General

  • Target

    4dg99g.rar

  • Size

    18.0MB

  • Sample

    241115-tav2jaxblj

  • MD5

    9e4416a16cb7b24116dc0084e821da08

  • SHA1

    c915e70c73a473f49b65d1ef5e89f0f22e24c50e

  • SHA256

    95d5e687ce0e31825ca75d71e3054d919c66aacbc50bb16c216bd65d9e92cfd9

  • SHA512

    566667821aeb3ea0bf70b0b3b8cd3377a5fb21c1b0f93942aa4bf66680117fde8cf2c2fbcb1063553cb1b63844bf9fd6271fd4059494c0d9796638b4eb538e6d

  • SSDEEP

    393216:b4PVwYUF8a154RT5LT9MIWrZao+8M5udvJpItPEyZAW8HZ7b:tz54RTt+ZIGMIdEo/xb

Malware Config

Targets

    • Target

      Release/Atlantis.exe

    • Size

      10.8MB

    • MD5

      2a3a86bdfb88af4923271f1e311c59f0

    • SHA1

      ad6ad8aba93f353656e2508b14d5f41f4ba48889

    • SHA256

      76b75d0f8a8b34984be13aae4ac9071b70d4fa78910efe6104ce972d131d24f3

    • SHA512

      6314087857d513f40a5f0479946b04fd31144063126bf95019cb095611176e18780f9a1e0fa911ed1b4897bba7b1f3718868be5dbcc7fe330e46e929071520de

    • SSDEEP

      196608:/DhDs8iG3yMgh53a4qZalDpz3nLlwhopgpc0+300qkB9FZP7wAhHzbfHA6L8fbuc:/DhQ8i1Mi53aFaXz3nLlwhX+E0qo9FZ4

    Score
    8/10
    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      Release/Microsoft.Web.WebView2.Core.dll

    • Size

      581KB

    • MD5

      3d9465d5161ac2ab5a83265935514349

    • SHA1

      5d40047faf2a166e6c25f106c244b5826bd0aad9

    • SHA256

      24d1f432632c971456e6db676f609772b98d0cf3d3a5450c78d3dbb75744399e

    • SHA512

      8d84de25fcb88ad6786de9f077612d356eed8726a50e9b6c44a3dff456ca8a160e0707cd1902b52e4890f97f4a5a72466ac149e71d1e790267141a6710ecc70d

    • SSDEEP

      12288:1J3gR2NlLVbkHw20OFrpQ322ty+uFKcDEuRFNEMWeu+imQ269pRFZNIEJdIEY0lm:Hw

    Score
    1/10
    • Target

      Release/Microsoft.Web.WebView2.WinForms.dll

    • Size

      37KB

    • MD5

      4b8bb9cd761a04f558e9b4a1a76be0bf

    • SHA1

      0337e8418f1b991995b7adec1665a19f63e557a1

    • SHA256

      c5a652cb75bcd84575347467c0647e6f66c207de40164d98f95ee8e6d4db6d57

    • SHA512

      00168f4bf5455ea177730142b63ec5a4a6413acbeb965b8dd386631367e0be5c56117c0125552ea64f54c10395564206be585b31c93e441d9a357bae8ec7d261

    • SSDEEP

      768:JmgRNRbnIfWuJCRfXBkjQYZDgcEST3p4Jjrjh2jeFSUyauTv1JKia5/Zi/WG4Kga:UQR20BsQYZDgcEST3p4JjrjaeFSUyauR

    Score
    1/10
    • Target

      Release/Microsoft.Web.WebView2.Wpf.dll

    • Size

      81KB

    • MD5

      820de4634735b6d2d9842189cfe71ebf

    • SHA1

      39c1259d9b4cebaaa7a684c6da10d52ad017bd53

    • SHA256

      42e4818adbbef44833dec2c2fcca7b456581f391ba800a834a72c9e5d2dd008a

    • SHA512

      35954de8c6faf311b6118aaf4fa0af9da05de9549a0e5b143ce19586a3826c8daf5f63bc7526a6110700499a8aa0036d8ef7a463dfe3831748dfea4a6da822ce

    • SSDEEP

      1536:OmJUzMJcumSzWIudfRb+OhAha87Y1DHfFWyEb30mpc4Jjr4YeUqRHhwU0fdwzvUn:NUzMJNzWIudR+Ohwa8+DHfFC30mpc4JV

    Score
    1/10
    • Target

      Release/Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10
    • Target

      Release/bin/Monaco/Monaco.html

    • Size

      33KB

    • MD5

      cabdbe1c2d9d0a80e66d9ef6f854345d

    • SHA1

      4ec0a6f45158d6818e5a128efa13d8bc10f67c54

    • SHA256

      a2e39847c756841adf886199ee99ddcb4aad960b9b08fa40e104b3b1c7622102

    • SHA512

      1c2a78d1e04338ead6fdbf7f965e8942467645b767bb2e2476f7667356d39eb43eac6a48d31c98a1b6eb4dcf2c04f3cd9f55f7f6df97d2bc298e66ffdcc2614c

    • SSDEEP

      192:dE6BYGk9pgWJxqY5K+36IH9eiDm8pwqjd7e9QEtlFsw20VY9l400ElDcWlgdsKfC:88MEpy8I17OHkGcH

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/Loader.js

    • Size

      27KB

    • MD5

      8a3086f6c6298f986bda09080dd003b1

    • SHA1

      8c7d41c586bfa015fb5cc50a2fdc547711b57c3c

    • SHA256

      0512d9ed3e5bb3daef94aa5c16a6c3e2ee26ffed9de00d1434ffe46a027b16b9

    • SHA512

      9e586742f4e19938132e41145deec584a7b8c7e111b3c6e9254f8d11db632ebe4d66898458ed7bcfc0614d06e20eb33d5a6a8eb8b32d91110557255cf1dbf017

    • SSDEEP

      768:3J6C/c2x0cAu57XQxJRDRi+R/TvrCv3zM2GRl0VEj:Z6grH7qTXRvmDI

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/basic-languages/lua/lua.js

    • Size

      5KB

    • MD5

      8706d861294e09a1f2f7e63d19e5fcb7

    • SHA1

      fa5f4bdc6c2f1728f65c41fb5c539211a24b6f23

    • SHA256

      fc2d6fb52a524a56cd8ac53bfe4bad733f246e76dc73cbec4c61be32d282ac42

    • SHA512

      1f9297eb4392db612630f824069afdc9d49259aba6361fb0b87372123ada067bc27d10d0623dc1eb7494da55c82840c5521f6fef74c1ada3b0fd801755234f1f

    • SSDEEP

      96:SD3yDUfRD5dyVdO29SvE/TMCL8CvcOAtOfxSVkxMZlMfE:nD4Ldyn7Ss/TMmUtOfxhxjE

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.js

    • Size

      2.0MB

    • MD5

      9399a8eaa741d04b0ae6566a5ebb8106

    • SHA1

      5646a9d35b773d784ad914417ed861c5cba45e31

    • SHA256

      93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18

    • SHA512

      d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8

    • SSDEEP

      24576:SmmBNDw4gCXJkB4nIg2IxhbaeZYIMsNjvit4f:wDw4gCXJk62+aeKIMsNjvit4f

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.de.js

    • Size

      36KB

    • MD5

      4d83bc1bced6f773423be6f939472cfe

    • SHA1

      1b42889a7f580df9f7d399c33141d38548143ed1

    • SHA256

      0dee462d5fb231f169f6cbc432465a43fd445c011fe650e29f5fb2bccc31eaae

    • SHA512

      c53d522438767a15b5711099fee0acb62ff21289b62640d1a4823a90c8a7d8836bc932daae477d5188b1ba78c50c581284c4d7379efb532f37d356add97ac8e4

    • SSDEEP

      768:jADv7LbgRyefe80QqYax/mZgb2ET1UZ0IMlYmz7w0hxH1N1Bg93RyFGAIDB7wZ9m:jADDx80QqYax/mmb2YLIEYmz7JhxH10D

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.es.js

    • Size

      37KB

    • MD5

      b371235f971baa51f58f123f40c4435a

    • SHA1

      843d4a2d214c7d9da650cf4d0c6981ac1dab69c6

    • SHA256

      203ff3591e02eb7b55a591e53919cc337f8dea73e6446fc3493227761c0794ba

    • SHA512

      77d43490f1208dde16b6773551ea983cb2352455178ea0e3d4d4b2f2e05dc406cafae89738001d708b780b58882cf5448eb7a8d1c11aa7b8e87915a390da618a

    • SSDEEP

      384:hwuiA9wZFjNzWZQz7uDlnDEuoKZvGrkEq1EhBR3H6Sg4eUz+JWCHcxS+S9SxS9tf:Y9ZCZQOtDZSj1XJS+S9SxS9tx78teB

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.fr.js

    • Size

      40KB

    • MD5

      d319e61fc6b357b9a5d8e3bbaa44ce3c

    • SHA1

      b1539b082b2b8290f05dfe17d6fee3d64b2ec244

    • SHA256

      7fde40b2b212d274617232de09452c6cb896e8a3c6b9e0b459f067cd07f31a99

    • SHA512

      6ba80b90242dc55ecfa1678e7f8506ed9add4bf08067b125ba63d42b8e8e4455507a86369f6fac6c9d10565d083e7364d4fc79d62e9bd460fe49957c91f598e6

    • SSDEEP

      768:HlKogi6Q3JbQWxxGmmrHeHPO10xSgGvJ1COIoJoZjbEMO9ms:Hl8KbQwKRavGJoZG

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.it.js

    • Size

      38KB

    • MD5

      a8855a662eb4d3a771fdab7ba6287def

    • SHA1

      a78b57810ac8e9704e97897c6168f4140d2eadf7

    • SHA256

      f67cec6dbf98c98c834638d20df53c5a770edada7f26ebf6d0b7dfec60f7a4ab

    • SHA512

      1c03f8b243701870d8a17e5565da6c65c3f1d76dfb55c88cf68578a4754434a071565da9147e7c833de588a5907b5ece07e018dec52c79d9b2914c964a48a4b5

    • SSDEEP

      768:4klNUuMam1xYhz2LyXSXBjlHtvnYyjMbRgD5SL2KAqI0UGmGfpspuoeu317K93Ph:5f0SL2KAqKKNpCi

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.ja.js

    • Size

      41KB

    • MD5

      a1f3c9e940206ca310147d644305a6e1

    • SHA1

      005a8f7023b9d873962c7272203cc0c0d0ccc624

    • SHA256

      ea9f5e8993017f858cd9ee70aac3d7990ca85eaf40a052025e530fb1c300837f

    • SHA512

      f98ad1e4c127c3aa4a4ff2fa7ed2a65b5d32644211679e42d70aae03f9c0af1da7704061c28e95cbb25ad14745b1d086c9a49492119d0f97653a0b817823bc69

    • SSDEEP

      384:hIDtFoY0u0ZAITlMRFG1yu9RwJUcQ8bo6CdXtK+c3YcnI+PjnN3H6Sg4dcRID9Dh:VW6RwJrQNdbc9N1aBDzTG7e2ZLlx/

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.js

    • Size

      31KB

    • MD5

      74dd2381ddbb5af80ce28aefed3068fc

    • SHA1

      0996dc91842ab20387e08a46f3807a3f77958902

    • SHA256

      fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48

    • SHA512

      8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e

    • SSDEEP

      384:h03CdtOurX25WyV1Vdf40CJjocZC6F7PKUvRjAaswHq9x3H6Sg4NFVlQlUDZpLjb:23mmysb1zVes3pxCSgwgwjhb

    Score
    3/10
    • Target

      Release/bin/Monaco/vs/editor/editor.main.nls.ko.js

    • Size

      36KB

    • MD5

      9ccf83d22e9a9bfafa2000f366ac47e6

    • SHA1

      be61e121af1a363aa66d875f46e78562a603566e

    • SHA256

      100ca482c015571ed9aad97c2dcc5e266b270a650ce892507443b5d4f32df64f

    • SHA512

      3d68816994abff5c528610733cc729e91d390422c2ee2259dcef3cc4db9a599c1f3800f412259fe2f9a700bf2847b942a253986c011c659868bc9edaae6c2f16

    • SSDEEP

      384:hS67TmO5oU1Yh4XK8ApE6/z2dHDNV1KiAaA+17tDDN3H6Sg4s/zKz8G3uyroDXYd:rmO5oGXrmi1zDB12zKzuyroKcNVk

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

vmprotect
Score
7/10

behavioral1

discoveryvmprotect
Score
8/10

behavioral2

discoveryvmprotect
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10