General

  • Target

    b65314d02faa66713e2c3352fb89996c4b69d6377d867d4227fe8e8dbcd9e6f6

  • Size

    11.2MB

  • Sample

    241120-byq4daxmet

  • MD5

    c463eae76acd4f56cb0e18cfafbabd6c

  • SHA1

    d04c4207f3c996e64f3a15b8c92daca746391133

  • SHA256

    b65314d02faa66713e2c3352fb89996c4b69d6377d867d4227fe8e8dbcd9e6f6

  • SHA512

    a0a6e5780ae3d8424c4be9976fb4d1680864d61b17abd8a9ef83112836fd1701ffd6a4111119373445cb73a4bcc639ea9cec30e40c697e72a398b6272b3e2c48

  • SSDEEP

    98304:br211KYRGCkyB2beurEpfqGfSnJ5w6n2aAscPLTU1+U+Zt7rT2AUCgEHZP9MtkH9:W1MRdAQnJex7PLTU1KsCgEx94kHF

Malware Config

Targets

    • Target

      capesolo-0.4.13/CAPEsolo/analyzer.py

    • Size

      67KB

    • MD5

      9b64629e7520e5a02bb7caa8ed03b75d

    • SHA1

      f50ed6b3be7375e3921dff9d95c6776e14b2ad28

    • SHA256

      fe938801ed26b807c7a078657405a6ea031385c506c115ed2d0f40788900fd26

    • SHA512

      e5325ce03e11b05ed574cb14743d5bf14337b73b6778d0a61670c5b01cdaaa41294864ce2d3ae608d22f0c8ac38218ac2302cbe6a3b89acd3fac36b0c15bdbb8

    • SSDEEP

      768:5eygaFCexAfPvN8XOuVazWS+fXJVFg0OKHsp79zDbN/XsahwxT1UamPj7CD6zvnY:5jzo6j4ATWo+Q

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/PPLinject.exe

    • Size

      137KB

    • MD5

      6c69dab97c80ebcb7379f7b8eab1d8cd

    • SHA1

      0284bc2e016974959a09fb029446d85a294c12bf

    • SHA256

      227e45933035aaa79e3621db9591f66300b0a5df96bd7fb370c9739fcf2fa461

    • SHA512

      9773cf264e3d41f6a3636c8d8a7243d9873f05546c265dfa08fe7a92a20108246f789fe4cb3285779f4e61a0541144bb4efbd292e300ddd4a61e0f1199f4886e

    • SSDEEP

      3072:Tkk86ZAwbDLNTdoVpENisQZQN2kB3C4hDeed2bFbQs1EiKyWgN:TkkvtNTW7EsOhBRDdd2bGZgN

    Score
    1/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/PPLinject64.exe

    • Size

      161KB

    • MD5

      98ad00fd997b2fc9811c753a95733b52

    • SHA1

      aca34eabff8de2745a5b131ac3f386a934e96622

    • SHA256

      30157fe7c671b59de77cc326160b3003cf61dde0c281bd7d7c20fa477039e058

    • SHA512

      2d3960caf5aedc255f9999862fddfe3dd0ee685f08406984cbccdaf1ca2b031b721ac52bc3edeed31267c8862a50e6f9e0d4a75599c01871369c8cb4fe1c0caa

    • SSDEEP

      3072:Z3ioDCfmbIMLTOl8frwcOxS95QeCi0fGNEBpe/9tG7/vL5iALc4:NpLil80yOff/M9IiIc

    Score
    1/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/autoit3.exe

    • Size

      872KB

    • MD5

      c56b5f0201a3b3de53e561fe76912bfd

    • SHA1

      2a4062e10a5de813f5688221dbeb3f3ff33eb417

    • SHA256

      237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d

    • SHA512

      195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c

    • SSDEEP

      12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/file.exe

    • Size

      22KB

    • MD5

      5685f18f39617bfc3707e7e96862e12a

    • SHA1

      13ae80591489e3682d2afcdc13868e8db1886e7c

    • SHA256

      cc91305ce2989e9b68b5f7b91271558a9e8b1a5443df14e4019b7acf99ab72d8

    • SHA512

      5bdca439a167da20cbf7be69e735a019f06c974f53499133542cf93c4bd207087c3855674991c9d0a8dc364fed2265ddc587964de99c53ea92a16bfdd6260c9d

    • SSDEEP

      384:/1swIZg/cVVn7cGNDtnUytH/3DJuDjB8Bsk64izqgFTLd5SuDU:dswI8cVmGvUytH/zlBsk0D755o

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/loader.exe

    • Size

      136KB

    • MD5

      4a2ca36cd0d27f6e1a556c13b5ed0313

    • SHA1

      7b5a362b21ae938224e240f421223b7ad7ee95ba

    • SHA256

      1f400b365766890bb9319eda49695be37cfb2b5bf7abb7dc79617c7ebf93c16e

    • SHA512

      2ede6acd83a321d79c1ee3c6dd7c89312bbba67b59cf315bf8a3839079d7cf28a2e7729da28724a5756babbbee301d978425c9759ed5c104c1c3aa8edd73bffc

    • SSDEEP

      3072:Ly4moY3B9PK6IKxRPZVgr6M6bBK63aBfWzAPWA:LyL7euxRPK6MkN3aBW

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/loader_x64.exe

    • Size

      173KB

    • MD5

      304eeab798952958e896b9c1706c43fa

    • SHA1

      f856a378520a031e72104f50649ff27e66481238

    • SHA256

      d0735ca28e1f806da75e83a8405ed431d991c7476bc79c8be6c7b27ccce0ac31

    • SHA512

      9946c27780c27df74cd0c974899fd648a0fed3ca306cd21c8106d92e187327eddafe9b7191550cf02fbd268d17120de4bdce16250c8c69189ad2d0a2f4df26fc

    • SSDEEP

      3072:MhVzUl0rwDf4lyc1zVTeBEYfW2AqUCwgUBLMB5yXl8dm/9:MhN6HDf4lyc1zleBEYflUVFB46+

    Score
    1/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/psexec.exe

    • Size

      331KB

    • MD5

      27304b246c7d5b4e149124d5f93c5b01

    • SHA1

      e50d9e3bd91908e13a26b3e23edeaf577fb3a095

    • SHA256

      3337e3875b05e0bfba69ab926532e3f179e8cfbf162ebb60ce58a0281437a7ef

    • SHA512

      bec172a2f92a95796199cfc83f544a78685b52a94061ce0ffb46b265070ee0bcc018c4f548f56018bf3ff1e74952811b2afb6df79ab8d09f1ec73c9477af636b

    • SSDEEP

      3072:Yao79VuJ6titIi/H7ZUFgllxiBD+P5xWr3geNtdS+DlGttzhA9HY4ZUFxPkwlmlP:YaSq4TBWISSTgu7DlGtEC1xn/O5r4S

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/bin/signtool.exe

    • Size

      231KB

    • MD5

      6581581a1f2eda52d49dc1fb0619ff82

    • SHA1

      c1fee5c60f43ccfcb1d9f0a72d914446e02bb5e3

    • SHA256

      f91d5e8cc6f208e56660292b80ac3837787100306c786b9feba8f0152e1eb1a5

    • SHA512

      dacd128a9195eabd9d8980064adaf28ac9740281d63e78b663d0ce43dd6c45fd3df5e041c325074f89af6cc9f8940dd5bc7a571e913bc27cf7bd696c086be81a

    • SSDEEP

      6144:Wk4PcUOd7ZYKsN4JR7cFnNBPHgeUe3NmC:Wk4/Od7ZYvOD7cFnNBqC

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/behavior.py

    • Size

      43KB

    • MD5

      2b936b836048ecad84e7a10137f6d411

    • SHA1

      a966c20f6c77b60e8f1975635d217ffd10a927f6

    • SHA256

      8a88d81ef3369cc44d6014ad0701bb49985d62dab888541f7fbb53081256c140

    • SHA512

      59c13953e0f56dee87b894826f2f9dc70a90c5a15cc92d0c733e0d68ae954052957b5a33ea810825bfe6f318f5453e9081ae8e0553186e8f2bb77d3c5648264f

    • SSDEEP

      768:6EvWuj+8z8YcE1Oa1J9+ULqtsYPH+LwbIxRjg:n9j+8z8Y1OaIU+tsY/+LQ

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/cape_utils.py

    • Size

      4KB

    • MD5

      8a2fde84caf9537ed4b4708ab42e148d

    • SHA1

      590d2c0ba556a119fb68f96d49e5fd4010964537

    • SHA256

      6a0918bd458e61d3c04348f9525fe90f54f3e913ece56e9c0beaca62b13d5d1a

    • SHA512

      d90aa4d9ae8e24e1ec8b707ddd2b30caac638a253a22067885dfa110892ed3d6ffce1f4e4d9a6837f4946cffad33bdeffb2ee4434d768e44fed5b2e78d6ca423

    • SSDEEP

      96:nz+zfF0Y568dv5N1iiYcWKZPVgZH5gSDJstdZFKmBMj/m/:nzYfFHpRriRBnJst4muj+/

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/logtbl.py

    • Size

      20KB

    • MD5

      eec1a1f981e6d1c7edee5c3ade06a1e0

    • SHA1

      315aa961b3c1b90545b47dde2796fd54d570b1e6

    • SHA256

      cf17876076991dfab8932829f7887a1d51971edcf3d726035c232914660dfdd0

    • SHA512

      1226f6c2aeed7ff6509a92b56b722566352ea391d9ea0f445b80556671374bade6668d5b24f992675695ff83bfc121253207b95c843f67842fce84d0164e2cea

    • SSDEEP

      384:Z0sxaDn7cgB1lTmiudxjzqKc60IjyDcvyXYuEW34Ec+45saLS1sUxX6h6cp5c:+satTmiudJqsW4KlaOG6L

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/netlog.py

    • Size

      10KB

    • MD5

      d1ba25d6eb9ddd605204d2a67254490a

    • SHA1

      6367b989246c72f0d1b5214db1846be414fe34d9

    • SHA256

      44d18d381f30b11c04c8f34fb0bd2deb4753913774aa7915673d1ac60be3fe1e

    • SHA512

      eca51ca7c14cec1b4407473aa88a6b428fc244ed3efe498e3bb26cdba24891838adea8bd5a44ad486df57f42da34554e10451e4af7e2619b37308f352ea4213c

    • SSDEEP

      192:c+EJFvLaqAU6mkZXu86nrug4+tcn1j8MdZARsmqz:+As0ihhc1j8MnA6X

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/objects.py

    • Size

      11KB

    • MD5

      e8bb365fd800ac851f96c749bc8ed910

    • SHA1

      dfa1b72f17694d9939bcda116cdcc3c09f8c7adc

    • SHA256

      93cc23df76e2e5b113ea7fc9c155d6465cf543527881f0dbdb86a5d722bb835c

    • SHA512

      3a4e447e3335d7309b7dc4ecdcac24d55d3ce2472dd89bb6cc61562eada708d5eba641085147639ed817deb8708a475276a48ce4bf76b4e27e55b28661327ccf

    • SSDEEP

      192:9Ke3F1H64hqjStV5Xai3bD5c+uqDF7pAxsNBAqPMFMR:9Ke3vH64hqOtV5Xai3/6qhpAx9qPss

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/parse_pe.py

    • Size

      28KB

    • MD5

      661a1e2a686837d53eca831ea72599eb

    • SHA1

      58a69265e2c2a30381efdcdfd68b4e0a13673569

    • SHA256

      705cbe2d96310371352c370fcc9d46fc5b3c81b55a87a6a533e6d4c05cd5d753

    • SHA512

      75950d6d02a8e5d33d02e58c7401e80c88490be91ff1883f44cfe85225ceaaeb852ee08f2bd20c3aa54e9a9fbdffdfa978d8f6437c3ec22ec8f69ad04d6b4924

    • SSDEEP

      192:E2hMbnOI9b4qOJpUxLTCEzg20pUPXlub8amXGDDpwZkWC7haLmUaaoGsVWuzgUVP:HMNepUx0pUtuIamkQeXHDkJ04KOFaLuI

    Score
    3/10
    • Target

      capesolo-0.4.13/CAPEsolo/capelib/path_utils.py

    • Size

      1KB

    • MD5

      0a0b4805d8eafd99d7cdc4a8abf207ff

    • SHA1

      b301b759e6455c9e28539a990142e692caf787ac

    • SHA256

      5e80f2a68d359afe264df0f04ef7885e921bcc488de42712b027a15ea8f41df1

    • SHA512

      7cca466f3e26a71b1a2c7c982e67c2473ff62131761dbbd60dbd7cdfb3ab90f3bfe723dab9c972d6e9c0ce8c956ca4a074a3f39dd25f9ce6a187afcce454be05

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

ratminermodiloadernetwiresnakekeyloggermountlockerxmriggcleaner
Score
10/10

behavioral1

discovery
Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

Score
1/10

behavioral10

discovery
Score
3/10

behavioral11

Score
1/10

behavioral12

discovery
Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

Score
3/10