Overview

overview

10

Static

static

10

Bawless Cr...ss.exe

windows7-x64

3

Bawless Cr...ss.exe

windows10-2004-x64

3

Bawless Cr...to.dll

windows7-x64

1

Bawless Cr...to.dll

windows10-2004-x64

1

Bawless Cr...er.dll

windows7-x64

1

Bawless Cr...er.dll

windows10-2004-x64

1

Bawless Cr...ms.dll

windows7-x64

1

Bawless Cr...ms.dll

windows10-2004-x64

1

Bawless Cr...I2.dll

windows7-x64

1

Bawless Cr...I2.dll

windows10-2004-x64

1

Bawless Cr...or.dll

windows7-x64

1

Bawless Cr...or.dll

windows10-2004-x64

1

Bawless Cr...on.dll

windows7-x64

1

Bawless Cr...on.dll

windows10-2004-x64

1

Bawless Cr...io.dll

windows7-x64

1

Bawless Cr...io.dll

windows10-2004-x64

1

Bawless Cr...at.dll

windows7-x64

1

Bawless Cr...at.dll

windows10-2004-x64

1

Bawless Cr...rd.dll

windows7-x64

1

Bawless Cr...rd.dll

windows10-2004-x64

1

Bawless Cr...ra.dll

windows7-x64

1

Bawless Cr...ra.dll

windows10-2004-x64

1

Bawless Cr...er.dll

windows7-x64

1

Bawless Cr...er.dll

windows10-2004-x64

1

Bawless Cr...er.dll

windows7-x64

1

Bawless Cr...er.dll

windows10-2004-x64

1

Bawless Cr...un.dll

windows7-x64

1

Bawless Cr...un.dll

windows10-2004-x64

1

Bawless Cr...on.dll

windows7-x64

1

Bawless Cr...on.dll

windows10-2004-x64

1

Bawless Cr...er.exe

windows7-x64

1

Bawless Cr...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BawlessCrackedNeural_Programmers.zip

  • Size

    13.5MB

  • Sample

    241221-q3wa8a1jaw

  • MD5

    6555ada478f5009c224e953f030943ee

  • SHA1

    35719dca8ce05441e489d82f8d90debf7166ba11

  • SHA256

    35476eff95efc92ff88a5d35b8f58a46e04d4cba91746d78e6b7a206e44dd14c

  • SHA512

    bc5057d56fac9009f856a3718a243a57381e8ce2021640f96601170122b64eb0575ef8e070a0341aa6f2d5dad7f3fa93e12593c49afc9d839a6ecefa9ae5afc1

  • SSDEEP

    393216:+ylvkZPZo3MMqhaSGJ5UMQX7hAdHYWQvukalUcVotUu65:+K821dJiF7OdHYxmflDV465

Score
10/10
arrowratasyncrat%group%discoveryrat

Malware Config

Extracted

Family

arrowrat

Botnet

%Group%

C2

%Hosts%:%Ports%

Mutex

%MTX%

Targets

    • Target

      Bawless Cracked@Neural_Programmers/Bawless.exe

    • Size

      14.7MB

    • MD5

      2fd36877f3c0f74cb98fdd041c06c5e2

    • SHA1

      ae23f650cc5cdf50676a4e5f0f44fcd2acf769ae

    • SHA256

      c39c732accfafc55f30d9e6cd8352731d66752886c054d75811b1581739b22cd

    • SHA512

      b7389c539e9f360abab37dd62a2a6b019f19d8fc12cde9263e29b2f8143d59d9860e7a93a743d209e544a9535b901a54aa8720eb63324b33b729ec857973a5c7

    • SSDEEP

      393216:72l9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUlF:oT6T

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Bawless Cracked@Neural_Programmers/BouncyCastle.Crypto.dll

    • Size

      2.5MB

    • MD5

      3551343fab213740bbb022e3a6dcf27b

    • SHA1

      de67fb4f9d58db4a860a703c8d1f54ff00ff9b1f

    • SHA256

      5530dff976bc0c889076b97ca695bdb97ef07f63449d32f893ed32398ed8bfe6

    • SHA512

      e90f51053e1d4b0ea1f7458229de92174abf0781c766290da4de5cc8dfcfb730998252bf28b36ca5070978fdcea8b97f0aea6a47b875dd34173643ac0cb46c42

    • SSDEEP

      49152:3CTzhVM0AU5d3UOhq8hmReOUJfd5T3D+VTQlgQeCKbu9kQLO0:GwU5d3vhzhmoOmfd5rqX0

    Score
    1/10
    behavioral3behavioral4

    • Target

      Bawless Cracked@Neural_Programmers/FontsInstaller.dll

    • Size

      371KB

    • MD5

      5063ada08270d629a051121a8ecb4160

    • SHA1

      0e2d0391523fe5595c408507f7b80918bfe23552

    • SHA256

      3c357e4d067d2c9322b6d4a4a691698913a76570982af561c6c9438832f42ccc

    • SHA512

      d9eb54f867ca0796dad47e9ebc5c40ca055a0bea90868220c6ae6dc6ad4d863dab24e38f51284fb33d7733f8034c384c8044946c14d92553a7b3a0dd379ad13f

    • SSDEEP

      3072:BZSayK7cup8yzxJQKhopX4Etl8Q+/EHz8c/TzyGl+qF0HWN/InbBv8ZtSOQ9duOk:D7ccWXPETcr0qF06/0bytQ3uOFXA

    Score
    1/10
    behavioral5behavioral6

    • Target

      Bawless Cracked@Neural_Programmers/Guna.Charts.WinForms.dll

    • Size

      823KB

    • MD5

      70fc3b097dbb077ef99490da7be6fc15

    • SHA1

      030f93bf4ec0774d15765cd556fd497b6b361fea

    • SHA256

      09906a9154b088e3b86909ed960c961e874a07543d6ef44ee2a48142c4d5adde

    • SHA512

      731dc886db45a4f1526897cdb2de6f75107d4a3b8bf82204afbdad01634ffeba49ff0266f02c5be438a47ec244059c537897fbe4acd3f239c81d3208781c99e3

    • SSDEEP

      12288:GCDHQJwtQyqXCeyYECAHAw+cL7xCfaYagqScIsTEHxRPs:GC8JwgyNl3g

    Score
    1/10
    behavioral7behavioral8

    • Target

      Bawless Cracked@Neural_Programmers/Guna.UI2.dll

    • Size

      1.9MB

    • MD5

      c1789e4cf0b77749e0bef8f984f9cd6d

    • SHA1

      cdf9d3f1c45bf294380d59846ae26b9da8a65725

    • SHA256

      d590f05dc6980e4681243e68bda05b7da7952d75d4aa34963c1535f79c8fc060

    • SHA512

      e51e76476d5c46d467bbf92a25471e6525a8ea58a4cca7ee305b295b396cb53650169665979eac0ed9bebb38c74d62c03e2f3b29b70eb6eafaf9ba474fea33ca

    • SSDEEP

      24576:S5lxfKZ9DrFowbpl84NbJ1k+BAeWUo7AHQ/jz31RMIt24:kB4Nb3X6RMIt24

    Score
    1/10
    behavioral10behavioral9

    • Target

      Bawless Cracked@Neural_Programmers/IconExtractor.dll

    • Size

      10KB

    • MD5

      7bcf61e29e5cbcd1b81d9ab72cbfed93

    • SHA1

      d082613177dd1711c18426d4f83921dd932bc7b1

    • SHA256

      2c359ce857982f45b09af49dbccfb2ae302839acf1956e8325e7f854b339a8c9

    • SHA512

      ce84af38dc63374d304d4e3b6c098892588df5ca5e921505c410b2a24ec0137dbc3120bc713cc0e4bf7836c57b7db224dd3264ea454cbfdb1ef78c9ffb19b6d9

    • SSDEEP

      192:vyB0L3vIFktNlrgyLY5ZJeU5cs7hnvR952:vyeL3/gyLYPJR5RJG

    Score
    1/10
    behavioral11behavioral12

    • Target

      Bawless Cracked@Neural_Programmers/Newtonsoft.Json.dll

    • Size

      685KB

    • MD5

      081d9558bbb7adce142da153b2d5577a

    • SHA1

      7d0ad03fbda1c24f883116b940717e596073ae96

    • SHA256

      b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3

    • SHA512

      2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511

    • SSDEEP

      12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5

    Score
    1/10
    behavioral13behavioral14

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Audio.dll

    • Size

      25KB

    • MD5

      025864d133e416f144030cf22ea9f2c3

    • SHA1

      6be2cb2454335f0de00799000f65c5cee796c185

    • SHA256

      1323a7212239513270077e07cb436af721acedb0c21c99b06c163a230baaa50a

    • SHA512

      ccda6ef9847f89e53adaa637c7f762be22506b8b6bd2a5538b6622c33f3244f9c491e39e7df7512b5edced3d0395e4541b182f7da6a254b8891b9d64d71538b2

    • SSDEEP

      384:si+z4JdSCmRO5Gw5ZGuC0CWdseXGKfZ0CDzukNpLQ3s6XXLca78nOtX:7zJds45GwRC63lF27AOtX

    Score
    1/10
    behavioral15behavioral16

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Chat.dll

    • Size

      456KB

    • MD5

      8fc1192cf52f55ed5efb5e12210a37bf

    • SHA1

      dbcf714d0d9b0fe44bdfe2ee150227c2a0e7c387

    • SHA256

      dfa246c2763bf5df442a81128b3587f7bf530e4327f631cdd4dd79106738cf31

    • SHA512

      74603de6069cc6bf02afa5cfc3ba1493240bcb7c74fcbd53219448134b79fb5ebefc1dec61ac4c6a04c56dc6d986887a4a68d87ae1dc07ba6d1d8b8afc9d480c

    • SSDEEP

      6144:CtBlKJ+p4JX0cZsaB6N83r2y/plBWnxfID/uKNlNQ7fOiLXyCrxO9w+KQqxe/tT:CVKTkcZBB6NKbBWnxfIvNr4siQqx4

    Score
    1/10
    behavioral17behavioral18

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Discord.dll

    • Size

      27KB

    • MD5

      b591cff18fd7344243cf8a4eca624a65

    • SHA1

      29f9134bb33d429d27b87e6f2112b6753e1dcae4

    • SHA256

      6a43095314d5e32db307eef638d2f5afea7dd40ff6acda24fc28ce0c1632cb6a

    • SHA512

      ae1aa8db37182a4b8ee06249da6304c1c105adf06b2091cf24b3e79ad1d6d1a6eaab12bf059cd86deb04b7084d563a25d5bbef6ddf7857c1a34fc0e0032664fc

    • SSDEEP

      384:HfzPwa/ppmIwuCfMeSmfbQFFVBdseXG3cGh+JaL6lkSggL5XxXIUdwmuJpSVmlY2:HhGIwhPgh0Jd+5XxjwmuJpSV/I7

    Score
    1/10
    behavioral19behavioral20

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Extra.dll

    • Size

      34KB

    • MD5

      17db58471bf45715ba46b5af7920d676

    • SHA1

      0ab236a6d554597dac8fc40fc3e1a29f905c0275

    • SHA256

      dae673b838de497c1aa8a558d4dd5963d90e8b21538cb0d9adce585ef6fbc915

    • SHA512

      29432c0d19be6ae8c8ab68ab1a7c4007d502222b329f9a0bfb994427f182028aeeacc199dd27334cdc0adabbdee7a07a3d24826ed67b05711c2370a4b7395265

    • SSDEEP

      384:0hfLE8JhqmxGhnGOheE6qCtdKudseXG5JN2ahDkz7R3bu6jUwv5YacMvvp8D5K8:wQ8hxGWCkQuMPkv5YdAva9IKqbnMK

    Score
    1/10
    behavioral21behavioral22

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/FileManager.dll

    • Size

      34KB

    • MD5

      dab76ee6ff2548a9bd45c0e582f4d90a

    • SHA1

      70b0e615c1728aa8198dd4be4899fd883bffa1d9

    • SHA256

      50f93055604c7418fa0e5536afd0b4d535db752b5e7edf588cbc14c1570613a1

    • SHA512

      431f38a2b08c5d9f9914a05eca7a32084b3b33d473cedb91904776417c49d8599ec81c905a857a118e8d6b39a200accd14b1c21a35b1faea760084fd75967501

    • SSDEEP

      384:V/fLIMFZcuWQHBVugXvYhXmovTuC/Jn/KddseXG/htVhD8mouoFFAEFuc0oOJPtp:9pBQ2ovTZ/kdczcFhntYtny1l1E

    Score
    1/10
    behavioral23behavioral24

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/FileSearcher.dll

    • Size

      280KB

    • MD5

      a186a27b6e893b60bf236120a6a329a7

    • SHA1

      9186d71d524f2716c7ad3e934e134aa68366006e

    • SHA256

      a91d0552200064646768b1fcd393568ca6144279ef0543aee6a74c4d11c34f49

    • SHA512

      f5acc60bdcf71eea700af6c6372e68d58cac1008a6fc2850dcde1c59310cb84527725740f646be4a146adde6f0878781101670ce922c3566b34262da857aa847

    • SSDEEP

      3072:OUI94v0G+OSJqB7OOaJOqX8s28ccc9k16uLWcSCSLeNYcEeI/KQ73WmbaC4nRZkp:YKWOaG4X5S9k1zbB6YF6X

    Score
    1/10
    behavioral25behavioral26

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Fun.dll

    • Size

      36KB

    • MD5

      e07004ec43ed994b9a11999145f5a43a

    • SHA1

      00cba09ae5a38dcfdbac1a8cff9cd1fff2c0b3e7

    • SHA256

      2b25c33a033bdc85ea4db8c3ea89bbfc7d1a1dd80d21a1835bba5672759efdd9

    • SHA512

      39948577cf0185ffbda3c2757c7fa746e41a169ca7fa0a3718cc564fbbec439b047bc540fbd5ac59908965424ef11f6564d9795b101bfc58656247e76b0c88f5

    • SSDEEP

      384:T7fLviWK1Xr4GtVmEc6BktslnlrqKQdseXGtrR52bhimwy0Xprnhc4r/f7rpVqKX:fGXFEGtMqS2lnhQk95Z3nhXrLDUCE+

    Score
    1/10
    behavioral27behavioral28

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Information.dll

    • Size

      27KB

    • MD5

      a7670d3509baa51af6566b93b185b854

    • SHA1

      2b322b936eea3dd5414efe589acab3cb49dfe9b2

    • SHA256

      9fbfd1036e579edc9498625e86c45743e4ad8ecf5960f4a87a9402ba1236448f

    • SHA512

      34999ca9b71de6ed4a3cc99177ee472bf90af9282a095d2cf6b05f17e896f518b46382aee021b540f5422c0997680023206b1281013c468a72116cb646a89882

    • SSDEEP

      384:BRfL6mS8ayvHxy63m+tDZdseXGEXNhDYLuA7InXxtXciyxVM6d0PALKz9G+mZ9:nBS8x72+1ZTaIn3siOvePALKs+m3

    Score
    1/10
    behavioral29behavioral30

    • Target

      Bawless Cracked@Neural_Programmers/Plugins/Keylogger.exe

    • Size

      10KB

    • MD5

      7ed065eaead4459e1b802715367b57d9

    • SHA1

      70bb5500f80c3c71fbaf7adaea527c16bfca316e

    • SHA256

      2e6e13e2498910dd511c5eb7a53e29920f8d4bf506df97bd209a27d776ae9068

    • SHA512

      750ffd5a77f74b2d3bbbbbd83ec91b67193d8ee82780c2bb8e389ea844f16c82c693a8696687bb0e2ab87a77cd3794155857a0124f15124957b8acbc47bcadaf

    • SSDEEP

      192:Ctmcuq65SoDxi4maEYbRzmEsLkjgv5JHTCeJYHcwY7fazDZEi:CtlF60GE9rUhVsLF5pCrYyvZE

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

rat%group%asyncratarrowrat
Score
10/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10