da179b8f

    • SHA512

      adb6314eb32c4e564cff46c94eddbf5233ed041d363533d0fbd06692e68bd94473ad68a72e6103f9baa68a29ccc5e1a8e586ecf58bf0ddc169355bd7a0ea70ec

    • SSDEEP

      384:/0TznG3eLET4lAbpfREIPL/GU/ikHoJrdg49/MGQfBXbuABEu7flY2lUn9u8O+:/hKqbL7fort9/M/Brum17fS2lUhO+

    Score
    1/10
    • Target

      DLL Payloads/DLL-Sideload-Sliver-HTA.dll

    • Size

      57KB

    • MD5

      a40697a8054cb51e4f58aa43937a4060

    • SHA1

      4d1b7788951e249c4d9d10ca0d97b0f263acb3e3

    • SHA256

      f3b45c82af1799570ee870351fb6ef5fa06b4b3c57907b20b17f423b3a33c012

    • SHA512

      640855c880087bd69b90c42dbe7a66211ca821d007052118ad2f3e2f5460804937d7170f289c066fae11cdb121f66a2500a68059d707db0b08c9c8fac7690efd

    • SSDEEP

      384:/8TvnG3eLET4lAbpfREIPL/GU/ikHoJrdg49/MQQfBXbuAtEu7flY2lUn9u8O+:/FKqbL7fort9/MBBrua17fS2lUhO+

    Score
    1/10
    • Target

      DLL Payloads/GUP.exe

    • Size

      784KB

    • MD5

      773c362e58e96c892eacb85ca37d6ec9

    • SHA1

      81789add8556450c23485a1fa234fd63450bd04d

    • SHA256

      35de3d372fff37e13962e5f006718db8390f91a85ec40a28255113e3ded701bd

    • SHA512

      967df83f887688ffe456d29b177b2067c827738f746db4fe60dad21581545b70a29438410339e9b0cb5c78ebf2690ea4ecb69d0334e41b52b6a7b7a69facebd0

    • SSDEEP

      12288:muPnGZ8EU8L7xfaOk5CheTItDnimkAyZEbe+rKTvgqyI:7GZ84faOvxnimMZEClTvn

    Score
    1/10
    • Target

      DLL Payloads/UevAppMonitor.exe

    • Size

      54KB

    • MD5

      c4452ca851d9067655a1140371dc7552

    • SHA1

      810e73381c4453c465695f15e19d0a6011cce73f

    • SHA256

      5174a1adf2c7ebab1b76fd6fb23ff437aba0150bd994990ed56b093e96c1f48d

    • SHA512

      f1e69dbd2167e21ef9acd9f51aedc468a82c213b45c84a3f8c07dbd9c19f6a11dcfbb77bb127c25cdd18f7858c86ed84070cfdfe3fd3604d9fe361b98e2e8ab7

    • SSDEEP

      768:UQdiFsQ+wzon91slxN+u996swwiKEtycTY5lkQ7Vy9ylDXI:0lQ91szN++6NwiKE10Djlc

    Score
    1/10
    • Target

      DLL Payloads/test_shell.dll

    • Size

      10.6MB

    • MD5

      5ef536a42f6c73d35d28c40a0ec42099

    • SHA1

      d1f95217a020302f194240074602338839555bf0

    • SHA256

      d4e584fed5f3184c63becfd49069b976012c35a880f8896d1aab3c92468a2847

    • SHA512

      12e298ca8fe9d4f5d776878b41cb30b75c7c219b7b24e804ad7b7e99ebd9af9c13bd62de14c839c595890dc3f2b55b4f1fd5a2c4c84f05b943e2b98d939bf306

    • SSDEEP

      98304:mn0LwYgGMCnSTejwyc9x7DHNZGEOMxEi5:aASRf9xPHNZjOy

    Score
    10/10
    • Sliver RAT v2

    • SliverRAT

      SliverRAT is an open source Adversary Emulation Framework.

    • Target

      DLL Payloads/vcruntime140d_app.dll

    • Size

      181KB

    • MD5

      71280e2407beb6d905b9def47daa176f

    • SHA1

      6ee281b88cdb5c11ceac4c9d52ee0271f4f027ce

    • SHA256

      d6cfea73789964748fd81e6c219aee734a20bba57b49a7c8120661a0cfe44617

    • SHA512

      cb3c93e3bf6673f914f1176c445935f4e6755b5e233b2756cb5b5f7945313a85a0ca0088d258f4539b483a3cd1a916c7b8deb0c2d2a2c80cd0c584a0d7a77ea8

    • SSDEEP

      3072:5gYUWwKd+iMFy67dx9LxBAG8D+7recbI5daou0+2B3BX:5gYUWrXUdx91Btg+7recbIQ6Jx

    Score
    1/10

MITRE ATT&CK Matrix

Tasks