irata | 367d1b3076da2962ad6f0479dfba30f3786854358509a1cac33dcaf071c4d428 | Triage

Sharing

General

Target

Void Exec.zip
Size

448.6MB
Sample

241022-e5q9haxeqh
MD5

617961b1f42bc8a57faa92ebb890b528
SHA1

96ed11c6ab3cc8085a1eba0cd27976c002486298
SHA256

367d1b3076da2962ad6f0479dfba30f3786854358509a1cac33dcaf071c4d428
SHA512

92fa31182a3f098b722d956866196bd007763273cb89df105d37f863777bad677d63b1215dc55f72316fb6f3e0b350c604965636ba4e7fcc576a68e70cfe57c7
SSDEEP

1572864:PMkF09vaS0+v7DQHhqukcNhAWxKJCxtZX9EMiwDWXzwJ8GX5RUlJy97hOfp/gpSe:PBiL8AgyGC79FjuzVw6w0drb8TQ4op

Score

10^/10

irata discovery execution

Malware Config

Targets

- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/quickinput/browser/quickInput.js
- Size
  
  51KB
- MD5
  
  67ba6ead6bb7a0b1b47fcf1349e8db54
- SHA1
  
  3ca750779af95d8642f465f82b61e149b3ee9068
- SHA256
  
  d515a445350d7504558c551da28ac4ee8466d3bc934d05ef3be93c6cbfaba11b
- SHA512
  
  5217502ee5aeb69b60d87f39777a1ca608986478a8344298b9f06c3dca4a8cea2d8f4c78f512edf742823d3958188a97ab9534f7d481ab9d81c14ec8bf9d90bb
- SSDEEP
  
  1536:hMM1THclKk/RWMH4vAoUB8pBLliQ0GuktzJM3:8R3
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/quickinput/browser/quickInputBox.js
- Size
  
  3KB
- MD5
  
  5459057ff95bf05dc51e77c145e1acc7
- SHA1
  
  e28332789f09214c3d10cf4fd349e8f0646dd2c2
- SHA256
  
  7dc00d515524071ff2a025bb447bcbaa7a4136bca285c24f4e500814f50f2d09
- SHA512
  
  08bfe3bc8abf3c043235bd46da65d1a33b6776de26747245022a54697b8404dee05409f4ecc9310dca395b8b23b4619dcecf33d9cfb1419a99f8b4715f3b8abe
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/quickinput/browser/quickInputList.js
- Size
  
  26KB
- MD5
  
  a5f6d5e4306be5f480bd73dc96b9e810
- SHA1
  
  e431c6d81ad89a3fce991a4cadbd0283f6f5d7fa
- SHA256
  
  5bed0e0851232ae9eff7b51f5ec01daaa9da78c1f5372b1914a79ee61106ab8c
- SHA512
  
  a23b909c4b7974952344a7972453f2e71fab4e564bf9565657ae429886ef8861b01b2d5e9f0671fc7fba593da4832ae6a0df66ffe257e6868fdec43faab906a2
- SSDEEP
  
  768:HNxDxtt5g4Ea7r9HEHQHQbZSXHgVok29ihxQ/NEbp/NnPoVU39E9kYsL5OalYKuh:bDxtt+4Ea7r9HEHQHgSXHgVok29ihxQ1
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/quickinput/browser/quickInputUtils.js
- Size
  
  1KB
- MD5
  
  a154b90de79b345b31a70254dc3ea6ce
- SHA1
  
  03a74b08e6a6952531623c613514037ca9752725
- SHA256
  
  6baf1f7e9b92412f3aa6c2af0691faa1148a3d9e69927f95d075a77ffd79ca69
- SHA512
  
  cd3bdd50135470fd3ecfe1502b3cec007289fd0c6343f383c859f96791ffaf0569ea2a117a076257f7c954e517dc3af5f07a4828e8b237c95fde69a25c146f8a
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/quickinput/common/quickInput.js
- Size
  
  772B
- MD5
  
  c87dac46c7ebb329d4f7073efc247071
- SHA1
  
  df2c039b1911fc38b59a4ef6e295c6acbac91eed
- SHA256
  
  7df88b302637d756dc52621445c9e8041c1c4f3020fe11986ddae51cbcbcea64
- SHA512
  
  013c7515e2e704bdcce505e7f4fcd51dae8bfb37c4982c7e20b0126e25e783ff72ed53b3e6d51b3c578d4992d8092579bdce1ca48834f6ae1b1922b91a7457b4
Score

4^/10

discovery execution
behavioral10 behavioral9
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/parts/storage/common/storage.js
- Size
  
  7KB
- MD5
  
  22784003b53cb802ac29a0c06c1a9115
- SHA1
  
  80eee38f69f0be2cb457bf33737b381c549fdf3d
- SHA256
  
  49e9b2c759e882a8675505de0370d0eac095e5f235073e163c383a9be2e48d75
- SHA512
  
  3f94e910611e741329ecb6abe69d9509348c9884d65ef2aeec9c4c861cfd854410fb754d6241e09b178c7e3f845c47f7f9192588c28be849eb47d93afae0e4a8
- SSDEEP
  
  192:gKnkgz2MPszlOTkai9y/wG/3R4AA/n+qFFbXH1qdhKMXfOEvDhZYTcvNSX3Qeyb6:hdGAT/ZN4h+IF7H1+hKMrvDhacvNSXH9
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/base/worker/defaultWorkerFactory.js
- Size
  
  5KB
- MD5
  
  f27c96a494457f2ead471c52454a95b0
- SHA1
  
  ed05e50548aa5f6f9471b9a706d45bda2ef9a491
- SHA256
  
  e88a536711d781c6e09f2c7fe0704d0259d3e3a3e0ab7c6e5642e518a4e52ae1
- SHA512
  
  398933751ed8b2a8aaf814ee5f85e35dc5e4621ee172b4d1e3b8e6740fd7a7c32ff8303717eb3305189e70f6a07bad20adffe5da4a394c370cba25e2b65f8491
- SSDEEP
  
  96:HDGZgo43WlHIXoEsRslsjgYUsRs8z9Lb0G5pAoQ22UmOXDZ1bCx:ggonoXPsfUspJ8B1OTZ1bCx
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/_.contribution.js
- Size
  
  2KB
- MD5
  
  5e4b3ee0f76842bfa8c2fcabc59309db
- SHA1
  
  8b6d11fd39019a2e2d1ffe1c04ebac5b57b2765f
- SHA256
  
  0462947f3a3797adbcfe8f63c163c1dcca99c5e068f3130bb16d1be20eb46560
- SHA512
  
  4845ba5c4d56b57ce4ed7c74dda05a59f3dfa53a657f241338c436445a038fa5f384dca8afc9abd5579091d640b909d9d72e38fce395bd0c9ff7bfc20dc6a2a6
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/abap/abap.contribution.js
- Size
  
  573B
- MD5
  
  809137b8c5b7db2f71a14d3554ec7f20
- SHA1
  
  604bdb458d4494bf83441e4baf8c669e82bcb1ce
- SHA256
  
  f94d2807c96d4902f8a7a3b728351a2213fe9461a0eafdfcc455e7ca50bea476
- SHA512
  
  896e26c1a51ea98f15ba963fc3e6d853ab12d0df53ab62c55433a106af9f1c7b9783433f4651a4e0c0f460f66b450022c7913cb3f37924573fa890685e2c2c6b
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/abap/abap.js
- Size
  
  19KB
- MD5
  
  dafa5f3d74cd4bba1832467a3202a1d3
- SHA1
  
  43dc982d16d6922c0b8261c58c96fba4d1d92b0f
- SHA256
  
  2e2daded3f3128ca69fbb7368914ec0c8ec92eb543d64af133d538bf56e2eebf
- SHA512
  
  d79791670fa3c027ef764eaa99cd6c6100e11fd6256b06f83b568b94789651b4cadcd942a529d8f8a37c948aa191503473546d4699d8fa0c34925cc62d12d60f
- SSDEEP
  
  384:2UFFUnc+Dcqpoz8/GZgoXbIAxJ42F75i0o1pCiRlMwsneMjS:2+9+DcMcdgoXcAtO5K6lkS
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/apex/apex.contribution.js
- Size
  
  627B
- MD5
  
  ed719ea2b97eb4b635030cf8b556ec3a
- SHA1
  
  6ec7c36fdcddc33b33eb638d7aa3ee3db2c0e4c0
- SHA256
  
  cca8a045ac6529c89c0f408eac45cde4ff728492c6f4c27a123e1864b7b7c778
- SHA512
  
  26a6b282de92afcfc12b425d7803650b9c409de451af5f75fc0c0b57826a458fae628ac9a921bc51397916d7305d09397404bcd6be705cbfcd63005c9ed2ccc2
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/apex/apex.js
- Size
  
  8KB
- MD5
  
  b8e811356f0eb9e74a35276657b1d006
- SHA1
  
  bf2c685563ac5c019811330227e4dff07f9067e5
- SHA256
  
  08aaba5dadfcf3dc275b84d1d2d0b89dcebb40d20a7b6677cad5de9bd4f85b1b
- SHA512
  
  bd36231b6a77d48624b9b8f2305cb335e3a2ee48ccaea048d87a00a5d45eba0b9b66ac8343690afc98026ee4c06c66edd41b1c007390c303d1953827f657c700
- SSDEEP
  
  96:HDGKVdWlV8UFLUTd1RkxtoAB06DIoEH8Kic1nQpSAY/H0ldc8yUwnoKdUfNcjhPK:WlTLUTd1RkxtoAGDPH8Kic1n6YeJ8q
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/azcli/azcli.contribution.js
- Size
  
  582B
- MD5
  
  f82249891038fb00fc40ed642a854e6d
- SHA1
  
  d4251659f4346982278ae8e5ffc442045714465c
- SHA256
  
  02db4918591776701d384915bdf75404d052b5080601ec22ad899ab174de2022
- SHA512
  
  75cfa63fc8948b6f834a26eeb073acd6b8d810fcce59b89c13121aa55b732a9238ffba970ee44f0c3763aa21155bb2b4725487b34f9b986708120bacc9735bd4
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/azcli/azcli.js
- Size
  
  2KB
- MD5
  
  3ec2ff9c2e384435840f52c9abbb6e82
- SHA1
  
  9ce916458bfda0c51aeb3b31b97b029659190ab6
- SHA256
  
  b59e03e112637d34374f1c14c1b17be772a2ac1187f1fb0a6589f0237e0e663c
- SHA512
  
  2323483b93e647859f923c159d0c1efc6a3f92d579b5f1f41b99245e0a9d84975eb75fdcbb626e8394415a6d2257d96dfad0f171828a2f9cad8fd8f151cadb7f
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/bat/bat.contribution.js
- Size
  
  578B
- MD5
  
  47e685852cc890332e0789d03ec4a650
- SHA1
  
  f878661b0878cedd151951b95671598ee8400e85
- SHA256
  
  93af5b4785d5ad1a507c4e2fb9a6aae00aa2dc8803cb21f01f1059edbb8df0d9
- SHA512
  
  3c5657a881c3193af2c32a9966107b07f18ff7eecaf83c50605a45574f57af884b977c2f99e65bfa2a140cceb2ac5dea27f7741e50bdad0b16af1012831c82a9
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Void Exec/bin/DebugMonaco/package/esm/vs/basic-languages/bat/bat.js
- Size
  
  3KB
- MD5
  
  6997d1071bf91bc22d1ec0e488ceed00
- SHA1
  
  0295462783c8f713ba0856215e881fe56b96ccd5
- SHA256
  
  914b1771e2efc7a7abd721d5ffaf7ccacd1363df1af0205c15cb58d63dc30426
- SHA512
  
  d60d77d7438a6de05a6a79e23cf260c1755f34efd179b0429cc02888913977ef2ee20d1a7ca7d9fc8b914b0399f71e91983eae679e6f4a39467f9e3d54bdce0a
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

discoveryexecution

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32