61c56c08353cf2eeb3d498b61708937f4d17fd4f0eee30138ed3c54a9978c3a2

Resubmissions

08-11-2024 15:13

241108-slqqhsvcjl 4

08-11-2024 15:11

241108-skk4msvbqq 4

08-11-2024 14:30

241108-rvgzassrev 8

08-11-2024 14:22

241108-rp3c2stelg 10

Sharing

Copy URL

Twitter E-mail

General

Target

AppOnFly Windows VPS & Cloud Gaming.mhtml
Size

428KB
Sample

241108-skk4msvbqq
MD5

fe263d9bd308bc908394eca99554fb0d
SHA1

e7870bea23376f8db3eef956973ad9ba64050b73
SHA256

61c56c08353cf2eeb3d498b61708937f4d17fd4f0eee30138ed3c54a9978c3a2
SHA512

0bcf16d0175fdf12fa468c5a905d78ad888236120ecee0789478e24f7242fc07cf6055b8a721bbe560f22eea0d0f12b5f1d4c0693f6898ff61553704fffdde7d
SSDEEP

3072:nMI1RVRRdjxBV7TYkzPGOPEvwPXcn/E84mSWaed+5vj:nMUBUkzuOL/cnU

Score

4^/10

discovery execution

Malware Config

Targets

- Target
  
  AppOnFly Windows VPS & Cloud Gaming.mhtml
- Size
  
  428KB
- MD5
  
  fe263d9bd308bc908394eca99554fb0d
- SHA1
  
  e7870bea23376f8db3eef956973ad9ba64050b73
- SHA256
  
  61c56c08353cf2eeb3d498b61708937f4d17fd4f0eee30138ed3c54a9978c3a2
- SHA512
  
  0bcf16d0175fdf12fa468c5a905d78ad888236120ecee0789478e24f7242fc07cf6055b8a721bbe560f22eea0d0f12b5f1d4c0693f6898ff61553704fffdde7d
- SSDEEP
  
  3072:nMI1RVRRdjxBV7TYkzPGOPEvwPXcn/E84mSWaed+5vj:nMUBUkzuOL/cnU
Score

1^/10
behavioral1
- Target
  
  attachment-10
- Size
  
  2KB
- MD5
  
  84ec5093e32d3dfdc8a58edd9bdb5fc4
- SHA1
  
  08584d2818b362833d8ff3ef22ac2083b57a5357
- SHA256
  
  cf8babb9e68f95791ebda35f87ec617d19b33e7fa76918f70920584c4738d347
- SHA512
  
  488fbbb04555816274cacd139a4682d825a98c5f760cc2590fb07b41646e05cfe4039e0543f36602626a7e07af2ed705097a82384d5211606815a74cc689dbe8
Score

1^/10
behavioral2
- Target
  
  attachment-11
- Size
  
  164B
- MD5
  
  a486162ecb3021a182a60288e18a03fe
- SHA1
  
  0ab27a7d2d0bfdcdeae728711cb06b33943d6f07
- SHA256
  
  febc2ce8e9828629f1d94ab116e1bef65f89ed0307c189f241800e6c2a84d540
- SHA512
  
  00ff9a4e5716fce1ed93f17cd6d2c010ccee90bb450fed70b9236df9d62dd708cfdf155020bb7d30458e5894cab5b481e1f980c959fbcfdd540c56eda8b8a57c
Score

1^/10
behavioral3
- Target
  
  attachment-12
- Size
  
  5KB
- MD5
  
  13b3eaa3d85b0bd532ba149e536604a9
- SHA1
  
  475b8d1abca37ea5f3fd8d4b44fa19ebb17d72be
- SHA256
  
  e6548ce03dc23040313b94af8929f5ae6af622eda96d91098394660bac79ebd7
- SHA512
  
  671d7fc9b504cb885f9eaf4963ab50820aeed110cfa34233b2d0039f77e3f25e36d26582618f81defb46b6cf69a5e2b3a5dcc31247982477178de47826d90993
- SSDEEP
  
  96:4wNAH7FA01a0JSjIKipt9D4BEmzNF7qhHazXXDjypBhi:4dFAiaQ8AzHHqmBhi
Score

1^/10
behavioral4
- Target
  
  attachment-13
- Size
  
  2KB
- MD5
  
  8be52be132e35ece26ce6e44653fabd2
- SHA1
  
  23b8134a2bd84ecc6c8e0b357653086248a294ef
- SHA256
  
  6e509ef9907b4835421da71af589ad1788f6b8cc647318a6850ca189811122a4
- SHA512
  
  b28f2ec2875fbee0d6a674f7f0846517c2d8e3df50f9cb1eb0ca02360704f71b072c56d96539a5da0ac86798bef196d3d9823bdb615d8018085c345465a54f6c
Score

1^/10
behavioral5
- Target
  
  attachment-14
- Size
  
  11KB
- MD5
  
  88503dd3ad91a98239759da6e060129a
- SHA1
  
  4289a51eafc2fc00b7c86b0e7f6ec197839d8d49
- SHA256
  
  4060edcd30496cd4e74283a138c50fa4eb3ac1afd55acb6dfb26244faf1a85ff
- SHA512
  
  a42ea8cc9da87308cf00224fccd7efd611930a782d057228abc299a9529bf5444fdedaf26a02dd78a6004b3105bea4bf97eab1d990bd25fdeaa5e14c27fc018a
- SSDEEP
  
  192:uXZMpVy+MtCMccdVqXojFkblkn0kqOhohMEYym6tPXVyCe3XotbMvohG2sVyBtlh:QcydoVBFyRoY20yGoXzCyUotBzwyl1
Score

1^/10
behavioral6
- Target
  
  attachment-15
- Size
  
  2KB
- MD5
  
  b51886bf25e6a1dff606edf2023b2f51
- SHA1
  
  6b95238ad1759c4e84898175517edc30de040779
- SHA256
  
  1c94757e66b369d8e43a0f585320b862c949de8194e8e6de5e970c6aaae50484
- SHA512
  
  b51777db6018795033d383c457e582ef63d988f23a81949c4d8fe13285255aa13ff4a01fb2b4ebdc30b041884877481c422533dcd99f7fde882dd062f8c930d4
Score

1^/10
behavioral7
- Target
  
  attachment-16
- Size
  
  101B
- MD5
  
  3aa74afee2e8c1afcb42ad8a2c847ed3
- SHA1
  
  33ae93f7ee8a0969ef9231073c9732da40403ff5
- SHA256
  
  8e4629058e2046a9366a6c2b2d72df2c868da0f56798ffcc85f6fd15461c3d44
- SHA512
  
  d6a55d34358b37129822e3b735f3dcb61e12ce74af67f9979b70d67226a91fe3fbb750a19be78842efc0e0975dc362255d253ef7bf84be9f050435c23cbbbe0a
Score

1^/10
behavioral8
- Target
  
  attachment-17
- Size
  
  4KB
- MD5
  
  2ad3cf41e1c8155c9c918e0a3eee98c1
- SHA1
  
  dc4bd8a3cf1992f4bbefa0f5ca016411d6c7dc3e
- SHA256
  
  67df79bf1cbb4eaea4cb4b97a9e443f9c7e5fb1cb95be80ae5f1099552a2b3be
- SHA512
  
  3cb28cb4f793c27fa66a68a1e631168b7ec94a0b64d19cae39b2103b85146e4a9190fe1145ab2a1e15604f037a5c5a8660bd59bda6a7be4f294719653e44b347
- SSDEEP
  
  96:h/bh5JqriuCNnxF/Z/ATnxOS7a1hwQ2DDVG:hzhXqriNnnZI7Da1Sxg
Score

1^/10
behavioral9
- Target
  
  attachment-18
- Size
  
  40KB
- MD5
  
  33fdb5b862875cc3e66c92308af7b441
- SHA1
  
  fa684eeb79bf386cfc6dc3059d82ad778e1f948b
- SHA256
  
  ba971501137ed19d50e7083806914b65cca439c256bee888ecc122b01dcdc9f1
- SHA512
  
  c5c60e74d52946888601c0db1fc1250ae18e48d78643256a9d1ab633525ececec4012582199923eb5a63306be4e5b463b0970c45387b96287d394d1839e6ee23
- SSDEEP
  
  768:VLIMI6JC4HvqvHMDdBKoETBB72GwcgZyudhomJUQvJQC4zmUWOs5zSYJHCB3PNFD:911CSv+adswcg7Ho
Score

3^/10

execution
behavioral10
- Target
  
  attachment-19
- Size
  
  78KB
- MD5
  
  2e06d46a54a86b7aeb011e0f7287d1b7
- SHA1
  
  26a32b2e283f21f43b0c3e04f00dc6ec2c86ac33
- SHA256
  
  365f39718716945a2351ecfadfe6585aab5f40685b67582aa866a6a90d8f532f
- SHA512
  
  e7fdbe55f0dcc7021961ed81d9bc332c93476d900a5ebaa8fd10fd9864c31b2063096d4753074eaefd5d44428e05eb1bee137e16e3863180e5c32bfadf472ac4
- SSDEEP
  
  768:VLIMIx+DrMJqDGxoxoZ4yg04k9mayYpbcYC:91cB7C
Score

1^/10
behavioral11
- Target
  
  attachment-2
- Size
  
  4KB
- MD5
  
  36e5a824daf1d12229f8b6eb252eded0
- SHA1
  
  5a1e8f2bd3f169f37e4dd7efa1c3474550ce2199
- SHA256
  
  c7db8a655908fb12be00f4967aeb04e1e285ca43848bbad80fd5b2c886c179e2
- SHA512
  
  d55965074b2cd1cf79f1db4fed4032f914f1292e1e5730c80e20bce174ea0360d68e02740b555b1c0b8c8673543053bfbbf5ea7209c18b81864eaf7771b62fd6
- SSDEEP
  
  48:JBGfaEvxPpljZ8jaNE2iEp/brfr447xmPA36ePkncPI:6yIpVIRwdDU4Vm/n3
Score

1^/10
behavioral12
- Target
  
  attachment-20
- Size
  
  27KB
- MD5
  
  06788dea0412855b867db3798e82ddc4
- SHA1
  
  9a8965ea26d8a6dbe4dc21d6e9797df02b280620
- SHA256
  
  04161b9cbe67d45ac99f67e573ceba018956907f922a98c80d1ca7fb469d890d
- SHA512
  
  40398e2ce9b1b16afac1969ce40a349b5420052d79ab2416a434f74472c703e58bdd42b963f75c421ac9c11a8b2bf6d8918eb3557ed5fd644661a8439ff9bd41
- SSDEEP
  
  768:Rh+r1bFtFDkyeyZoLceNiwFf/Mq6e2Y6vmuUocUKcSjOzxQiGwg/:RE5BjDkyeyZoLbNjl0/OL46NSAj
Score

1^/10
behavioral13
- Target
  
  attachment-21
- Size
  
  7KB
- MD5
  
  6f338783ef08fcbc70dcb456ba14e667
- SHA1
  
  b2e5d69f922e0bc2ef55f1365f34a5e30f54eacb
- SHA256
  
  4d3ddab8323315523f2ea2c080e91e2274fe2b2320129c355aa4ba8ef52c1d83
- SHA512
  
  769a4f184187339d2bc4d09609f1cc52318bf1eaee7e5d1004fb1594232de1ce456500608f9a04aaab5b1cc09773a265faa7ffd36c963c696e6487931780e6cc
- SSDEEP
  
  192:KKMvwi3D39i7fnw2KuwU+GiVHTR3G2wi/ZuBib:KKMvwi3D3Y7fnw2K/U+XVH13G2R/ZuEb
Score

1^/10
behavioral14
- Target
  
  attachment-22
- Size
  
  1KB
- MD5
  
  5873ca2feedde0f477eead4947ea15b5
- SHA1
  
  ba9e919652a4c6811a02ea3ba6f2504242b90562
- SHA256
  
  73c42b4a5e33296edcdad5cf0b328c18e02955228ac7cf1cef8ea18e5eee0a82
- SHA512
  
  bb13aa334a5b5c623d24a073f96ce1d9810c1f8fc8617c9be051103b4be65701ca96bc43ec88b12379268295f24a9ffe56474a717caef5749416c008aca2f135
Score

1^/10
behavioral15
- Target
  
  attachment-3
- Size
  
  6KB
- MD5
  
  423bfff2e571ff132a6aab0740f81b0d
- SHA1
  
  0f8dfbee6b589a34c280220f3f5c0ad07dc78125
- SHA256
  
  b88e1683732e0cfc1603e45db6774055f0f8a528f2331e16ef8a19fad53951d5
- SHA512
  
  b1cc073502da3b0c6a763bd7b04718eb0bcd9c7d068ff9656189d057a2b9e45534bcfd62ed925b1d942d22a267e61496fb933a90f2e17b90197780cbc2cd0b65
- SSDEEP
  
  96:WQ3zrJE5TOUir9RmnsSQwoQjz4xMdlyxZFj91Gk9Srkm:WQ35cLCzmnsSQwoQjz4xMdln
Score

1^/10
behavioral16
- Target
  
  attachment-4
- Size
  
  11KB
- MD5
  
  0cf635f70ac624400afcc84393c73449
- SHA1
  
  af3eef5ba60b6c0d3f99f7fde3b1e6d5fc7b321b
- SHA256
  
  a825e4e66925d85c48363c8962ab272e85f7204392db9b7099f14cfebe652381
- SHA512
  
  e62c9d777ed97e183125425580d28a9bd477f06c947f7ffca093a0b499524d00fb98c3ad047a1d801b3789a6a34d5e549dd46f768d969152dc733b4bd0109f99
- SSDEEP
  
  192:rzwyl80XvSo+KGT6XbpfhLIF1pkSZYOrnND0GKfQcp6/4F9GwFAiK8:rzwyl80aJTCtf25fwFAiK8
Score

1^/10
behavioral17
- Target
  
  attachment-5
- Size
  
  2KB
- MD5
  
  4e43be00ccf17115d3ab2448f761fe23
- SHA1
  
  75454cd28f9e0964e9e02d4aeeaf24c561311939
- SHA256
  
  428d48dd2c1c174e350762d5c8fc5d441de9107d5db96e869d2d595ff597127f
- SHA512
  
  0ef1cf3748e20488affe6a85ede067ed7d55e900b295ec24d32a1aa78652d0c1caa94b5828f04fafeaac905250ae850aca3e86fb523e94855b7125adcb44a2ac
Score

1^/10
behavioral18
- Target
  
  attachment-6
- Size
  
  2KB
- MD5
  
  ff7ba6a37d711304a3f7734cf7ee8b8a
- SHA1
  
  f67b045e5f55285a0f90d6432cbcef532c0e2083
- SHA256
  
  ab7bda9f1ff2d32c13f512ad27d328d36d4e7bc010d52978bc5a8924722d7d6d
- SHA512
  
  cafbdb9872beb698b3a3c96420d59dea53d05aa23887269dc5791bc4afe5437440e91d1d259485f15b3c3b92628bb8295bf38dbc41d1410119c5432bc2fd8dcd
Score

1^/10
behavioral19
- Target
  
  attachment-7
- Size
  
  21KB
- MD5
  
  29c38357bae6df0f07e1fbda5c5faefd
- SHA1
  
  e8a5b4b8f186d7816d9db6156b6093e9e03736b1
- SHA256
  
  e239882817fcfb469dfe25c8fabdd7ab4b7e01e10d64eee6053501f635065973
- SHA512
  
  54422bdd9c4a133c95a39b985af300806e837327bb43b3319ff0ddfd1c7344a0e68d25215f46af54745f5f9fb74c875334273b033b155a5cad2ec6ea48473010
- SSDEEP
  
  384:lUpokURIsFAuaLeTsoCWcBpEap/SpHcBfZ+yUiMp6BhOTBq:lUpokUFFAugoUrpqWfZ/UiM4Bd
Score

1^/10
behavioral20
- Target
  
  attachment-8
- Size
  
  840B
- MD5
  
  a9bd2157f6a2879277b8d8cbbed97ae1
- SHA1
  
  80665bf20ecc8c70c47f07c1816f3be72951661a
- SHA256
  
  1dd55ab66fb1bc30dbea3da46e72438e15121865b219e466eede6d861d96c545
- SHA512
  
  e17c082301202d404f6edf7f8f6c4dd7fd0aa24f4e3f80b63c0a17c19d338fdf596c499f1c23a2900655f7124925443ec55958b8a1e1aba87a27f4156ab525e7
Score

1^/10
behavioral21
- Target
  
  attachment-9
- Size
  
  523B
- MD5
  
  282f373b0493d60194cec67e140eb728
- SHA1
  
  172eb420eb92129d68591593f65261d7b76711fb
- SHA256
  
  7a4971431384775adebd41910ec5530a848479511536548154cd30fae4363d7f
- SHA512
  
  2a2d29cd356c83ee59271e0cd881f346388b1543f37e98375b60b3dec246e70fd08ceb72b4b85582be712f22b79b858a1e3b2e433f4fcd412f5208b4ff24afec
Score

1^/10
behavioral22
- Target
  
  email-html-1.txt
- Size
  
  161KB
- MD5
  
  e5852718a71072cee926236703f62d92
- SHA1
  
  25fa8fde788e9dbc04a3e32e25b6f91d06010bb1
- SHA256
  
  3f02ba7e93d4957da45f1aae5aa0da2b72c2ec8caafb0c577d8deaea6a6d4ed7
- SHA512
  
  a357d70fdeee4bdb539a91af5b3c275d4b3ada1180f264b987e647a9ea4dd5c95782a26f723c0f001fc86bb35ddf230362d8dccc28e3a4dfcd938a6a3a1ed23f
- SSDEEP
  
  1536:DBgsjvEA4AZuj+Aa7w+j3/r9+meKe8eBeYMeQeCere+eYuKeWBlHjUmetjjeoxdQ:Ejsybdwj4lQQ
Score

4^/10

discovery
behavioral23
- Target
  
  email-html-23.txt
- Size
  
  248B
- MD5
  
  e3aaa35e694e32540035d5d5aececc2f
- SHA1
  
  1350a1594e9f83765bef4e9fa0a421d327fc6fca
- SHA256
  
  50cde25ecf52f664ec0e79ec7e79cff7dab82bde8eca214122626ea6cba1f771
- SHA512
  
  2d4675ec18587ec9ac1462e0e58815c3c534492fc9c690f3162e0d9d8a46db3317d0bc627e1127b6e687985413fa9f636cc33bc37b366245f233766647d1b336
Score

4^/10

discovery
behavioral24
- Target
  
  email-html-24.txt
- Size
  
  106B
- MD5
  
  e44de33b775a6ca866776145aafd3c78
- SHA1
  
  a9079dab1e89170b39c1da665c53e733b00c498d
- SHA256
  
  efd4595fecc095473a8a523dc934dfcbc565075ce46a4c662563112f0f878839
- SHA512
  
  a54a60a1b1f2e04fcff54ccc8641bbe5d0aaa1d1395e7ba515609afe36dbab28a910cc7522abfc8c2f7afd18914f27f0210fc6046aad8a04912ae09bc05a6bdc
Score

4^/10

discovery
behavioral25
- Target
  
  email-html-25.txt
- Size
  
  106B
- MD5
  
  e44de33b775a6ca866776145aafd3c78
- SHA1
  
  a9079dab1e89170b39c1da665c53e733b00c498d
- SHA256
  
  efd4595fecc095473a8a523dc934dfcbc565075ce46a4c662563112f0f878839
- SHA512
  
  a54a60a1b1f2e04fcff54ccc8641bbe5d0aaa1d1395e7ba515609afe36dbab28a910cc7522abfc8c2f7afd18914f27f0210fc6046aad8a04912ae09bc05a6bdc
Score

4^/10

discovery
behavioral26
- Target
  
  email-html-26.txt
- Size
  
  106B
- MD5
  
  e44de33b775a6ca866776145aafd3c78
- SHA1
  
  a9079dab1e89170b39c1da665c53e733b00c498d
- SHA256
  
  efd4595fecc095473a8a523dc934dfcbc565075ce46a4c662563112f0f878839
- SHA512
  
  a54a60a1b1f2e04fcff54ccc8641bbe5d0aaa1d1395e7ba515609afe36dbab28a910cc7522abfc8c2f7afd18914f27f0210fc6046aad8a04912ae09bc05a6bdc
Score

4^/10

discovery
behavioral27
- Target
  
  email-html-27.txt
- Size
  
  217B
- MD5
  
  0853a638749aa903a86fda2c47ed5ba2
- SHA1
  
  0f486bbf8c2305ec5a507f892d29f80202436815
- SHA256
  
  bdbed0776451d0fc1ae2d3cfd4cd260960d8097081ea35f342dff0454685044f
- SHA512
  
  91cf71e5559754405c407dc311dc063127ea12069038e4939ef97ef31e8a6bf2437cedcaadc82d8b4ba9e67ddfc9cde50c43d0525748379305adffd7134decc3
Score

4^/10

discovery
behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28