General

  • Target

    9bb727f6f6f051cf3d76503ca9e6b635c5141558f4cd4b6407ac6cfca38f69dcN

  • Size

    1.0MB

  • Sample

    241028-yjcnrswcjj

  • MD5

    a9af8b28d0c50d4faa3ead15a03e5c90

  • SHA1

    ce3435b5217bd3a921d4ef9ce3b429bd3c52f623

  • SHA256

    9bb727f6f6f051cf3d76503ca9e6b635c5141558f4cd4b6407ac6cfca38f69dc

  • SHA512

    4f579d846d2b2782b374844ede12343cdf24d79a77ddcd42687bfbcc9781158f9271c06eddb8b59af6f39f40d25962ef2ec13b8d39ad17e2984f08fe1ad9770d

  • SSDEEP

    24576:JmUNJyJqb1FcMap2ATT5cmUNJyJqb1FcMap2ATT5cmUNJyJqb1FcMap2ATT58:JmV2ApcmV2ApcmV2Ap8

Malware Config

Extracted

Family

simda

Attributes
  • dga

    gatyfus.com

    lyvyxor.com

    vojyqem.com

    qetyfuv.com

    puvyxil.com

    gahyqah.com

    lyryfyd.com

    vocyzit.com

    qegyqaq.com

    purydyv.com

    gacyzuz.com

    lygymoj.com

    vowydef.com

    qexylup.com

    pufymoq.com

    gaqydeb.com

    lyxylux.com

    vofymik.com

    qeqysag.com

    puzylyp.com

    gadyniw.com

    lymysan.com

    volykyc.com

    qedynul.com

    pumypog.com

    galykes.com

    lysynur.com

    vonypom.com

    qekykev.com

    pupybul.com

Targets

    • Target

      9bb727f6f6f051cf3d76503ca9e6b635c5141558f4cd4b6407ac6cfca38f69dcN

    • Size

      1.0MB

    • MD5

      a9af8b28d0c50d4faa3ead15a03e5c90

    • SHA1

      ce3435b5217bd3a921d4ef9ce3b429bd3c52f623

    • SHA256

      9bb727f6f6f051cf3d76503ca9e6b635c5141558f4cd4b6407ac6cfca38f69dc

    • SHA512

      4f579d846d2b2782b374844ede12343cdf24d79a77ddcd42687bfbcc9781158f9271c06eddb8b59af6f39f40d25962ef2ec13b8d39ad17e2984f08fe1ad9770d

    • SSDEEP

      24576:JmUNJyJqb1FcMap2ATT5cmUNJyJqb1FcMap2ATT5cmUNJyJqb1FcMap2ATT58:JmV2ApcmV2ApcmV2Ap8

MITRE ATT&CK Enterprise v15

Tasks