General

  • Target

    2957fdcfba6966494c4a851f8be9bf8f2b46e3c61e57fb92abebb99d8d80199aN.exe

  • Size

    202KB

  • Sample

    241129-xnyala1nfs

  • MD5

    d36d291a5b1c09f8c6bf64dafecb3e10

  • SHA1

    365b86f23460827cf37d322622bcd782cbc71c03

  • SHA256

    2957fdcfba6966494c4a851f8be9bf8f2b46e3c61e57fb92abebb99d8d80199a

  • SHA512

    220321d8fd52902ef2ae6be2ca4d2b2c09ce69b2168239079dc8774a51ffcbab1edd7a97b72b39d36dc7cd6e7f83e5227f4846af41b61f0f7a5f8f636fc19bb6

  • SSDEEP

    3072:H8nh2Hrp3Tlp+soN3BY2ZBHetwcyf1w5DYRZPQaQrhu8ihDNugrBVgc8gbmT2PcF:cnw9lEs3hhyaubQTkhbrBVL8gbmT2Pc

Malware Config

Extracted

Family

simda

Attributes
  • dga

    gatyfus.com

    lyvyxor.com

    vojyqem.com

    qetyfuv.com

    puvyxil.com

    gahyqah.com

    lyryfyd.com

    vocyzit.com

    qegyqaq.com

    purydyv.com

    gacyzuz.com

    lygymoj.com

    vowydef.com

    qexylup.com

    pufymoq.com

    gaqydeb.com

    lyxylux.com

    vofymik.com

    qeqysag.com

    puzylyp.com

    gadyniw.com

    lymysan.com

    volykyc.com

    qedynul.com

    pumypog.com

    galykes.com

    lysynur.com

    vonypom.com

    qekykev.com

    pupybul.com

Targets

    • Target

      2957fdcfba6966494c4a851f8be9bf8f2b46e3c61e57fb92abebb99d8d80199aN.exe

    • Size

      202KB

    • MD5

      d36d291a5b1c09f8c6bf64dafecb3e10

    • SHA1

      365b86f23460827cf37d322622bcd782cbc71c03

    • SHA256

      2957fdcfba6966494c4a851f8be9bf8f2b46e3c61e57fb92abebb99d8d80199a

    • SHA512

      220321d8fd52902ef2ae6be2ca4d2b2c09ce69b2168239079dc8774a51ffcbab1edd7a97b72b39d36dc7cd6e7f83e5227f4846af41b61f0f7a5f8f636fc19bb6

    • SSDEEP

      3072:H8nh2Hrp3Tlp+soN3BY2ZBHetwcyf1w5DYRZPQaQrhu8ihDNugrBVgc8gbmT2PcF:cnw9lEs3hhyaubQTkhbrBVL8gbmT2Pc

MITRE ATT&CK Enterprise v15

Tasks