merlin | ad69e83f7ff54cd47b06f55e2ec55612f64ca77f5e8b6a77ce50fb588ed66eb7

Sharing

Copy URL

Twitter E-mail

General

Target

HydraDragonAntivirus-main.zip
Size

161.0MB
Sample

241226-2228xsvjcm
MD5

ed9c3d341d6319a053dca0bf81c8c739
SHA1

dda313415becadc92ed54a6a54d0c862d3c48ca6
SHA256

ad69e83f7ff54cd47b06f55e2ec55612f64ca77f5e8b6a77ce50fb588ed66eb7
SHA512

ea99fe140d671ad4c4f190262cb3f5d6a90a78088f3a67b4f3a54e8e005d811ee3beabd8e9ae70437a307e6ddc8e081e66619137d7329050e28b0c3dcf210533
SSDEEP

3145728:Ex1XA74YMuCFYow5KsGBT0qY/sVicbrj6cCPi5e6vyY1Yvpp:Qw74WZPY1x0B/sVicvjtj5L31YvT

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion

exe.dropper

https://bigblog.at

exe.dropper

http://lockbitsup4yezcd5enk5unncx3zcy7kw6wllyqmiyhvanjj352jayid.onion

exe.dropper

http://lockbitsap2oaqhcun3syvbqt6n5nzt7fqosc6jdlmsfleu3ka4k2did.onion

Targets

- Target
  
  HydraDragonAntivirus-main/website/fullymatch.py
- Size
  
  1KB
- MD5
  
  ab27645a3ba4fdc2ee97a8e2d88fe140
- SHA1
  
  b1f1f962a01a918c45a70578daedc5450e65abe6
- SHA256
  
  1a76f36dca4fe49b8dbfc0b82dc3953e44f9b85346374f1d4e1f0472f48d941d
- SHA512
  
  5b211ba60be178a629745e777f8058ee9a9c3447e87b2d140e741f4f43c5159441add8e38862b75ae0d12e1854b397338f870df021c1fcca8d005c4375ce7c8f
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  HydraDragonAntivirus-main/website/hydraupdater.py
- Size
  
  811B
- MD5
  
  38afd731ff251406768b957ba37b2abc
- SHA1
  
  069819413b22442e89f64f7293462582e4973ea5
- SHA256
  
  659b7ce420f2fc177f0b9f57873a391e4d57e62ebe8e6e0fbcf4bc64aca1b17f
- SHA512
  
  fc75a17c14735702f7afa5d3ae3f17de38c3ea5c8f3f68e23f56e9cc48eacb73d17cdfcbff07a3ed5f4b7cba1d3526c1c76da6eac646fb4d0d4f3d551db5e335
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  HydraDragonAntivirus-main/website/nochracter.py
- Size
  
  561B
- MD5
  
  fd55e6a7a416698308cb77d1c9e385ea
- SHA1
  
  13beba55f5e2ec8a3998d01c59ca509a53ec0fa5
- SHA256
  
  837a74459c486c1d90bca950a2561a1d1eaff734275222f11ca12472eb4cee7e
- SHA512
  
  4d8d28c6a9d6a1706e3158ab3d8c9f30ac4d1fd84ca9cc61256b43718b73fad2f1cc5c24760473f39cc01e21c7e127214e17c7ae8c0d908eefea23623609da97
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  HydraDragonAntivirus-main/website/theunknowndetector.py
- Size
  
  683B
- MD5
  
  088a4e219f877a6c930d9212162d42c5
- SHA1
  
  c3f52c0fa1bd04c48bbcb0a5688376d02dbfe945
- SHA256
  
  121e662036a6f01082344150092a592c26e05734ce5043bf61d3af96841deb75
- SHA512
  
  2fc20713c761d2756e50c09392e65686027765a365915a74cca5cedcfbadb6c98dfb76d874922d6ca2a0b70cf20da0831ca3d2592f1c8fbfea068d92a545d32a
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  HydraDragonAntivirus-main/website/tools/containsnothing.py
- Size
  
  766B
- MD5
  
  16040cdd909b5566ea0007550fae96bf
- SHA1
  
  f1b39f6864c0b6df204315b0d70e24f652b014d3
- SHA256
  
  5f25b6bef7cd649995fcd1e75fe585a2e8f1c981ccc081395f1416c665dca670
- SHA512
  
  59e758685ed5f5df19bcfb6e46befa5ac264c316a252113f914447dcbca87e58f96c67662ad183a63a644f8d40cc7b450f93475decc9b7c5986657f98f1d9e52
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  HydraDragonAntivirus-main/website/tools/domainchecker.py
- Size
  
  1005B
- MD5
  
  f3545e4fd91910f9399496e3b3a4bf57
- SHA1
  
  bc7e4e767a425660fc11fcd2d260513d84a5a9a1
- SHA256
  
  9b9ebe36ed7d85bc24445d174bd97e849a3a155bcf3082fdc58c5d935b7f5881
- SHA512
  
  616590695b2a84578b4294660afc235fc1d2b72eb706a5aea62ea7c4391285894aeb4fd2e3f211f88731693ff914e349ad75d6f61754819b038b6137afdaee6f
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  HydraDragonAntivirus-main/website/tools/noipinodomains.py
- Size
  
  1KB
- MD5
  
  8086322e2fe5bc1f517a3a3e9d566c7a
- SHA1
  
  c0b3413808507692b9f8fc15c5fad4ac35b50c9b
- SHA256
  
  88598af23540a9f62f1d977b1181624dd32a3a61c9bc052645b62a19dbc6691d
- SHA512
  
  7b8378c12ac081f39ae853f0fb7066a3af42e8ef0c6473df7bd4af20d0e4b6b066af1ababbfed03a1c63868981b1566bb5beb598f62428f04a8f45ba82e9c8a3
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  HydraDragonAntivirus-main/website/tools/nolocalip.py
- Size
  
  895B
- MD5
  
  2524b6809921a3ec948f3854e036a5a0
- SHA1
  
  4bf9caa604b5de7b1d996fdb17345e56a3f0a595
- SHA256
  
  e214ea6b05e113ecfc290d056d050a637035a2d1f9b426be1ecc631f5e2c9d2b
- SHA512
  
  d5543972f0ed0281e793ae7fb69164e0f8ed62dd00c2c245f6e10fcb25cf614715fce6cf354d67c79cbf90679cfa823a3363f6faa7024e829d87807f79cf7caf
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  HydraDragonAntivirus-main/website/tools/problematic.py
- Size
  
  560B
- MD5
  
  d47c501e8aaaabf886ee6f3bbefa38bb
- SHA1
  
  7e72db3040a07e232676a0cca8cace821794feda
- SHA256
  
  5efec26ab8525a9bee23e5ba15b515e547e5c0815848667a85c39fcc3ef9daa4
- SHA512
  
  cd8fac531bfc5f66e4e05b5b6e58e287eb2e46ac7c6e00512d18d0174060b5c3fa965dc2edf2b1858b656eef3e028af4e46fec99c0c00b14b2f2c0c93edcce57
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  HydraDragonAntivirus-main/website/tools/removerunwanted.py
- Size
  
  863B
- MD5
  
  1bd8558881d6be382426c28d9cbcdad5
- SHA1
  
  e146523ca5f3f7d915eb3484b2a24cd2488e4e4e
- SHA256
  
  6b14764e47f37ff478f90001a74f15d9dcf41ea37f1ac0cdebf4e106334acb58
- SHA512
  
  a5fc78689d34354e9e05bd6389fc51c0c45f524c223c0fae8a577ea51c584016fe198f60f0ede59c27874359c8ab479fca796288ddd2f0eb340d82f8d1545c1a
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  HydraDragonAntivirus-main/website/tools/removeunwantedchracters.py
- Size
  
  651B
- MD5
  
  5524de435a7d175c4fc891dfdcee1f98
- SHA1
  
  8c43d41d8d30093ef5a3cb79b02739ebeec6d2bb
- SHA256
  
  135e54f9eb1ea5731eb99e65926118d699ad79104e9b513429580250309e3844
- SHA512
  
  ff7d5750116bcafcb58dd4a8a33c9d063e112a08ab248d63fa40f9ae91a5ee1fd90a9c858ee1a6ad27407e729553e91294ca1eede95df83177cb037906fc6733
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  HydraDragonAntivirus-main/website/tools/trashing0.py
- Size
  
  376B
- MD5
  
  6a4099dd88201bab75eb9972077c1bb5
- SHA1
  
  db26a8faf92fe5cbdc65a31f7cad93039502f67b
- SHA256
  
  f5222c18bb67484a2928b0cb79f3b40e6924a59461f3c984198b69bf1b8ecb8d
- SHA512
  
  0cdfbe77b82e5066f8db21457fe16d908668ad05959453a45419f9a8d4fb8d53fa4d53095769095543979cdd0a9bb46eeac08cdee9cc65b09563f2299cb87b1e
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  HydraDragonAntivirus-main/website/tools/whitelisting.py
- Size
  
  2KB
- MD5
  
  5ba115b806a628f87bd35f7271d3e3b1
- SHA1
  
  304169f166acfead2873fdb224a04db5ba73aba9
- SHA256
  
  bdc1773bfbe1994145b67789a30eb55fbbda0034135047f8eda4fc554cf288e2
- SHA512
  
  cb386404fb53192d4de25721c62a8584daed34473454267ff0b71a8adc3b65775ca4bed64489985b1f66a6298bb8b2cc28341eacdbe451bbcca56de4a2010435
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  HydraDragonAntivirus-main/website/tools/whitelistingrecheck.py
- Size
  
  2KB
- MD5
  
  d95a6aff31609383cc79c21afc4a9efb
- SHA1
  
  baf1fb049aa240a4e79b9b8d053c382b11278ffa
- SHA256
  
  19503f009fba3932a6ef3c435de192a2b94fce1699c4ed2eed8683d26160450d
- SHA512
  
  18412277e9c408acb884f9794e01467b7d12ac746f49181c09cbe6d58c51600a2cdc1f4e10134845904582461765d164df44177ef03f03a42546bc02240e39c5
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  HydraDragonAntivirus-main/website/tools/whitelistking.py
- Size
  
  410B
- MD5
  
  1c1fcc18fa6a66f51cba2254bb7920e8
- SHA1
  
  798b5ea90393a7af8df5777b5f1ee24df9efa7b3
- SHA256
  
  529fbd2278928647c7210bf834b5764471de8c91aa3b63ac8d296069d60d10f0
- SHA512
  
  44158fc4fbe06f720bc3abc951030e98acfe9c87172e2eb69be65c0477e01ca16f65ac5803368f10d4de0f725b9762619d58dbdafef7305719f3967aafa2f359
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  HydraDragonAntivirus-main/website/tools/whitelistking0.py
- Size
  
  515B
- MD5
  
  733628b594d5b28e3477b8a4acb5a195
- SHA1
  
  d7d04da601cdccd7ac59c364565dc6471397aac3
- SHA256
  
  a0ef8cf0ecf4598705d1cf4824d0c35759101b885d0ae32391026a77bba6f516
- SHA512
  
  aca0ecc398d80e548975cd58f53fed4622c16ae6f860517747cf76ed9580e642b1d95ecde2bc4ff889f453dce4e44441bec8490ce87167cec9decd8b654e363d
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32