22cae23405ef1d6162fdbe9de167ed431e3585b748a38bda5f7ef1090c22087a

Resubmissions

22/11/2024, 17:33

241122-v4yj7a1jfk 8

20/11/2024, 13:26

241120-qpxl5axmh1 8

20/11/2024, 13:23

241120-qm63saxbkf 8

19/11/2024, 14:21

241119-rn7ldawray 8

Sharing

Copy URL

Twitter E-mail

General

Target

Releases (1).zip
Size

255KB
Sample

241119-rn7ldawray
MD5

7ef3850185f7007dc51147907da8aaee
SHA1

05e71d7b075776ef56185e9e0627d895d930f0aa
SHA256

22cae23405ef1d6162fdbe9de167ed431e3585b748a38bda5f7ef1090c22087a
SHA512

59a36e83ba4864ba9cce68a91001ce997e241fba0fb7a9170148f36c90b5b4523bb38c857486b69876c7bc76bf69723ec8ea577de90f3e1e1b273366f7d83063
SSDEEP

6144:O3DNPeYIJ12fX2gmNn1YSfnKG++A+/w5tqSQ/gCGjN:INPe0X2g4nan+A+/wmSSgCGZ

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  DJAPPSTORE.exe
- Size
  
  1.4MB
- MD5
  
  6afc8290bc005d98203e4d28d1af8d06
- SHA1
  
  f145630a0f925865a0fb67f101b630e770f8029d
- SHA256
  
  90e14e6d711668b63a68e722abcffff1428fd82506411f1519fdd582c65d2929
- SHA512
  
  5fa0fae5d673d8735fed45ef75e1f950f8560c5d88d008ff50146643473d684a7db40eae4277eefb5f18ca87fd6e73da8ebc613711a0c4f529e5512f2e977d14
- SSDEEP
  
  3072:gKSaWbBpm3pm3pmcJdm6k8Kw2pmu64VwOAsbvjL357kuQ4wdXzsyP0ujm7pmzpR:b8byyn3mn8XEvVwOJjL357K90vS
Score

8^/10

discovery
- Downloads MZ/PE file
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1
- Target
  
  System.Threading.Tasks.NET35.dll
- Size
  
  187KB
- MD5
  
  7d547bf6d5aefe687ae1c904d70320c5
- SHA1
  
  7cb3a328726b9f49a4b1bebc782ebed4970effea
- SHA256
  
  96af7469ebf7f4a21ac28817b6640954b1f9523474e5f6bcedd66824debcf28c
- SHA512
  
  8c80448590c460d0cb33bfd995b03549bad1ef8416a6c85711b73797de3a3853448c0764f2b818013ad2fcbbcf4dc55d8021c0252648d887473fb8aad4667897
- SSDEEP
  
  3072:LVSd994PtZjm3JXUNMmeUJxwhdU/V2RQ9rGePWLlt5nH3y+Mp/tR4FgQ/:UemwzkRQ9rGKWhH3aF6V
Score

1^/10
behavioral2
- Target
  
  UpdInstaller.exe
- Size
  
  9KB
- MD5
  
  434cc6e4cf17e1b49ffb67a067a9042c
- SHA1
  
  8776fad37bf8ddb3122692046ff6a8da100ae636
- SHA256
  
  69316c6f6cfcf32b6f5d93ac59c33bfa4e8f2d6df6191fc59e962d91b942a214
- SHA512
  
  46d73f5cbe460827ea7c8d099364f26cf6681d19f5c5ba6e68d089618cbeb2748917f71b7cdc09160a7202052d1081118031c9ae372da4548853dc10f337280b
- SSDEEP
  
  192:heQy4uqf39X8qSdeFfqWIW1PyaGL2cV+LZX:heZ4rv9Idcfq4yaGL2cVQ
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Deletes itself

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Network Share Discovery

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3