f3da105df43ac2bf23e2f05097c27af4a46f17d46655c1350ea7d94a00d83daa

Sharing

Copy URL

Twitter E-mail

General

Target

forlorn exec.rar
Size

12.9MB
Sample

241127-w8k1bs1ncp
MD5

8efefc2dc8922b8d9a9a2fa7e80f4127
SHA1

e94afc0cc712dc9ce884794db669de95e182b38d
SHA256

f3da105df43ac2bf23e2f05097c27af4a46f17d46655c1350ea7d94a00d83daa
SHA512

42f2c7a9567b57f0403502e245e70d80fba0c12d6a9854be95026cf6f87ffc1e4c3e2e80ec89beb0df97877b23387c6a3ceb6b8b551e322e03304174e342e372
SSDEEP

393216:bvutTDQL5GWokHIWlZ+3yCi758abymNnF9Sfi0twHEBkR9GAR7:b+TDYGIIo8Z760iky3PR7

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  forlorn exec.rar
- Size
  
  12.9MB
- MD5
  
  8efefc2dc8922b8d9a9a2fa7e80f4127
- SHA1
  
  e94afc0cc712dc9ce884794db669de95e182b38d
- SHA256
  
  f3da105df43ac2bf23e2f05097c27af4a46f17d46655c1350ea7d94a00d83daa
- SHA512
  
  42f2c7a9567b57f0403502e245e70d80fba0c12d6a9854be95026cf6f87ffc1e4c3e2e80ec89beb0df97877b23387c6a3ceb6b8b551e322e03304174e342e372
- SSDEEP
  
  393216:bvutTDQL5GWokHIWlZ+3yCi758abymNnF9Sfi0twHEBkR9GAR7:b+TDYGIIo8Z760iky3PR7
Score

7^/10

discovery
- Executes dropped EXE
behavioral1
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Speech Recognition/1.15.0.1/manifest.fingerprint
- Size
  
  66B
- MD5
  
  5bbd09242392aacbb5fac763f9e3bd4e
- SHA1
  
  14bb7b23b459ce30193742ed1901a17b4dcf9645
- SHA256
  
  22b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297
- SHA512
  
  541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670
Score

3^/10
behavioral2
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Speech Recognition/1.15.0.1/manifest.json
- Size
  
  76B
- MD5
  
  ba25fcf816a017558d3434583e9746b8
- SHA1
  
  be05c87f7adf6b21273a4e94b3592618b6a4a624
- SHA256
  
  0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11
- SHA512
  
  3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f
Score

3^/10
behavioral3
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Indexed Rules/36/10.34.0.57/LICENSE
- Size
  
  24KB
- MD5
  
  aad9405766b20014ab3beb08b99536de
- SHA1
  
  486a379bdfeecdc99ed3f4617f35ae65babe9d47
- SHA256
  
  ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
- SHA512
  
  bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852
- SSDEEP
  
  384:mva5sf5dXrCN7tnBxpxkepTqzazijFgZk231Py9zD6WApYbm9:mvagXreRnTqzazWgj0v6XqK
Score

1^/10
behavioral4
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Indexed Rules/36/10.34.0.57/Ruleset Data
- Size
  
  2.8MB
- MD5
  
  6a62b26b738ffda1414b1e45b3b97c12
- SHA1
  
  ff44417a79841f948bdbeec9049f9fb59d16dc9f
- SHA256
  
  da3927c997d3bb2326e97a8dd7835c28f50ad8c4a9dd407669f20730c0159207
- SHA512
  
  820caca570523600a057dbedd38b7e3b375d6427d716cb74d0aee0825e621268a9f418f135443e5bc6bd7b9a1fbb8eb6676324d46f9111e56404b8953f23de53
- SSDEEP
  
  49152:Ma3JA+2MtIvQu0rtJtPCRxWPsDaR0B/1Qnph9PqxC:MauM3Dr9P7
Score

1^/10
behavioral5
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Filtering Rules
- Size
  
  1.8MB
- MD5
  
  d7c9c6d2e1d9ae242d68a8316f41198c
- SHA1
  
  8d2ddccc88a10468e5bffad1bd377be82d053357
- SHA256
  
  f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547
- SHA512
  
  7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3
- SSDEEP
  
  24576:y+DPoZGeOT4JQm1zX3nJhS33dpuaQcLzNPNPCoMB50TcpdGGK:FAZxu3dplQcxNPCoMB50TcpYGK
Score

1^/10
behavioral6
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Filtering Rules-AA
- Size
  
  404KB
- MD5
  
  0c692f6db49c8f21392d3365bfc88be9
- SHA1
  
  9073d1a2d99e0d0df90d995d60fd096b30f6b585
- SHA256
  
  d36eb7f3da47d7cd92f7bbec4314cdd30b58197cd898b13f11729febbd3f75f2
- SHA512
  
  2f8e22ca83e9bd5a963dd2f9a00e1ed2faa9d5a3c07efa191ca4bf7c95f404cbabcbf1eeb8633a2270b8460319ce46791c063355368fc08d93442cc0e0250939
- SSDEEP
  
  3072:FkBkPxFrILAR6IskEBMIby5VWT8RLl2z4iAejcqosSiFJy+klIDbTgSdUMGXXlkx:FmQEkP2z4PejcqoniFLkhlktvRSI9OIF
Score

1^/10
behavioral7
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/LICENSE
- Size
  
  24KB
- MD5
  
  aad9405766b20014ab3beb08b99536de
- SHA1
  
  486a379bdfeecdc99ed3f4617f35ae65babe9d47
- SHA256
  
  ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
- SHA512
  
  bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852
- SSDEEP
  
  384:mva5sf5dXrCN7tnBxpxkepTqzazijFgZk231Py9zD6WApYbm9:mvagXreRnTqzazWgj0v6XqK
Score

1^/10
behavioral8
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-DE
- Size
  
  222KB
- MD5
  
  68a6f5d3e851f477b99c00e716b9640b
- SHA1
  
  1e805450597d71037995ff9bd63a18ad2c74d281
- SHA256
  
  cbab2692330b73e6dab4705e0ba5d9bc7829912b7c09eaf5c5f8e6c5e219e2dd
- SHA512
  
  b06888174d81a40ad200113186415a7daf207723f5d704160c1c74087192e9a9652bf6b69c58fa927a9e66af35e993f1941352e96403f673ee7e686d8eb4e06e
- SSDEEP
  
  6144:OkccZbOdFA+fhs7VxSk6NgKTh51ApmstI1dKcJEttmt4l843qzVb2P5+V5bbwORq:/v4KmNsWoRLYvy
Score

1^/10
behavioral9
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-ES
- Size
  
  154KB
- MD5
  
  4bd0ec01b325a901ca95d03dcb3d0b78
- SHA1
  
  3fed6b3ba95cd4b39744a5e6ad7970d5bfe18ec7
- SHA256
  
  f47f8980472678dd2caf6c728411ea4a2611c2eed99938ccf4a158296c0a0830
- SHA512
  
  28d8f704e4ef7fd4b13938c7c05f50c0e3b92c2753245e363fbe07abb8bd6b96fbacf864f1390031e86d0592034e03e90582fb9910d80b46c6cc3b0282ba6d58
- SSDEEP
  
  3072:BZ3bhZ+HacdKOs6e68Gvp6FPdhNhTVO9ePaw/5I/G3Yk6+a:PaszKSh84a+S
Score

1^/10
behavioral10
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-FR
- Size
  
  748KB
- MD5
  
  98df506badc34592073fef20e10b9202
- SHA1
  
  9c6084e2f72f8de086f34f749c6f478615a61072
- SHA256
  
  c875167cbb5484ecbb6974c6b2b70fa4b28e57c58588964a737605016077ab2e
- SHA512
  
  45cc8f5a08b75245840c22777e20702884c9d52a3dcb3a6c70a18b6213ea1df407db0f5d8b1bb63e5a99077b210cbe235e6955486268ded1cdc9a20595dbd633
- SSDEEP
  
  6144:xn5IELZCpvVqJ2cdj+3ogXdY7treSUk8rVPbEd7qwsgTBYsV6XyUcdW3EfirhP5z:xC3rhv1Ne0p0ogNTHqwO
Score

1^/10
behavioral11
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-IT
- Size
  
  498KB
- MD5
  
  cf12499d6fb872304778c2d047996675
- SHA1
  
  36e442007ec991986b4a8ab67bfe39abaa58117e
- SHA256
  
  39a9601eb6c69437ab63ff48bb96d63ae38846d99ef954491bcc803e7cfe6e6a
- SHA512
  
  ff914da7d35b91d16d411af54b2adcb3ecb140451dd6763f5c847f8e009bfc4440498a02068e7aa2976c06ef089525204dc5698d2247584378b0cd5bc7457c01
- SSDEEP
  
  6144:ZHChVwjPgW2EgV8Nf5mTGnVj27zqxYuBRDr5KdTHRYIm13GOchflRwVF5zGuQe1a:0ufyqxYl2IVhflRwVF5zGuEMEms
Score

1^/10
behavioral12
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-NL
- Size
  
  50KB
- MD5
  
  307ce3a96ec04053472ffcf0e240fea4
- SHA1
  
  4c4ed7097641efd298f68b6bb5e4aa7c16d6754c
- SHA256
  
  9300c145e737397b404d877ba0e909ed687e8b7add82a6f3b9f3cb9931e0e25b
- SHA512
  
  3e98d66a43650289eafdd6c4c76e1da66eb042882f2979b8e774e0df81510bfa7678cf8b4755829c22c258e25136dfd405bd21e5c40973086247408848051955
- SSDEEP
  
  768:zXqZNfsMpRvhE7G8tjcbn1uOj8xC6Uq+Wiiv43FWedYn4/Nn+b:zX0ttpRvh6G4+CCJWiiv8K4/NnQ
Score

1^/10
behavioral13
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-RU
- Size
  
  1.2MB
- MD5
  
  5797422ea1700f6036c4bed4384877d9
- SHA1
  
  1201305e19faf6311a228b6baa2052ebefa9c4f2
- SHA256
  
  daa8547f1dbc8c994eed3725f3076aaf6c4e298b963fb712e53eb0fa2dc1e789
- SHA512
  
  f85858ad292ef9e5d4fb6ea9e67f731b4a5fe3b823c2f156ecd109650d9de577873797bfd6d01da37a2baa2e05add60d387821254dc31eab54f4e526895bc83d
- SSDEEP
  
  12288:vFdfXbqK1X3AmCZfKd1jjf9FASy2cMPBHdkgKBKltEDYWex8tGlETz4cOsTUzuRj:dVqK1XThy2TtaRRmQH
Score

1^/10
behavioral14
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/Part-ZH
- Size
  
  839KB
- MD5
  
  35488dda885a4de38b56edd487f1ed51
- SHA1
  
  3c85fa1afaf24064437abfd72530aa1e675d58c9
- SHA256
  
  04ee35c1660783cc17d89b80d5bb76c9c92a4e052d52b2e4cab00897d9c5655b
- SHA512
  
  0072570e9cbd6ed811bc22df5c664a152f1c3322f08b43ca9df6daceecb64614198f5600c964f1abd7890d3e811c57dba54bbed763c12d3e245bf7db5dd4d898
- SSDEEP
  
  24576:PgAj3MEp3zM86pBrsIOzrEXTAd9VFM4Bnvr5kyTuHs:PgAj3n5T6ptsnzrEXTAd9VXnvr5kyTuM
Score

1^/10
behavioral15
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral16
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/manifest.fingerprint
- Size
  
  66B
- MD5
  
  2596b3b177322eaeeab4c735348b2385
- SHA1
  
  b563fe1496d5d2b336f310288604d5c1314c7bbd
- SHA256
  
  b406602a37dfb0408ade2a6d84071a70d3b040c15902da60dafbfa818370669f
- SHA512
  
  258ced5170edb34b83cc97a04ced98299c5cfad838989ce7dcb32bf8e93e5d1ae8b15eed71346a323075f4077743a6db22cb26ea00a40720134a60ab4013e955
Score

3^/10
behavioral17
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/manifest.json
- Size
  
  116B
- MD5
  
  2188c7ec4e86e29013803d6b85b0d5bb
- SHA1
  
  5a9b4a91c63e0013f661dfc472edb01385d0e3ce
- SHA256
  
  ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62
- SHA512
  
  37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656
Score

3^/10
behavioral18
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/TrustTokenKeyCommitments/2024.10.11.1/LICENSE
- Size
  
  1KB
- MD5
  
  ee002cb9e51bb8dfa89640a406a1090a
- SHA1
  
  49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
- SHA256
  
  3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
- SHA512
  
  d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c
Score

1^/10
behavioral19
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/TrustTokenKeyCommitments/2024.10.11.1/_metadata/verified_contents.json
- Size
  
  1KB
- MD5
  
  f85ce0d2e1806c582954bd831378033e
- SHA1
  
  584222c390c8e9d0b85574083b89be48114b7f00
- SHA256
  
  e4fa2ded0327c43aa618cc751b8a8704cbec33cdbc28e5ff49d536d58226e5bb
- SHA512
  
  08a9f6c42a774287a883a745acf1a17327df19493248c69d8497b6a5ee1a5e9310fb756a3c4c7665624929d4387bf365cae5f6100aa873c04bff2b56932be4a8
Score

3^/10
behavioral20
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/TrustTokenKeyCommitments/2024.10.11.1/keys.json
- Size
  
  6KB
- MD5
  
  052b398cc49648660aaff778d897c6de
- SHA1
  
  d4fdd81f2ee4c8a4572affbfd1830a0c574a8715
- SHA256
  
  47ec07ddf9bbd0082b3a2dfea39491090e73a09106945982e395a9f3cb6d88ae
- SHA512
  
  ed53d0804a2ef1bc779af76aa39f5eb8ce2edc7f301f365eeaa0cf5a9ab49f2a21a24f52dd0eb07c480078ce2dd03c7fbb088082aea9b7cdd88a6482ae072037
- SSDEEP
  
  96:UXq6pG2GE+ryg+BQJ+m0plhYvPuW+wkpTm+ozdswsDm4+uTagSfC3AQj+y:uNtGbraBQgm4lOvMwkoR9PuGs3gy
Score

3^/10
behavioral21
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/TrustTokenKeyCommitments/2024.10.11.1/manifest.fingerprint
- Size
  
  66B
- MD5
  
  056d2edcd3ce728c356722ca447a0272
- SHA1
  
  eb8505bf5a4e7f1adf76b011097224c7d50c6b11
- SHA256
  
  c1ed8661fc256969b9480682313f02df92b0204a14cb1ff77126df77de285020
- SHA512
  
  d663874b56c48effb431c34f5613f80cf844b5fc65a584fffc75f516edb2c73094d849f2665510147956ba40f4233dfa5a4b678f586db7e4449e1e0e9d4a9ec8
Score

3^/10
behavioral22
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/TrustTokenKeyCommitments/2024.10.11.1/manifest.json
- Size
  
  80B
- MD5
  
  077da41a01dde0173ebbf70d3b7210e2
- SHA1
  
  4b3c3deeb9522ca4ef4e42efcf63b2674f6a5c07
- SHA256
  
  23bed5c8ebea0c376483374bad7baf633a7e52f3e0a609371c518e06e645bda0
- SHA512
  
  2822d02e2b3c6306e6d71fa62e7f472b4c3cdf0cbe499b70ac60a0a50e547ed47c394d7de88bbef2e6015920442b9d30cbc0d6869d154e02ec251712f918deec
Score

3^/10
behavioral23
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/Variations
- Size
  
  85B
- MD5
  
  bc6142469cd7dadf107be9ad87ea4753
- SHA1
  
  72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
- SHA256
  
  b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
- SHA512
  
  47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182
Score

1^/10
behavioral24
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/alpjnmnfbgfkmmpcfpejmmoebdndedno_1.4AF7EE72E9C8E11DAB4124EB233B3B5771D0EE966ECE3055FB251667528D3D0D
- Size
  
  221KB
- MD5
  
  fa1683845a7bd378d0361963b222299d
- SHA1
  
  f564f5e8752b0c2b8f40701116949c4d662dad11
- SHA256
  
  4af7ee72e9c8e11dab4124eb233b3b5771d0ee966ece3055fb251667528d3d0d
- SHA512
  
  9e249c3ad13dba739b4de279231f4a46be0234a0425997cba418a5ee5633dfc9f51d263ce8d5c92ec1bb8db43f139f7a7be24f0ec7d88794e647caffbfc27c2f
- SSDEEP
  
  6144:wBxj2S7Dx01gqo+kCnTm+dKSiz8HX7LeSv9+xrIqUViyTraumoJ:Oxj2Soo8083Dv4xrHUrWTK
Score

1^/10
behavioral25
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/eeobbhfgfagbclfofmgbdfoicabjdbkn_1.8BFD50D350D47445B57BB1D61BBDE41CEDA7AC43DC81FCE95BF1AC646D97D2A0
- Size
  
  1KB
- MD5
  
  e15208ff647aea1698bfa7da5287df5e
- SHA1
  
  bc5d6e7d0d71ae1bcac13320ee237ce0adc493f3
- SHA256
  
  8bfd50d350d47445b57bb1d61bbde41ceda7ac43dc81fce95bf1ac646d97d2a0
- SHA512
  
  07e2435f9e609d92daf97b5c6b75a79c9f8c229facd24999a45d954ad2eda130f7b7deeab6403f8518c5bfe2791b9796952c7ee58023488c90165cb1b0d5f47b
Score

1^/10
behavioral26
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/fgbafbciocncjfbbonhocjaohoknlaco_1.D551321488BC5B99465F9047C5EFED82B96666074E4C836AE7B5B91D1DEEE2E5
- Size
  
  7KB
- MD5
  
  eed06ac13a370ea47ba4a5322f317994
- SHA1
  
  ff16100cc6ce7ede548da5e384a1819f417bc4f3
- SHA256
  
  d551321488bc5b99465f9047c5efed82b96666074e4c836ae7b5b91d1deee2e5
- SHA512
  
  d927a4770483391736edb73cae645bc8c628277fbc8fb19a3cb4169277b01741c1dab3bfd1d26e6523e18f03af10bf7d3a39dc07d924d5e7aa8c24a8075e8392
- SSDEEP
  
  192:KhhABTUeRlFPGrkFSB4fD+64q4Q9MWPB8axhutZaX:dGySBcDnH4RWPRNX
Score

1^/10
behavioral27
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/fppmbhmldokgmleojlplaaodlkibgikh_1.A81D1959892AE4180554347DF1B97834ABBA2E1A5E6B9AEBA000ECEA26EABECC
- Size
  
  952KB
- MD5
  
  1a9c030cf025d340ff394cd9e5b664f3
- SHA1
  
  c1e8490662903d90de97760cb3102426f2784bd9
- SHA256
  
  a81d1959892ae4180554347df1b97834abba2e1a5e6b9aeba000ecea26eabecc
- SHA512
  
  7a9584c96849b1c8c623119bea4255a628e0f36d3a5f670e9c6a20f84d250fee859751a521322864b1577d7ca3ecdd7ee805c0f35bd7d74ddf43afc9f2abf8cb
- SSDEEP
  
  24576:LwrAaUx3buUhBVQYflCitQKjQKR6kizJqpAGQ7xj8pUvQCg2:LCAH3ZsYflCiuKjgkc7B8mvQC9
Score

1^/10
behavioral28
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/kpfehajjjbbcifeehjgfgnabifknmdad_1.00AF3F07B5ABB71F6D30337E1EEF62FA280F06EF19485C0CF6B72171F92CCC0A
- Size
  
  1.0MB
- MD5
  
  14ef2d35ee97e8be10d6046b2e1942de
- SHA1
  
  8ad139e47d4d58df369e40c025923be0d82a5f9b
- SHA256
  
  00af3f07b5abb71f6d30337e1eef62fa280f06ef19485c0cf6b72171f92ccc0a
- SHA512
  
  f6e646031caa27f972b222a94aee3b2b610db686009e1dee6fbf0c4ac7ba6edb632eafd9ed81e15bb011e2c31ed4dda82b16dac560ed68596159ec29064ecda3
- SSDEEP
  
  24576:OgtkaswlAtUVNexKSU7EmXzDRx2I1woiB/ArwoiBM8u:OgtkaFlMHQQ2zDRQII///u
Score

1^/10
behavioral29
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/ndikpojcjlepofdkaaldkinkjbeeebkl_1.69D0D51AD8D1AABAAE811B5BC6F72729BEEBE8AB40C8E6080C8255453F913377
- Size
  
  1.6MB
- MD5
  
  4e1b8110c0051df94a611086b3afce68
- SHA1
  
  76d1fda433efdfde03006189e9727c270e4a6936
- SHA256
  
  69d0d51ad8d1aabaae811b5bc6f72729beebe8ab40c8e6080c8255453f913377
- SHA512
  
  67112ab375f836e12af54062540d60737683e331d07fecb2f4e830ee005ac093169dccd1bf12f60e5ad5c52cca869950ae5f0ba5b01c007c47599329e0bd6842
- SSDEEP
  
  49152:iGB5EH8IGiLHJo65GLK3LJYI+Sk6hHePu3:t5s8bko6IW3LJYI+R6cPY
Score

1^/10
behavioral30
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/oankkpibpaokgecfckkdkgaoafllipag_1.44C48B9ECD87ACDDD850F9AA5E1C9D48B7A398DEC13D376CD62D55DADBD464A5
- Size
  
  22KB
- MD5
  
  cbfd6b1a1f278778950a4fcb6d683008
- SHA1
  
  ae27d38af7257c4c846970116807244b723881bd
- SHA256
  
  44c48b9ecd87acddd850f9aa5e1c9d48b7a398dec13d376cd62d55dadbd464a5
- SHA512
  
  0c7c46ccba1048496127c40592774f7b211f57f002de84bd28d3b023ad3d81bf68e9aa8db2dc8dbf9eb3a176e2733a34318810a06db3b9a8d662f5b5e188d91e
- SSDEEP
  
  384:2Kz+yjT5FaTB29uJID+2Qlyi+jBzAi4dLQTf49fmA4tVyk4exlfiMRoLnJ:L+yjQw9L2lyiSBzJLTCmJUei/nJ
Score

1^/10
behavioral31
- Target
  
  Forlorn Executor.exe.WebView2/EBWebView/component_crx_cache/ohckeflnhegojcjlcpbfpciadgikcohk_1.95FD9D48E4FC245A3F3A99A3A16ECD1355050BA3F4AFC555F19A97C7F9B49677
- Size
  
  1KB
- MD5
  
  89fb6ce8c3a916d3d5a46bb06d99b190
- SHA1
  
  38a1828a642f128fcc644190dff9ba10a869db8f
- SHA256
  
  95fd9d48e4fc245a3f3a99a3a16ecd1355050ba3f4afc555f19a97c7f9b49677
- SHA512
  
  e5f2c9a4f07d5d683687da44711af5b102b478cb76d547b74672656a5283b9c8b4564ca8472255a803e22bf3bb00ff2b66b4bb0f2e8da1909d4082cb7ceeca9d
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32