General

  • Target

    Nebula-5.zip

  • Size

    5.4MB

  • Sample

    241025-he498awbna

  • MD5

    ca0b3da093a6e3a580758a67bc2097e1

  • SHA1

    1411747a249d96be42506f4c7a0c9f2251eae9b7

  • SHA256

    20f7e66efeb41d1e01891c8356f8b81475b9b5a062c859814b8e46c2925837d0

  • SHA512

    007caeeca1b1ab162b1f86046691032abd5ec4efa2a4975954e841c47ebbe05b20659f2d24e3eceaa995ff94c03f5495773d9c9a6300e5bb47cc6bee5d87fe15

  • SSDEEP

    98304:Tw8TQvwTXdG3DTWWFGr5QsOzoNTRoSXNl3AspWW6cRJfCNRBhaE5xU1Vx:Tw884rdG3FGr10ofoiNlbpBfY1aE3UR

Malware Config

Targets

    • Target

      .cache/typescript/4.4/node_modules/@types/crypto-js/index.d.ts

    • Size

      52KB

    • MD5

      9bbbcb009143b80f8647840951e23f28

    • SHA1

      2df4459518883087401a780c9a3ceacca831daad

    • SHA256

      4f9362850bb427525ba05c0e861dae06d9918bd16ccb38d504cb7294f69e8496

    • SHA512

      81d952dc5f30943913f3cc6045eec12a8b20b9c7d00e84a90c692c739ce4a2ee8da0464ea377501c3c25e9efb526979d0c0f9549f4cdbf2b3df33caed644d07b

    • SSDEEP

      1536:bmwViB/KwbhEL3iv5hvMQyLCnecjWiaRhusQgpvEld70P0zD67NPwt06qmVVPK9j:bmwViB/KwbhEL3iv7vMQyLCecjWiUusB

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Target

      .cache/typescript/4.4/node_modules/@types/node/async_hooks.d.ts

    • Size

      22KB

    • MD5

      b815c102e78d84c4c4d04e14db6bdcae

    • SHA1

      f71a6da10bc9d124b56736b67047530ba81f4a0f

    • SHA256

      cce1f5f86974c1e916ec4a8cab6eec9aa8e31e8148845bf07fbaa8e1d97b1a2c

    • SHA512

      bf89663da4d58ea1e7b04cf0f43db72a9c8a6788d5f28acc3d9df29cfeac4124589ae70c5a8513887d25dae2e4bfa07bce520f2763c303eb46d94013f7d8f6cc

    • SSDEEP

      384:qMQze0Zf6MzAJ/0Px0cMm8FjUZkToKTXw8xZz+0TKc7vma4oZSN0ZeyYy5nM+G:vQJV6kAJ/0Px+9jUZkToKTXwwz3TKcz6

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/buffer.d.ts

    • Size

      104KB

    • MD5

      6a07cd53594bab2e6e12d79c05fc8e8d

    • SHA1

      ffbf518ed36cccd4f5cf69eda1f0483b83b0e8bf

    • SHA256

      7fd7fcbf021a5845bdd9397d4649fcf2fe17152d2098140fc723099a215d19ad

    • SHA512

      2a0a1dcd8201f9fe3502445c24e6788bb0328e07aca1b92b8d117095598d91b523bbd5a5563a1c74a659d45a7bfa37107b0cf15a74fbc8ecbaa7b7436dc98092

    • SSDEEP

      1536:jFMsJ5E+X4/igrG6gZUx7xgUyIF41ApTSEfORrRDuPELE5QvZjpCLWNO6rgP:jFMsJ5E+X4/RCDQfTgbxI

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/child_process.d.ts

    • Size

      67KB

    • MD5

      79f6694ade705381912f881a3a71289b

    • SHA1

      32b441dee5e1ec86228415f8af6ee1fd6c797ae7

    • SHA256

      df3389f71a71a38bc931aaf1ef97a65fada98f0a27f19dd12f8b8de2b0f4e461

    • SHA512

      47e62f2360a5ad9e90f65f96cc2c24318332ec32e2ce46a8094d6d3cf1c29b951437194177d06e4f2674062efcc1825cab8ab239b39d41e08a8061400283651d

    • SSDEEP

      768:azn3aELjpo4K0qDdOCG5T86MQyEZdeMqqJ:aznDWH0A3qMRE1

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/crypto.d.ts

    • Size

      186KB

    • MD5

      8077f8633bd66b0a50b07ef787e18832

    • SHA1

      70c4fb1951a999b00eeafedd6e65930f3c1ecd89

    • SHA256

      8b809082dfeffc8cc4f3b9c59f55c0ff52ba12f5ae0766cb5c35deee83b8552e

    • SHA512

      2d0eb2ece67dbcee12ca68383ed87a4681d368cba599d2ce148954a04317476fab2a9276438ffe3ece6e53c40afd3d6b7a7bc63e2fd0e645d524943aecb3f7b4

    • SSDEEP

      3072:YHXYaSEYFejTvPD14wHRG5B53DlhYcxx5juVnXzRjEW1863LAcGET40OdtkVNyi9:YHXqQX5hHRG5B53DlhYcxf6VXzRjEWe4

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/dns/promises.d.ts

    • Size

      17KB

    • MD5

      9e78c3a0d2ed442349cea8e50a07116c

    • SHA1

      bfb9d9fe96581875287f0f7cb453bc0eed9458e6

    • SHA256

      af5bf1db6f1804fb0069039ae77a05d60133c77a2158d9635ea27b6bb2828a8f

    • SHA512

      2521b8a83b0bbfe4be18a4104d2c9f9be868a668fe5eca75d6885a03125b8a882ec1455c06fb7ba9b4b83237aff7be5ab2c141b52359cc5cc353e8fba65cad0d

    • SSDEEP

      192:w/qv6ZD1NfSZvapX0ZJ0N8UTVPHGoG3cC+htyc3k33QnhK/FIv9QREQpmKj9:qR1NKeXnHCeqqQ409

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/domain.d.ts

    • Size

      7KB

    • MD5

      ee727b7b71d0f5e19c7b2a248796ebb7

    • SHA1

      d9dbbcaab4c80a5944bafbf140afbf00ced1641f

    • SHA256

      b7fe70be794e13d1b7940e318b8770cd1fb3eced7707805318a2e3aaac2c3e9e

    • SHA512

      c391b0d8ada56f8101883f52e527041283b687e19b9f21f1dd795ad1a9d4424565e974663dd6c8eed22628a9e399efbcd579f719bc66e3519f6f2c9765313e3b

    • SSDEEP

      192:QkbZDatRHf8X2UvbuZnspsY2e9sm0eVgc4Qg2ysdVmTGqmaQNT:JNewsn8u8GaIqnJT

    Score
    4/10
    • Target

      .cache/typescript/4.4/node_modules/@types/node/events.d.ts

    • Size

      40KB

    • MD5

      657c6348c82e7f8427ca3a588933b7d8

    • SHA1

      c4ebea42d805a93210f072258c603ccf219b237a

    • SHA256

      674168aa3db414ea0a19b2a31d901b2d49705c7a495e43ffdc96928543010f8c

    • SHA512

      76336102e11defa212c1a9606492b876941f3ab3fb31666a108399fbe580e1460a76a522e0ae22a28b45f6eb27e7a57e25c4877c08f0d2a232ee81d0d78567b9

    • SSDEEP

      768:hKAjafZaT+JGrv+Qd428m5zVafyDBQPZ9Qg0o7:8AjafzJGr+QR8mRVzQPAo7

    Score
    4/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

discovery
Score
6/10

behavioral2

antivmdiscovery
Score
4/10

behavioral3

antivmdiscovery
Score
4/10

behavioral4

antivmdiscovery
Score
4/10

behavioral5

discovery
Score
3/10

behavioral6

antivmdiscovery
Score
4/10

behavioral7

antivmdiscovery
Score
4/10

behavioral8

antivmdiscovery
Score
4/10

behavioral9

discovery
Score
3/10

behavioral10

antivmdiscovery
Score
4/10

behavioral11

antivmdiscovery
Score
4/10

behavioral12

antivmdiscovery
Score
4/10

behavioral13

discovery
Score
3/10

behavioral14

antivmdiscovery
Score
4/10

behavioral15

antivmdiscovery
Score
4/10

behavioral16

antivmdiscovery
Score
4/10

behavioral17

discovery
Score
3/10

behavioral18

antivmdiscovery
Score
4/10

behavioral19

antivmdiscovery
Score
4/10

behavioral20

antivmdiscovery
Score
4/10

behavioral21

discovery
Score
3/10

behavioral22

antivmdiscovery
Score
4/10

behavioral23

antivmdiscovery
Score
4/10

behavioral24

antivmdiscovery
Score
4/10

behavioral25

discovery
Score
3/10

behavioral26

antivmdiscovery
Score
4/10

behavioral27

antivmdiscovery
Score
4/10

behavioral28

antivmdiscovery
Score
4/10

behavioral29

discovery
Score
3/10

behavioral30

antivmdiscovery
Score
4/10

behavioral31

antivmdiscovery
Score
4/10

behavioral32

antivmdiscovery
Score
4/10