Overview

overview

3

Static

static

3

I AM LEGIT...AR.rar

windows7-x64

1

I AM LEGIT...AR.rar

windows10-2004-x64

1

Aimlock.exe

windows7-x64

1

Aimlock.exe

windows10-2004-x64

1

Triggerbot.exe

windows7-x64

1

Triggerbot.exe

windows10-2004-x64

1

bahKV5.py

windows7-x64

3

bahKV5.py

windows10-2004-x64

3

settings.json

windows7-x64

3

settings.json

windows10-2004-x64

3

testing/I ...AR.rar

windows7-x64

1

testing/I ...AR.rar

windows10-2004-x64

1

bahKV5 - Copy.py

windows7-x64

3

bahKV5 - Copy.py

windows10-2004-x64

3

bahKV5.exe

windows7-x64

1

bahKV5.exe

windows10-2004-x64

1

bahKV5.py

windows7-x64

3

bahKV5.py

windows10-2004-x64

3

settings.json

windows7-x64

3

settings.json

windows10-2004-x64

3

testing/ba...opy.py

windows7-x64

3

testing/ba...opy.py

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    I AM LEGIT I SWEAR.rar

  • Size

    1.5MB

  • Sample

    241119-sy293ssnel

  • MD5

    baddfc88d53da707b2a65c2f31eaa805

  • SHA1

    0bec7d5ac399d84f4f0846c1ed77a39b268cd103

  • SHA256

    28c96207c968ebe43c8d075e6720a32cd757a3b89757adfd646e7e1760174583

  • SHA512

    ddf34a5a48a017b113b4983880b0abfc7e851099794fe09ead4e5d5f7da5955ea45e49ed502626de4c16be7ffd037461f79210e775337883828954cfb8a5e615

  • SSDEEP

    24576:lZuwi+8DNtcyDHx7MoAtEdTHmrEIEu8r++DGzgAjOXoqE44gbopZuwi+8DNtcyDt:b+jxG45qt+THSVX8SmGzpg4yon+jxG4N

Score
3/10
discovery

Malware Config

Targets

    • Target

      I AM LEGIT I SWEAR.rar

    • Size

      1.5MB

    • MD5

      baddfc88d53da707b2a65c2f31eaa805

    • SHA1

      0bec7d5ac399d84f4f0846c1ed77a39b268cd103

    • SHA256

      28c96207c968ebe43c8d075e6720a32cd757a3b89757adfd646e7e1760174583

    • SHA512

      ddf34a5a48a017b113b4983880b0abfc7e851099794fe09ead4e5d5f7da5955ea45e49ed502626de4c16be7ffd037461f79210e775337883828954cfb8a5e615

    • SSDEEP

      24576:lZuwi+8DNtcyDHx7MoAtEdTHmrEIEu8r++DGzgAjOXoqE44gbopZuwi+8DNtcyDt:b+jxG45qt+THSVX8SmGzpg4yon+jxG4N

    Score
    1/10
    behavioral1behavioral2

    • Target

      Aimlock.exe

    • Size

      1.2MB

    • MD5

      639bfbf7bd67e6ac8bc21e0ecf7d97f8

    • SHA1

      2c7d6d2fec937f7e1647e49577d965b956877466

    • SHA256

      20342ddb8937328f67a1b7f2d62f2afcd5dd9d1683a1d8ddf39ef8795f29ab9e

    • SHA512

      6e06a4fea9525f43d278cc97034385c6d6e1a1b26539e42f9760886689d092ea953ac698b0e9c2afa01b7db4c922b14cc59dc087772e7975927cae73c8d26564

    • SSDEEP

      24576:4UNxvqF6FGYJf6yjNQpNONZNlTX5PlGPgquLEIWxUc7N11QaSYx7GqTE3:4UNxvC6FGYJf6yjNQpNONZnTX5PlGPgn

    Score
    1/10
    behavioral3behavioral4

    • Target

      Triggerbot.exe

    • Size

      1.2MB

    • MD5

      c80742cc415d6623fc10420ef23cd622

    • SHA1

      0236cea77355744b6ef8b5397e011e984aab5430

    • SHA256

      7a917bb1ef5862c28773d9f401998ac43a607d1c5044462bda3ee9d40db03e37

    • SHA512

      c341e4d427f62c16da0d5bbf6dcf332441e369f3b7b34355de60efd785bca3d9550d1848de242ef3b0124f91a7c399252a179d24fe96219fcad6eb2385e71330

    • SSDEEP

      24576:AUNxvqF6FGYJf6yjNQpNONZNlTX5PlGPgquLEIWxUc7N11QaSYx7Gqrt:AUNxvC6FGYJf6yjNQpNONZnTX5PlGPgo

    Score
    1/10
    behavioral5behavioral6

    • Target

      bahKV5.py

    • Size

      6KB

    • MD5

      1ca693b5e31cdee5c423b0cc1744ae70

    • SHA1

      cc2a62e53b5111e1e91c2b658f33c14eefaf3435

    • SHA256

      5efcdb814421e4f25f69d8cc4343652f3c9909c8baeb194bcdea1d36206a4f2e

    • SHA512

      0af8cf761541d140a8fb3b5820e47d52cf3e56ff947ff5be6b8e1944493486e6b328d1006569a6349d1fdd398a09ec53f3ca41b39ebd9a9130ac022a67c2267d

    • SSDEEP

      96:P68GxdaqVaQ2GZyOZbNxhIi8EUrUM0t8Fy7daWlCPpa89FwkmrIkU6/ODiLgCyuh:CkT30t84hCRaOSrIk81CDlRpH

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      settings.json

    • Size

      1KB

    • MD5

      69fb5bc090fb45d9519cae01b6fb09d5

    • SHA1

      ef1447d02548606ecbc2d2296e294b9bae32a0bb

    • SHA256

      e9a13989c1587d6bba7df0f5f81c6ba0e2dbf5c0026cdecdfc36e5983939a277

    • SHA512

      a55f0a8f83a22f1197b13d6e2e03f494e83ff1f0c9fd34606907079c9d74d5b4d56400c134c86a89288f8b0e11e36214dbdbc799201d005c7486d341b3b399e0

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      testing/I AM LEGIT I SWEAR.rar

    • Size

      498KB

    • MD5

      c930f12ff84985ba4e88455b5d7c2082

    • SHA1

      2c821f39e9aa9292ebe66c972fa1ac2cb43ce821

    • SHA256

      a49dfa86b187ce4eae9ab791a74dcd626114634befc48dc6bd7391446e3fb6f2

    • SHA512

      20d3bf72d286f467e66ddc3be935a285590d5e2c86965fc00d452ecc1bf9d809ce6e6970d00a26e5a866839d1bb44809a11279e6d06b6b1033bef1c5f4446190

    • SSDEEP

      12288:s0MHOwUYyBOX5gAamkkcN+CcEhVxHx7xKoAtEXNTH63r/:sZuwi+8DNtcyDHx7MoAtEdTHmr/

    Score
    1/10
    behavioral11behavioral12

    • Target

      bahKV5 - Copy.py

    • Size

      6KB

    • MD5

      039a95630eba92e07abbf3c41b1e84dc

    • SHA1

      1462f3b4033fc618b3b86b21010d5016843ea7f3

    • SHA256

      c5c707946593d8749581435f42561cf28cd55230e99159610a81e9afcdeb2f3b

    • SHA512

      702269ddfcbcd89d50f4780a3f9165d83ed5ede64ff7f2be01a5b354528593dd4ab584ea0c59db3d61563b9b33836857c6f366b62d5c7689743495364c611ede

    • SSDEEP

      96:P68GxdaqVaQ2GZyOZbNxhIi8EUrUM0t8Fy7daWlCPpa89FRwkmykU6/ODiLbR+xa:CkT30t84hCRaOwyk84R+xa

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      bahKV5.exe

    • Size

      1.2MB

    • MD5

      639bfbf7bd67e6ac8bc21e0ecf7d97f8

    • SHA1

      2c7d6d2fec937f7e1647e49577d965b956877466

    • SHA256

      20342ddb8937328f67a1b7f2d62f2afcd5dd9d1683a1d8ddf39ef8795f29ab9e

    • SHA512

      6e06a4fea9525f43d278cc97034385c6d6e1a1b26539e42f9760886689d092ea953ac698b0e9c2afa01b7db4c922b14cc59dc087772e7975927cae73c8d26564

    • SSDEEP

      24576:4UNxvqF6FGYJf6yjNQpNONZNlTX5PlGPgquLEIWxUc7N11QaSYx7GqTE3:4UNxvC6FGYJf6yjNQpNONZnTX5PlGPgn

    Score
    1/10
    behavioral15behavioral16

    • Target

      bahKV5.py

    • Size

      6KB

    • MD5

      69f55b39e64df685ae9e65a9d629e6d5

    • SHA1

      6f38d958bf1eb95118e924cc95b46555db75ef1c

    • SHA256

      563ceb63d07d6af6d78fa367b368330cd8236ae996572a2c985fb14c08a624bd

    • SHA512

      4597f8c202232676a12f936d7f8cf676e0e0f3506543aa8c51371fe85f074b8f6586afd44b92816dbbeb14e52cfc30af8cbc05ff540279111ea3146da1760900

    • SSDEEP

      96:P68bkQ2GZyOZbNxhIi8EUrUM0w8Fy7daWlCPpa89FRwkmykU6/ODiLKE1mj7:CtT30w84hCRaOwyk8Kmj7

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      settings.json

    • Size

      1023B

    • MD5

      24d73b071fb7e3b0b03ffdfc55b2933c

    • SHA1

      12b477ed295aae88cbe1443c7d85ede254c33d12

    • SHA256

      70fc58fdca9f2eb33867e3c8f1b0e0719d545103ee0afe937501dff82b432817

    • SHA512

      95df4dd7b2e9d50877ebeda4bae4fca59a76c68cfc9917d60bc0918f45672893456bafab062c8107344c3fd6ad08250efb25f953a14169f86a8b70b257498800

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      testing/bahKV5 - Copy.py

    • Size

      5KB

    • MD5

      6590251f2fe64b8a7720067befdf12e0

    • SHA1

      e806c4daaab5194db4aee47938bcd040906800a0

    • SHA256

      a7c710381653e9de8d7167362e33929d8e83176e7abd69743d475ccbfa5ee08c

    • SHA512

      749a4d1e53a1aa19fdf007a561c6eb03480b4eb11c4e83720ffa2f45cd2cd2b80c8597dc5b8227ba309cbe76dc8e4253003bda7875ae0b332308180793cf01ff

    • SSDEEP

      96:P68XQ2GZyOZbNxhIi8EUrUM0/AZH8Fy7daWlCPpa89FRwkmyN6/ODiRf:CAT30YZH84hCRaOwyNAf

    Score
    3/10
    discovery
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks