Resubmissions

31-12-2024 03:26

241231-dzfp5ssjer 7

31-12-2024 03:23

241231-dxrpmavmfy 7

31-12-2024 03:22

241231-dxckps1rgj 7

31-12-2024 03:18

241231-dt4j1s1qgj 7

General

  • Target

    Nueva carpeta.rar

  • Size

    27.1MB

  • Sample

    241231-dt4j1s1qgj

  • MD5

    6e078e2e9289d78f4660f36d65c9327f

  • SHA1

    9c20e120ea4e2c3cd19df50cee05b839c42e547a

  • SHA256

    48fe545d10166c4aea48252deab4a043abd56b758aed8439a5f1479d18ae6944

  • SHA512

    b6f8550d7064519dd7487bade6fb7f9ea68e0c6786e17a74c285553327c18ab6663a069b692890747e99e29fb952c70e8ff3ea13c491d8747d5dbb1e26f60f3f

  • SSDEEP

    786432:GLcIo8H4RQLIQxYF6Zbq0QSNrjM0qzcFrS0Q4puKS5nWhh:j8YRQLfxYF8e0QSNkN6FQ4AKrhh

Malware Config

Targets

    • Target

      Nueva carpeta.rar

    • Size

      27.1MB

    • MD5

      6e078e2e9289d78f4660f36d65c9327f

    • SHA1

      9c20e120ea4e2c3cd19df50cee05b839c42e547a

    • SHA256

      48fe545d10166c4aea48252deab4a043abd56b758aed8439a5f1479d18ae6944

    • SHA512

      b6f8550d7064519dd7487bade6fb7f9ea68e0c6786e17a74c285553327c18ab6663a069b692890747e99e29fb952c70e8ff3ea13c491d8747d5dbb1e26f60f3f

    • SSDEEP

      786432:GLcIo8H4RQLIQxYF6Zbq0QSNrjM0qzcFrS0Q4puKS5nWhh:j8YRQLfxYF8e0QSNkN6FQ4AKrhh

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      Nueva carpeta/Discord-Token-Joiner-master.zip

    • Size

      3KB

    • MD5

      174ae01f2c742de32a737d71e7ab6a18

    • SHA1

      cfe6020fd588bac259b2d711a4b4c409be304333

    • SHA256

      4d330de4cd281e28ce39e9da9a44f73c5bcc0ec256983c0b1f51eed2fb293943

    • SHA512

      25d092cd5447379ec0aa28d5a88168c12f8313b3fb1686504c89d814cccce6a18e9d68c14cf55a8c73c49f56c19e09fd5474edade486ea0cc987b4817618f833

    Score
    1/10
    • Target

      Discord-Token-Joiner-master/.gitignore

    • Size

      1KB

    • MD5

      6482f9d8254f7f75af96c66a09031e65

    • SHA1

      b631f2309e68ef3414a77d3005ae3e870a477d07

    • SHA256

      79b6f8054f8ef5e9e78c18174bf57caf29b11410166b9268d6923e87520eb88f

    • SHA512

      673b8cead9a670bc38ea28a57573198cfaf59de370cb3b626a47f3db9919c598cdb3a9f33594024f266b24017bc7273d5b77fd917801a2d2335fa9bbce21e13e

    Score
    3/10
    • Target

      Discord-Token-Joiner-master/LICENSE.md

    • Size

      1KB

    • MD5

      0c643b6423e3e3f78deedf5022d210f5

    • SHA1

      0ab416c3e175b4d45ccabfd27abac5e3c25bb452

    • SHA256

      91b25287d54651b302fbbe2107ff53a8ac18e210ddd074c57de912eb7420f52b

    • SHA512

      a367f4cda22cca53a177808a8be5f46c8c6b74f25c97c4d5bf2c88eea2d2793655974c959795f4c471be1fbc39978aa26557bc8c4208419b4c71e83598d08c0f

    Score
    3/10
    • Target

      Discord-Token-Joiner-master/README.md

    • Size

      107B

    • MD5

      6b4e55c8a2c92e5c953125925ffe1b05

    • SHA1

      9121315f728a7327ca01c4087d2ffa21e827373a

    • SHA256

      7e87a6f58d87ca8ce9aabc512150783bdde605580d993c95b34ae074b2378890

    • SHA512

      120601b464a026afe042b041f3d85fd4e22c5e8d0b34fa0fb14beb3be4be4d906f681ed31e4d1410b459ec666c6e0e44be2a6728cf5010bc25df231f4a79b4ce

    Score
    3/10
    • Target

      Discord-Token-Joiner-master/main.py

    • Size

      746B

    • MD5

      58f14c91101db143b0a90fdc8b1bf9b4

    • SHA1

      e3abd4d335d709118b615100cf57e648e9cd2b1a

    • SHA256

      b88dd5fea640870cc0ccbe582db0aa3fde782ce3978c76fcb5cf9425102ea919

    • SHA512

      683cc70a60867635a4b8473e71a3c5f47e9de1387e49da540dd031437e1fac67de2d9d859f708eb555922a8be19a7d2296460980d6ff4d322d5dfdc6cfac52db

    Score
    3/10
    • Target

      Discord-Token-Joiner-master/tokens.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    1/10
    • Target

      Nueva carpeta/python-3.13.1-amd64.exe

    • Size

      27.4MB

    • MD5

      90176c0cfa29327ab08c6083dcdcc210

    • SHA1

      cc0bcf37414be313526d63ef708fc85da3b693b1

    • SHA256

      6b33fa9a439a86f553f9f60e538ccabc857d2f308bc77c477c04a46552ade81f

    • SHA512

      5940aae44386f3622dee3f32e6a98073851a9f646da6bf3e04f050b9a9239e0ddf50b26e5e125154edc5bbebce7353d273950f1111e4ca5f2b4e2e4a7ac7cf92

    • SSDEEP

      786432:fKScWFPQmn8ZNPeBvm1+MS3gpir9K8X+a:CcJQS8aBvm16gpGvX+a

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Network Service Discovery

      Attempt to gather information on host's network.

MITRE ATT&CK Enterprise v15

Tasks