empyrean | fe40ce15ce9376ec4dd6f97ecdd4837a58ba07421fd162f57f96e0bf51b8805a

Resubmissions

08-12-2024 19:26

241208-x5qbbaxngj 10

Sharing

Copy URL

Twitter E-mail

General

Target

SilverBullet.v1.1.2 - Copy.zip
Size

261.5MB
Sample

241208-x5qbbaxngj
MD5

f234ff9752feef3c3b5568824b3cda42
SHA1

abdb571286bc53186b865d06307fd3e54eb3550b
SHA256

fe40ce15ce9376ec4dd6f97ecdd4837a58ba07421fd162f57f96e0bf51b8805a
SHA512

951717092c0239a991d9d86dedc10cc7048f937ae4a405b804ac3fe95f884b68b6c4c26eb490549b4b05f23cc2cc4959a85ff2bc8b1ddbd915010c9d2bbeeda0
SSDEEP

6291456:OgSqKS3o1WGuvEStA/sKO1rrp2zxuGor50DrnBF+UINGIy5dZXTwJBq3scMOq0XU:Yuo1sv+/zORUzxna0/rqW5PTwW3/XMdH

Score

10^/10

Malware Config

Targets

- Target
  
  SilverBullet.v1.1.2 - Copy/Configs/Yahoo + Inbox Searcher.svb
- Size
  
  18KB
- MD5
  
  f44fd13f036403eeede6402fb640b55f
- SHA1
  
  13369b493652bf2106bd6941c32fad6d966f7c5e
- SHA256
  
  7303d76b21c9c7a1ab21a9dd2f7ed29f66a27732d71fae566523f9384b42eb77
- SHA512
  
  e56269381faef63d25430ec3e26d78863c1480b6e964dac8851a3055f3217b2e187b81997f927c9d63b57a54d74956b6c766765adb3f289defcc9761eaadbd30
- SSDEEP
  
  384:3mguDKCEdohNLqw5wlfEowlHlSyL9P9PlSyyKGOP/:LjaOokyhPZkyyvOn
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  SilverBullet.v1.1.2 - Copy/Silverbullet.exe
- Size
  
  17.9MB
- MD5
  
  73110fce83db11aeb8b45b2b393f9516
- SHA1
  
  4be13da66b454d870d45c79c424c63eed1703bb8
- SHA256
  
  67f5b424e518fd166b2316f43dce3f31fcafb9bf5160b44fd2ffdec1edb2beb4
- SHA512
  
  ac44249b92b8fa9572a9d88b19523230e3bed252876c1b5f3026b8164cf5940e358671d528117dd8c2372e375fc663d77bb8bc4baa0e4ccf37ea9eb4cd096cd8
- SSDEEP
  
  393216:WqPnLFXlrVQPDOETgsvfGKgbWavEqDhmc2jgq:7PLFXNVQ6EVmWzeTe
Score

7^/10

upx discovery persistence privilege_escalation spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  SilverBullet.v1.1.2 - Copy/amd64/Microsoft.VC100.CRT/msvcp100.dll
- Size
  
  593KB
- MD5
  
  d029339c0f59cf662094eddf8c42b2b5
- SHA1
  
  a0b6de44255ce7bfade9a5b559dd04f2972bfdc8
- SHA256
  
  934d882efd3c0f3f1efbc238ef87708f3879f5bb456d30af62f3368d58b6aa4c
- SHA512
  
  021d9af52e68cb7a3b0042d9ed6c9418552ee16df966f9ccedd458567c47d70471cb8851a69d3982d64571369664faeeae3be90e2e88a909005b9cdb73679c82
- SSDEEP
  
  12288:koBFUsQ1H5FH3YUTd/df0RA7XkNvEKZm+aWodEEiblHN/:dFUsQ1H5FHdGKkNvEKZm+aWodEEcHN/
Score

1^/10
behavioral5 behavioral6
- Target
  
  SilverBullet.v1.1.2 - Copy/amd64/Microsoft.VC100.CRT/msvcr100.dll
- Size
  
  809KB
- MD5
  
  366fd6f3a451351b5df2d7c4ecf4c73a
- SHA1
  
  50db750522b9630757f91b53df377fd4ed4e2d66
- SHA256
  
  ae3cb6c6afba9a4aa5c85f66023c35338ca579b30326dd02918f9d55259503d5
- SHA512
  
  2de764772b68a85204b7435c87e9409d753c2196cf5b2f46e7796c99a33943e167f62a92e8753eaa184cd81fb14361e83228eb1b474e0c3349ed387ec93e6130
- SSDEEP
  
  12288:QgzGPEett9Mw9HfBCddjMb2NQVmTW75JfmyyKWeHQGoko+1:HzJetPMw9HfBCrMb2Kc6dmyyKWewGzB1
Score

1^/10
behavioral7 behavioral8
- Target
  
  SilverBullet.v1.1.2 - Copy/amd64/bn-BD/Humanizer.resources.dll
- Size
  
  16KB
- MD5
  
  8c15ffa818cdb7e2aedd8b6537be3069
- SHA1
  
  4703f45f16a535ad9272b81f93bc1f5ce0d38362
- SHA256
  
  d3e7ff7402a789f9903d4f40e027b57838afd08a0bea8ba8bc8d4750d7bc54ea
- SHA512
  
  6210ad261cd7ad5ae21ef3f65ae9a91fd3a613e6cbd36d36a9f967ea68e3a9714efb5a78949ed60b7b5c5ee2a3abb851e0f8e5b1b91a880ed0d3beae13eeb318
- SSDEEP
  
  384:gC02Rvy2GI3ZTTZSZmZPkiy/2/71Dgf2hA:gC0OV3dnT7Uf2hA
Score

1^/10
behavioral10 behavioral9
- Target
  
  SilverBullet.v1.1.2 - Copy/amd64/zh-CN/Humanizer.resources.dll
- Size
  
  15KB
- MD5
  
  caf0640d9ae44d48dc057cd22f3f1cbd
- SHA1
  
  838ec4431d70064e14e61e3a68eb2f48ed5cfe9a
- SHA256
  
  ff1df04897cb47addd970bffad316527e787db7c398293296cd9c1efa5d54e2d
- SHA512
  
  f1d2d051d7901ab327ba804002e2232d7df2be5491cfac1bdee7e87742c2f1a55f4bfe4fd24e33a1aa994c2767d626971bef76db83158801399dc30ba6a84bd7
- SSDEEP
  
  384:4kAx7vyOhBXT/ZSZmZPkiy/2mdVnDgf2hWg:4kcJhhjTwXnUf2hWg
Score

1^/10
behavioral11 behavioral12
- Target
  
  SilverBullet.v1.1.2 - Copy/amd64/zh-Hant/Humanizer.resources.dll
- Size
  
  15KB
- MD5
  
  53fb600021c9adb9b6e73182f514c2fb
- SHA1
  
  9c797778827c1c79e79133295017f8360b15a492
- SHA256
  
  aa072f5a2328f6f13a7d965fb342c8fc0871150dc9e84ff73f21b7df01be8eaf
- SHA512
  
  1126603bd3770c187a32e36662701765836d54ff429170ac480c9b6491a52f7bf3fd182e66c804d792635dc20e6628e4fba5ebcc1072033e02255f25a3983ac9
- SSDEEP
  
  192:US4lGsAKcvyOhwDtkEvk2JvwTF+ZSZucQZPMH7Tpe1zO/fTJoDUa9sgfxIZHeg3:UPlA7vyOJTUZSZmZPkiy/2YDgf2hT
Score

1^/10
behavioral13 behavioral14
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/AngleSharp.dll
- Size
  
  810KB
- MD5
  
  43cf95989d4b20c1a50a888c968536f6
- SHA1
  
  5306e571de0faa7cef8dfd9fe46621c5c50a9b16
- SHA256
  
  d9609f320e054e17c2ba1129ad293281b733625425028587b7326550bca398a0
- SHA512
  
  d3c4102ce4bae9fff3e1ae1f3aaaa8560c9acd73ad6441ac18203744011191ad2bd80caed37bd286bfc6410357928b15cffea4e4db61cf780db4d2bd939e4cf0
- SSDEEP
  
  6144:frPn0zXwluf4iupAvWw2Gf7tmp7gM6S6tCDELdzKnIgTAR3yFT2X39sKxqHNU0oE:frbWvW1q3LQDVI/RiM05B/
Score

1^/10
behavioral15 behavioral16
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/BCrypt.Net.dll
- Size
  
  14KB
- MD5
  
  6a56593ef2ef2d86f5ec26d2b3c50686
- SHA1
  
  344d593b6973288b62c6ae91d26237ecaf02096f
- SHA256
  
  e1f0f6abd5b942172ec00f8b6a341dc9e484e6a63031b7699c5b41f02df9cd55
- SHA512
  
  ba2dc71006550d9fed140459020c31183f16f90d6f2e3793ff79035706514a3fc8fb10c68dd64fdfb4fa23b6082c21e18559fb7ec4e7d1ee4571645ab8f92262
- SSDEEP
  
  192:irPd5E17sTjoomT8VqFVAeXJHJAyZJg8D0KThxA+rAQE+tnJiOUDyv8ov9jhCGk:eKP2qMeXJpJgLa0MpfDVQGky5X
Score

1^/10
behavioral17 behavioral18
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/BouncyCastle.Crypto.dll
- Size
  
  2.5MB
- MD5
  
  f0b3e112ce4807a28e2b5d66a840ed7f
- SHA1
  
  54a6743781fd4ceb720331fce92f16186931192d
- SHA256
  
  333903c7d22a27098e45fc64b77a264aa220605cfbd3e329c200d7e4b42c881c
- SHA512
  
  dc8ec9754c5e86f7e54e75ff3e5859c1b057f90e9c41788037b944a5db2cb3b70060763d0efcbe55ec595bcc47a9c0ff847a4876821470ca1659c31afd5b0190
- SSDEEP
  
  49152:OSSJ+G1PjodumkjD6Oc0mqHZwueCtbu9kQN:6xodumo6Lr
Score

1^/10
behavioral19 behavioral20
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/CaptchaSharp.Services.More.dll
- Size
  
  14KB
- MD5
  
  35037461c0ab99e6013fc99adc5acc88
- SHA1
  
  1e84a20fb07c28b9a227f1bf55a8d045f18f7982
- SHA256
  
  7ace519a9c2d943f2cd8358573eeb4f21f4dfa723720ca6c4bffd67b08d4f63c
- SHA512
  
  197f9f5aea0d1dfd56f2d705a4f79846b6b84f1e3ff50f460cbd60de7cdf78e09e19e92f9ae7deee4894322ac34b8dabcc8770ce18645e8e312811c4550dad9c
- SSDEEP
  
  384:CXwLIayjGdhDrVaOsgC5bxZiE71rHJDT:CvS7rVf0/ZnrpDT
Score

1^/10
behavioral21 behavioral22
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/CaptchaSharp.dll
- Size
  
  95KB
- MD5
  
  de9dbbe708a35baa84dddb61066a68a7
- SHA1
  
  16cc77bf5a0709b2343d7d4a68791c21a48b0e5c
- SHA256
  
  72e5f45ff10cf78298be28a706214e8af96f5165294aa1db77820a27fa85143a
- SHA512
  
  70579920debbe302b96058ad1c79a595b63af6ed369385a210b91bf7f3220d92f93a2bbf3e25d28a6d783ccda007df9ae6364671c0fc7778564ae71bbeac1031
- SSDEEP
  
  1536:0U71loylHoU4lQsZTM16RBlpRV5LaIST+cu5aXwZXo+PbYw0cejuEruLd:06s6rOQveBlpRVeXwZXo+PMw0cejuw2d
Score

1^/10
behavioral23 behavioral24
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/CefSharp.Wpf.dll
- Size
  
  83KB
- MD5
  
  4eebe229b8b356a76fbe7bdc9743c4fd
- SHA1
  
  bebaa30e9821d81ca3a6c7530c3db2b97ed1090a
- SHA256
  
  f10686b5d029a72d1ad5768ecb7ac868efe866ef1b862c07b6490b1fc8bf7548
- SHA512
  
  5c16894b4c01b54ba78fce5b018312febfa05aaf34a4b241a0ac09ce7aa004e084b7ede8be5bad90974df06b8f8887a48b4de786c1a50d0ef9fcd0987f981428
- SSDEEP
  
  1536:GwQcm8JNaiVEQJjH2bVCgPaq7GWbXRUDnamyGxhBge8FLMmG8YptpUI:GwNVYiVEQJjH2/KWL6Bge8FnG5DB
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/CloudScraper.exe
- Size
  
  7.3MB
- MD5
  
  b7453c7d019dfc321d38f4185cf5bdcf
- SHA1
  
  8f1d681166025fda670c01f83567b1d7f35c1776
- SHA256
  
  e2c547d2cebe2bfd9172b3a40db8cd80b9cb996acc247fa2bd18f9b5300b848a
- SHA512
  
  d7b320125a8188f060b54a5b8ceb16122d0956b7d0938e579ac45689f8418957f09f94c66d101dacdde84a12c9e309dee95e460fe0dccfd524d9a253bcf57bef
- SSDEEP
  
  196608:bZq0MhC+BTX1QFhjwt25Hnuwf3TWK7g33+QI+0:lqlAuOHuwt7g3Z
Score

7^/10
- Loads dropped DLL
behavioral27 behavioral28
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/CloudflareSolverRe.dll
- Size
  
  79KB
- MD5
  
  80406e5e8caf22ac3ad1aaec6ce05379
- SHA1
  
  9e35560a4acfc389f520ebf5e431e5990e59316f
- SHA256
  
  705bab4da9023768a242b899008ac1ecc5521131a8ce928929c74aff69672e79
- SHA512
  
  e03295f37984bf78948e6bc84c10de8134bde7bf80887fb216e5f45646f5153d17e93d666d74d49effc3baebd280544d19b556f670258b920903e68975a45222
- SSDEEP
  
  1536:bYivK8sVHezgHOtEVVnmG0mC5OqGTiDm7b0YM89TQZKqqKKO2eWu27Jl6i46iBdz:sDHAo+EV4rj4T7b0YM89TQZKqqKKO2e5
Score

1^/10
behavioral29 behavioral30
- Target
  
  SilverBullet.v1.1.2 - Copy/bin/Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  ac4267b870699a799e05b2be2d2956da
- SHA1
  
  bad70ee226a1be3b27ee780888cd8cc78f89c855
- SHA256
  
  309c616209120ee751df11612a8eadd06e8c86e68510d0b31ba21290782516fc
- SHA512
  
  f694e6506229aac78c5c81bfcdf606244fe5bcd7a1d63f6dcbdd5babb2f020ec03415f75af030aa2d574f083fa72050fa8f08d9c03efbeed54cfea05609b9086
- SSDEEP
  
  1536:YLeJYyqw6Yu+tJ9gbYm35KNaxe97LCnbhN:Yxyqwpu+IzOJ97LwVN
Score

1^/10
behavioral31 behavioral32