35b3393164c065c7108e0f1af636da335c26acd71234677d8ed796425d297fd7

General

Target

syphra (5).zip
Size

5.4MB
Sample

250101-d23mpatjcv
MD5

c743458ebed7718a4e3bf573013e4598
SHA1

455887a78870569b0b9d09aa3017164e56d86929
SHA256

35b3393164c065c7108e0f1af636da335c26acd71234677d8ed796425d297fd7
SHA512

82406adcd46d0001db656262ecdb214550185d61f557d0baa91e013afd2c88bed5f405ae06c40f7447f7a8628d0c473e21a3e48c31a3e91098d3e1ecb0f64127
SSDEEP

98304:EkkNfLQQY+lmp0BbW+OwzFeBCnGOChTcU5AQ6YYJNiGwPW6uBnJkCd6lqX/Xw2M+:E9LQl+EMkBCvCpl5+XiZe6u8CdW4g4d

Score

7^/10

Malware Config

Targets

- Target
  
  syphra (5).zip
- Size
  
  5.4MB
- MD5
  
  c743458ebed7718a4e3bf573013e4598
- SHA1
  
  455887a78870569b0b9d09aa3017164e56d86929
- SHA256
  
  35b3393164c065c7108e0f1af636da335c26acd71234677d8ed796425d297fd7
- SHA512
  
  82406adcd46d0001db656262ecdb214550185d61f557d0baa91e013afd2c88bed5f405ae06c40f7447f7a8628d0c473e21a3e48c31a3e91098d3e1ecb0f64127
- SSDEEP
  
  98304:EkkNfLQQY+lmp0BbW+OwzFeBCnGOChTcU5AQ6YYJNiGwPW6uBnJkCd6lqX/Xw2M+:E9LQl+EMkBCvCpl5+XiZe6u8CdW4g4d
Score

7^/10
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  ArcadiaLauncher.exe
- Size
  
  5.5MB
- MD5
  
  74746a3e6e8c63d116b2fbf91ce44973
- SHA1
  
  ff17f397eb1690aa62c32a197a65df2d6fd55e00
- SHA256
  
  809d3f3619b9dcb494de762948b29f5c6a3bdd201fa0dff7f7733bff4940a840
- SHA512
  
  c05bbd57d235e7525fd5ac026df7bc3ef21695566f2ecb9464e95259ede828d6706a875e88734351137139dc86ff2329673ca9260e2cde682a294913cccfea55
- SSDEEP
  
  49152:Xr0V6+cnKH86Fqzfkk4PxKOdHn68xPTuEFKjM5BbVKz47RUwm2iImmlPJmG9mh2h:hW6L4AzV3k5Be6pipjD4iz
Score

1^/10
behavioral2
- Target
  
  ArcadiaModule.dll
- Size
  
  3.7MB
- MD5
  
  582f6c30efc88adf84fa95c19e834ae3
- SHA1
  
  043f18870a396f8102c03ae103ff1667b1e7c655
- SHA256
  
  425f1642998abf772cf5229cd45008c0f79d97ba3a0bdb2d2979ff3ae03d0db1
- SHA512
  
  a566c07800fdb0129b2d9aeb4ba4c6a2cd01a7a35b81285ab640cdb3ab68798891b63b8a1d2e312de63b2a5ddbabeca779507146f640d59689b3b8d96bc62338
- SSDEEP
  
  49152:hztNo5jIomha36kABZeTpRbKF/yVRgE+uEreYfWKV9bu/eG0vHnbE1U9ErG5:pfixmQDI+RgE+uEreYfHu/24185
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3
- Target
  
  Syphra.exe
- Size
  
  1.6MB
- MD5
  
  46630830806724602b9dd8111c6f1d98
- SHA1
  
  5324edf8bf5b7c94cac2d869d31641b7557b6701
- SHA256
  
  cd45f87c82da868ecd184676d9bf1e8b4cbb5216052920e34ebb04d0591db35b
- SHA512
  
  e8b73474dada6167d5428a872031c566131d0a1187be846a455644decd442e610ea10e19b7484395b4791006c9c64988e7ab5cf0e8c0b01d69509c64b9c4b462
- SSDEEP
  
  24576:iN1wFnsg060BRUROR+rC7Yg3kzSAnhkqjVnlqud+/2P+A/t2bQUv2gVbAdf:AwFnqoukzlhkqXfd+/9A/M8PgU
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral4
- Target
  
  updates.txt
- Size
  
  115B
- MD5
  
  8291bb5285561025382e13f4156a0054
- SHA1
  
  2f161b32947d5087340e9fb20cd9ce1d2648807b
- SHA256
  
  9fc6235bbc40288e1a696e6a99885d47850f19078437455a435220676014b25b
- SHA512
  
  7ecbbffeaa442ad9a4b707df14be05a12dac5e1bb865df01aef334c3d7efe4386e22f5bb22d9a9c86e7cd560c783017f4f74dac65ff6fce8cd114a90be3d039a
Score

1^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Legitimate hosting services abused for malware hosting/C2

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

We care about your privacy.