478fc3ddaaa253dc2c817d32ec61afcaad26c39c2fd13a3800bbb2320c65a18a | Triage

Sharing

General

Target

AkynGuNOxW.zip
Size

13.9MB
Sample

241130-fyjfratrcz
MD5

2b1ce866e0a5cca9d1d996f0aecf8cb2
SHA1

54926806f2c9c96d5c0ecf7eb0c70101bb4c4312
SHA256

478fc3ddaaa253dc2c817d32ec61afcaad26c39c2fd13a3800bbb2320c65a18a
SHA512

5d9ee18ec38022af993a5bcccd1452aedae57244e3cd68d9d2051c7b3b53614567b9ce075e778937f231394f5a3d2eb4eca050c7bdd7f0aebd035009bacada94
SSDEEP

393216:fkspUfT02n3y9QSdVUAcX/LznJ4DQL5LE1ubvIu5Z+mVXu+5r92hruZ:fbpUfTrAGjLzSDYw1gIau+N9x

Score

3^/10

execution

Malware Config

Targets

- Target
  
  BetterZoraraUI.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.55/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  Microsoft.Web.WebView2.Wpf.dll
- Size
  
  81KB
- MD5
  
  b8766e71b537b000f020ae51284ab4cd
- SHA1
  
  4731f26cb74c8c2f6addea537dde860cd94321ac
- SHA256
  
  7b0ad54180a2b6c4443a68c93309c1e4196e9baaeb0a6c58ca5b192ed0ce8615
- SHA512
  
  b1e7d7dd971fd0fc8ce777ca0942add849f77de8a50a0ce4d117d18bee06dce4dd98622a4dbe44e11bc199646e388917255328191789c25f68f0809ee8eebc34
- SSDEEP
  
  1536:zbjmE+c3SOQgan6hp8dYNUDHfFWyEb30mpc4Jjr4YeUqiHhCU0NdnbvUufk/UaTo:zbAc3S3HnOp8yUDHfFC30mpc4Jjr4YeT
Score

1^/10
behavioral3 behavioral4
- Target
  
  Microsoft.WindowsAPICodePack.Shell.dll
- Size
  
  502KB
- MD5
  
  b3fb8d4597c42936db9ca7199f7669b4
- SHA1
  
  795f7d467e9a66c44f7fa2fd5081789d29f94da8
- SHA256
  
  553563287c110d4cf8ac6a32f2bde3e083fde301c3424cb6348987b2a1616c79
- SHA512
  
  434807aa7d15d2edaacd0441b6b246dd134e77a16afa6b4417ec62a542404b4f5c0d5ace003f4dbdfc060e2dabf308fba1a9e6446e7c4e15e2f9de2582a2ca60
- SSDEEP
  
  6144:F1lxCRQNNOPT2dyJ9nQjbAFOGrwepNVjBti8qqR3IdggbtEBYMpYHj/++R1yj:F1OhPT2dWdgG0EIn6
Score

1^/10
behavioral5 behavioral6
- Target
  
  Microsoft.WindowsAPICodePack.dll
- Size
  
  101KB
- MD5
  
  9bccf8961cc71884492b90133b3f2c14
- SHA1
  
  7323cc451116069f4db9a1f8ab19dbd2e0801724
- SHA256
  
  681f452b9456461d689f26b239ed1822ebb642daafee1abe1e66501f8d0c938b
- SHA512
  
  3deaf407d7150be92608e2eda4785d5ba7a2627adcd7f897b0db39bb766125fc986dbfa4a5552626fe1e27e24448fad58febd90f3bf38c40f26850cf4e46ea6e
- SSDEEP
  
  3072:J9NWoU3saQqxvhpYywTt/1Ngrli1aA/ivj:JGLsa7xZSywN5k
Score

1^/10
behavioral7 behavioral8
- Target
  
  Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  adf3e3eecde20b7c9661e9c47106a14a
- SHA1
  
  f3130f7fd4b414b5aec04eb87ed800eb84dd2154
- SHA256
  
  22c649f75fce5be7c7ccda8880473b634ef69ecf33f5d1ab8ad892caf47d5a07
- SHA512
  
  6a644bfd4544950ed2d39190393b716c8314f551488380ec8bd35b5062aa143342dfd145e92e3b6b81e80285cac108d201b6bbd160cb768dc002c49f4c603c0b
- SSDEEP
  
  12288:mFIM0KteTMN4Or4D3OdmZg5WHEaEDIGBBjgrIQtD+tVqDMW:6zMTMNNd+g5Wk78GBBjgrIQtDF
Score

1^/10
behavioral10 behavioral9
- Target
  
  bin/Monaco/vs/base/worker/workerMain.js
- Size
  
  133KB
- MD5
  
  d0ac5294c58e523cddf25bc6d785fa48
- SHA1
  
  1b3661b6db36f1b14fd80dc9a739bfc69c68dfe5
- SHA256
  
  e90d1a8f116fa74431117a3ad78dde16dde060a4bf7528dfe3d5a3ad6156504b
- SHA512
  
  fea07a1ea5d29a3b4c614248655f4d1ddd94c10c6a6b5c8b428a8b4c0cbec7e7492fa0665c5001e65ce167240ffdfc5ac2c2ed14da3d6f508ae8d8b3c8e8eebb
- SSDEEP
  
  3072:bzjH/zYJc5c/7tMLrJ78II4F9N8+em5W+:XjH/zYJc5c/76LrJ78I7BL
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  bin/Monaco/vs/editor/editor.main.js
- Size
  
  2.1MB
- MD5
  
  a7e3083cfe200263edfb4bf011b893a3
- SHA1
  
  18b52dc38e7a8a612892f5e60a08d9b19e1f472f
- SHA256
  
  9e2fb6171592f7a3c33d3b5baef58b516b36473ff7717bbd643574991923435e
- SHA512
  
  6bbb149102958e23c42accbbd18595fcfffd547bb826f2309956c036983692e83b7313567a42e50d98a1c946fab554e32b77ef4d0f8bc0cc7f0dda196fd7e23b
- SSDEEP
  
  24576:jFFExk98EXl2uRJxjP3Gdv6QLtQ2MbRpn:Yxk98EXl2ixjP3Gdv6QLtdMf
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.de.js
- Size
  
  46KB
- MD5
  
  d1fd2fb756c73970b9c5e0ba07bff708
- SHA1
  
  470057b3244886dccc9f6074297cc8bc2a9c1b39
- SHA256
  
  cb1c3416ff242a738c45c3b2590d7d222b159a95a69ce3b7b8d7c8d18ea70828
- SHA512
  
  db2432182ff4c85fcca5093d0e433ed9cf5bed3ea3db9ed82fedc87af4d260e0d0f29ff67f0b8ac78e162586a74998ad082a91e8f9a76717827a83d5b2f775cf
- SSDEEP
  
  768:ocuLC1xYdRB1a3Xq1GdigBoQqAaI/QQUEYPxFpXT1kF7bJZYmz7lehjDWMQRBk3Z:oclxgVuXq1GdiRQqAaI/QvEYPxFpDkbg
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.fr.js
- Size
  
  49KB
- MD5
  
  1a29080733878dd44e0c118e84cd0c39
- SHA1
  
  60c158e23962b11918f6cae26445fad5b63bc65a
- SHA256
  
  6ed837dc1905c06a20d102921ff06a0bda003c5368ed0576bf7e69494e889ae8
- SHA512
  
  5cc68cabb583100320d7c875fd7c46f5c618c3968ac2a7c2b60f90ec74b29349a557049c17d5c851cabb54d5ef26cd65e8d2288d70b62ede06ee1762e25dbd60
- SSDEEP
  
  768:op8flgb2uZ5CcXQ6Q3edz3uzATaY3l0y+wj90TWIvkU5BkREPTtOjNjZocYV3A4k:owliv5Ccg67SATaYVKPkRskjNGBAa3k
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.ja.js
- Size
  
  52KB
- MD5
  
  3bf851cc70f515cbbe1d39da93e4f041
- SHA1
  
  88fe6323bbe14b55b6eec078574318e8474be613
- SHA256
  
  1f3556ea7233843b9e08b3c97b6727c533d702563e195c2090a438070dc85f0f
- SHA512
  
  61ffe9ec3550d2f8dfbc30d7d61327584833bb714a9d2cfc9788449190089dbdeaa293bb9921a43da782e1c36b7d242e13ac052b46210d2e79793626e921169d
- SSDEEP
  
  384:hyd/PwPtm+04LZ+FFHr0ZA9qOSTvvIEveG1vz14NdahWMpA1Uj4vHbX3IPDScLBV:olP4LsIOCaT3lJr/Tvk6892vU1ssD
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.ko.js
- Size
  
  46KB
- MD5
  
  60fcd422ac97a1b645ff48cb6928f7af
- SHA1
  
  da5b57dfbd257720155e303f0e75e263f0e74190
- SHA256
  
  98e649fa40d8e2ccfdc212341feb8165a7d7bbec31e8a77d9819ad9474e4b8ba
- SHA512
  
  52439f47f1e12ccf37db40f9fa8fa4966579cd6b327cde1768187cd7fdc7ebdd444e1953e29ed09bdced40d764c2e8f7131d44908c00bfd350e856a9df661aa4
- SSDEEP
  
  768:oNOnmkUxK1pLkKgljQM1r0xXDj8kE6q2XlGZrAPPvzcDzr5u1QrWp4cX6go:o4ZUxKgKzxzrE63GZrAPPkrmQKp4cX6L
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.zh-cn.js
- Size
  
  36KB
- MD5
  
  05e49314cf801f5d3992b55243690ea7
- SHA1
  
  c20fca9f037adf2edec34ccf67a08e56d1d71bbf
- SHA256
  
  e9adc8ffca9853ef6e0bd4e955af9f395a570bc7772fc2dac0c0ff241aac864b
- SHA512
  
  7d499b41ae9bee2e72b721a49c0d053029624b19af1ede71a4378e14d3f6b407539c18d29422fb8d21681ce7dc160d2f11e80064017f5c8a5f645d6c1a77cc75
- SSDEEP
  
  768:oJbVMLHwwytIMTAlthuIjOP4CAz9NlL2/AdszzHsVBI/C4j00llmR+V66U:odPPZ+huIjTszzHs3IXj00llmMV6j
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  bin/Monaco/vs/loader.js
- Size
  
  29KB
- MD5
  
  bc15bb48d4d5c60ce7f16819f4d988c4
- SHA1
  
  87c7f328aa357d52b68b2cea0a214365a40cdc36
- SHA256
  
  5c3cf09973404ba31d760952f267751ef2bb09f315331d13ca432b65ce2c480b
- SHA512
  
  b5d7481773cafd01f3d738949a54e49c166c9a8fea3a150f6f0eed7449176d630991e27544a4e7b23fdad29700ae7fbba5de42f97c69874b6f2ad374194a9853
- SSDEEP
  
  768:o7J6CgCAqoxgiwYeMX/so92s8hHlDmc0yvrCfS5kUN+WV+X7:oV6lC8fwYeFKcV5k
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  12d2dc3eefb08ba38a6c67ce08ea21b5
- SHA1
  
  bdcbcf9c8df704caa9961db9bcc764eb87197bb4
- SHA256
  
  7c4f68a0468509f733a2a5d22c4ef114f96c9ce54834ec73677b0597c5cd8797
- SHA512
  
  491c9f4dfd739ea4a7a6b4a56d3203ab1fab69d2294cafe27d56f855edef9a97a0fa8de99ce9b4e319185bcc20d5ee2c6482e0a6f9ac243e3d0dcaf10f3d59a1
- SSDEEP
  
  12288:Ko98JUemoehY28364fL83EaBwNCDjdMT/QKdEVB3cbV:KZUoeSPAmkjqT/ndEVB3cb
Score

1^/10
behavioral27 behavioral28
- Target
  
  runtimes/win-x64/native/WebView2Loader.dll
- Size
  
  162KB
- MD5
  
  0ad9319fa14d39c0812583337546ca20
- SHA1
  
  0a76b27dc44f46756984a7a5f93f9a9b024aedb5
- SHA256
  
  1d963a02d8a7fa3e7eac2e936dad5559c4d63327f35b0a09787ffc1d58f9c18d
- SHA512
  
  01bfb6516ea8d2347863fdf6de7ce1bc598d0798a7a388a0b4478a8be4bad66362185f366ed52adb19008f518c05fbaedf46268051bbf26e448e23b017af669f
- SSDEEP
  
  3072:RbAne8TlTRTSpL1ThTNTRyMDjRb/hy75HGRtVBviiZsZ5AalCPTOCEtJxWPg8EhJ:RbyTlTRTUL1ThTNTRyeLq1GRtVBvPZsd
Score

1^/10
behavioral29
- Target
  
  scripts/Dex.lua
- Size
  
  410KB
- MD5
  
  e37374a8aa47cf8ac6d56901436e199f
- SHA1
  
  5d62f5db07614f3b548702faa4f7a06e235c9b12
- SHA256
  
  47cc5f1102fda0eba76b9570a1b943326f2170f270d5280e1f8dd5723c43fc14
- SHA512
  
  efee19e8109a48d49f099dd1767c722935123c4ea4d6e0ab905703e16fcb7196d31c45826d4398a5b7249e686ca90db3f671416909ce3440d4709edf1bd55775
- SSDEEP
  
  6144:X+B5OQiY5mqWM4Kg9HHj/B7TjmmDLmogQcEZVTkJuMap1PBPY9ZSnJm7xoiZDDHQ:RQ90qWM4Kg9HHj/B7TjHKi
Score

3^/10

execution
behavioral30 behavioral31
- Target
  
  scripts/IY.lua
- Size
  
  464KB
- MD5
  
  b7fd97a54c618754ceab75e8a5c2de10
- SHA1
  
  feb96643a76f785177fa4e841b92e6a0af364180
- SHA256
  
  784f1c6ac0d4a3abdce59e09b0e9b52da6c426136cf0bfd775445e8194b77ddc
- SHA512
  
  078f305142e6b2d3300d249ba305897374e0d5a78e6db9ac902370b1eee433ee83322568735b3d82706fd1fc117dcbd3fe60ad5c2d8cada8deb36b2de6da7921
- SSDEEP
  
  6144:OkrLwE7/2eTtOWGhzWtRNY9gIBuQulO7oFo5n4Xd9wDhoQhGZtUi8/1j304U48uH:OkrLwE4WG6NYQFOn4Xyipo
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32