dd7654e31781d29cc24000a7a00c6ad849adbb4cedb82f3bd53e1eb595231843

General

Target

BadZone SCP_SL(1).rar
Size

1.3MB
Sample

241026-wmg2jsvlbp
MD5

01c42c503d1dbcdfeac7cd656d0a7771
SHA1

7e343aef98abedc75ac540e0123d849734933bec
SHA256

dd7654e31781d29cc24000a7a00c6ad849adbb4cedb82f3bd53e1eb595231843
SHA512

53b06a40c92dc00ef76895426bdfd34819e7cc2f4b06b74c5822cadd1b9ffcb6306afea244bf006d1df6e232612cb5fa13b6f5bd465cc361845b7119e628bc8f
SSDEEP

24576:KyZkjBA16qijAmDPJtGkHjCIhMmW0RY6NybK6FQ8fe153rodwfKsE1z:KMki16qW3DRRHjlDNybef0ck1z

Score

5^/10

Malware Config

Targets

- Target
  
  BadZone SCP_SL/ENG/Injector.exe
- Size
  
  22KB
- MD5
  
  ebadf71aae5b81097f02003b13f3b2dd
- SHA1
  
  aa5618e281250014dc61bafe4bcc202e3938451c
- SHA256
  
  51e742a6997dbf7ca191d63bfc7e04e80ac8c41f5ea0505efd9df1014eff9c95
- SHA512
  
  19c54e7e26983e8d09b3cf6f0950bcafc2f4442297485e80f105c5a102aac331b28100371dbd496c8781420af3fe97add859326245a9ec9ffbb0eb69c54dca83
- SSDEEP
  
  384:2Km9UjiGHAbFafKIGydTzDlLXuvSkF4RIDzbkOfDu3a30i:Z/JpSvS7qkQ30
Score

5^/10

steam discovery phishing
- Detected potential entity reuse from brand STEAM.
  phishing steam
behavioral1
- Target
  
  BadZone SCP_SL/ENG/LokiSCPSL.dll
- Size
  
  1.3MB
- MD5
  
  2d801de53b4caf8af3b0574755c49f57
- SHA1
  
  1b559358c7fb74982798d9e13b9353cce9405b92
- SHA256
  
  ce16cb116002ae06530b2f02b3717202acc9ba04eed4bb450d48cc161249ab4a
- SHA512
  
  a03a658648e5baa5420965f0ed1d06db9e02be34e3e4cdd4a5b54656614e7d472ad7426722a70f4d82937c96ef597157fdbf3069aea54b67c12d34cd6ae2c3d4
- SSDEEP
  
  24576:7EXPw+4EP09SgknjeI/Fx0r6NS+FQ1guBrbKeznwNh0lhSMXlkkZ:gX4+4EvgkJ/FGo2FV2WnpUk
Score

1^/10
behavioral2
- Target
  
  BadZone SCP_SL/ENG/start.bat
- Size
  
  62B
- MD5
  
  019b6ed1cbc0b959f60079a7f37fb2dd
- SHA1
  
  3ce5de167d13e8835b8a40017a80840c906fe075
- SHA256
  
  b12c2d340a4df769f2e21496d29e510e662764b5c4086c4d29da436a792dd9a6
- SHA512
  
  748a5d6949bb5d86099c2bc860681565e05bd7e9668d5648d0ae70b1676d80e431efd40105493db5c34d4a112cbba24af1abec46bee5456ff375f6fdf0497572
Score

1^/10
behavioral3
- Target
  
  BadZone SCP_SL/RUS/Injector.exe
- Size
  
  22KB
- MD5
  
  ebadf71aae5b81097f02003b13f3b2dd
- SHA1
  
  aa5618e281250014dc61bafe4bcc202e3938451c
- SHA256
  
  51e742a6997dbf7ca191d63bfc7e04e80ac8c41f5ea0505efd9df1014eff9c95
- SHA512
  
  19c54e7e26983e8d09b3cf6f0950bcafc2f4442297485e80f105c5a102aac331b28100371dbd496c8781420af3fe97add859326245a9ec9ffbb0eb69c54dca83
- SSDEEP
  
  384:2Km9UjiGHAbFafKIGydTzDlLXuvSkF4RIDzbkOfDu3a30i:Z/JpSvS7qkQ30
Score

1^/10
behavioral4
- Target
  
  BadZone SCP_SL/RUS/LokiSCPSL.dll
- Size
  
  1.3MB
- MD5
  
  72dd7548b96019390dbeea284dfe76f7
- SHA1
  
  84d99155ac336e5a2a0eaa463b11be9acba5a041
- SHA256
  
  a33fcc2e5bea60c61bd5aef9cad613f62851b8ec8a47847c3001b3a11d4697ac
- SHA512
  
  09f85be57b77903dc9b203a4c11d27e190c87b5a7bd0974dad670363e754e41c815dfaa8da4befaebb45814db234ca619512bd174a25bc13a91f76664772408c
- SSDEEP
  
  24576:rvijFiAXGlm/ZYnm4jCs3Il9Fx0r6NS+FQ1guBrbGemnwNh0lhSMXlW:rvCiQGlYqjCz9FGo2FVSDnp
Score

1^/10
behavioral5
- Target
  
  BadZone SCP_SL/RUS/start.bat
- Size
  
  62B
- MD5
  
  019b6ed1cbc0b959f60079a7f37fb2dd
- SHA1
  
  3ce5de167d13e8835b8a40017a80840c906fe075
- SHA256
  
  b12c2d340a4df769f2e21496d29e510e662764b5c4086c4d29da436a792dd9a6
- SHA512
  
  748a5d6949bb5d86099c2bc860681565e05bd7e9668d5648d0ae70b1676d80e431efd40105493db5c34d4a112cbba24af1abec46bee5456ff375f6fdf0497572
Score

1^/10
behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Detected potential entity reuse from brand STEAM.

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6