6c203a7d1ceab938a6c72e2266ded146f66ba88e58df4c70d89722d41f950e53 | Triage

Sharing

General

Target

rc7_stuff.rar
Size

13.8MB
Sample

250107-ve2wba1phr
MD5

ded6054c1abf5026defeb9fe86deafc5
SHA1

dfcb7f4c2cefe65a7d519d64f7ce72cc84463310
SHA256

6c203a7d1ceab938a6c72e2266ded146f66ba88e58df4c70d89722d41f950e53
SHA512

4babbbe04caa0f5f4566ac63c4897679060cc1046c2dcf1be75a9110f5ae96317c5655b6a03433c6643413c62a5d147ba130c76356525b2ab90d725add440c9a
SSDEEP

393216:5u+kxkj4h5nr8Jh5O/+wRWkU33P/+wReFU0U:5YZbrEbrwRWz33uwReFU0U

Score

3^/10

execution

Malware Config

Targets

- Target
  
  rc7_stuff/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  rc7_stuff/Debug/bin/vs/base/worker/workerMain.js
- Size
  
  149KB
- MD5
  
  9eda556b669e115930d8434cd352afd5
- SHA1
  
  4a8fea4c4c0350d10ff94040716db9c82b8fe5c6
- SHA256
  
  dda7ee8a09221430497686ef9cc21f61a4df94227e449b6fdf9d8f5a43cb0276
- SHA512
  
  5603c5cf5bb2e6909eb32caa64b389f54e15fe1837a5a2a11a83a31e5bafef0d7fe484725c7fd47334a1de2c3137cc75f7e4e8d87a5f99e8a85a7f7f69b7fc28
- SSDEEP
  
  1536:Ar9vMs2Cnvm7TH+fvY8qBBDi2Ogchj20gX52TXIvTWaUPa8o6E3zawQmnSloDJEk:uc7TYgAuWQz8lMJEgCNCiQD3hSq
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/bat/bat.js
- Size
  
  2KB
- MD5
  
  48ddb0176f926317d58fd552ff561b0a
- SHA1
  
  e85c30316bd2a1af5fda4971ded584b0d200a489
- SHA256
  
  ca4fca59d052bcb2bda04fadc23db118e873c5d638801ead17dd727e5042f84b
- SHA512
  
  7539de3c0259f5ea2540ba8b6c31d3cea6cc576b7d972065f1d3ff81073742147bd5b4834f25f753fbda741cc351b1d6a4a1d03afaee86925532fa1315abc0c7
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/coffee/coffee.js
- Size
  
  3KB
- MD5
  
  bfd06da8d566505831ce6adaddc66b65
- SHA1
  
  bc9f3ad9403ed5665dec71ba1cff8f2203931293
- SHA256
  
  e1ef3fb1065f428b9fcc36920df707b4676bf1d4d26936cf4edc4f1a300bf8dc
- SHA512
  
  078287029ba282be569d7cf8260faf9c45a8e3e47a3a86692bb9f6d2b130182c0f80bf8730dcea55f9df9b77590e9fe32ea612c87dfba5081dc2bf706c62c654
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/cpp/cpp.js
- Size
  
  5KB
- MD5
  
  a348c8180e25105330eab904b576cca3
- SHA1
  
  78c5644bc45888af58cf89ae70ad39d9dd6ceaa4
- SHA256
  
  bbb4c65f09d15ff7ed15aa7dadd50c5edecbcc3e23ccafc3f1039b4c28dd0cc2
- SHA512
  
  862911cc00d5824a1b2669c0509409e597f487469b352fd8aba611b5b2decedf1363eb7218dc38d34384b80c943d8a01ab6049986dca78ab6d8012abb94f901b
- SSDEEP
  
  96:hkDhsL3Rs1rbV1+gqVV1+/LVb9ZRC2seM6jjz13MwVcEghhb6Yw76wGcmvRBNIs:hvL3ArTOcVv5M61h8hSeiYL
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/csharp/csharp.js
- Size
  
  4KB
- MD5
  
  3ec403ab5f76d8b06a6b7224083d83bc
- SHA1
  
  0116f6b705f9b8d01edc8c99eeb0d5534e95bc3b
- SHA256
  
  82f97fc6d20fbcd7f9e5a34dd2d21cbe1f2365445ec4c69ef4124fc24fd42180
- SHA512
  
  c7b65b7be2fa9100e72c414c98dd86db25498e6a4db31bbbfae3f7231af54fbb50214fa8bd763f93e095ae438c0dbaf9a4e7701dadf8c275aa95de47f0276590
- SSDEEP
  
  96:hkDhsL3Rs/x+rbV1+gqGV1+hmQuq1cBh8b7gj8/pLxb6J994wGcKU7dYIkI:hvL3k+rTtPsRXpw9SiKUJGI
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/csp/csp.js
- Size
  
  1KB
- MD5
  
  da14c4fbc777b164601b5257acdd5b2c
- SHA1
  
  ddbb800e3885436c31841f4dea8fe1017069f037
- SHA256
  
  3c5e0eff17aa7aee4dcaf3525806f3fa18830dca5fd02f735b04ed89fa00bafb
- SHA512
  
  5458efc8dfbd19cd847f72acd1fd06e2ffbac19a47858337282e2fca784c423b15ea4f811e0e10068e9f381b6f9871cc33c0b3beb0ad99d9e1154163c7212a3e
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/css/css.js
- Size
  
  4KB
- MD5
  
  aa54f7fade1667fdd571df95d8c359ec
- SHA1
  
  cd6b260ac40de302742c2fc45093df5d13fd8009
- SHA256
  
  6b811e1852f161d374095c320ccde9ca9438b851940883f10b0160d1b3f0f7e7
- SHA512
  
  2bfbc37e0b99a5f2d0e7e9e61eb64b4a472c6d9083bcceded88ea57d41859a5d537eb7e007a4c72307edbe61a38099fb37f3f56526bcba146ce91d819875495c
- SSDEEP
  
  96:hkDhsL3RsazIq+q17qcq6V1+/aMj1cqTroIrqjKf8O3lzXY0Jc:hvL3Rzv9VmjoOf8O39XbJc
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/dockerfile/dockerfile.js
- Size
  
  2KB
- MD5
  
  da2936e53190130a0d2851d0490eb99d
- SHA1
  
  991cac4cf191de4a856919275221659c4274289f
- SHA256
  
  21aa6fe27c3d7bfe45cc8020ed3c8c3ec76a0c5c34cccaecc18e6720b4b2d85a
- SHA512
  
  0a8e6f0a6a0d72cb165dc261a0e5786d66a553ed944b0c5ea4313bd01bab11f637ffc17fee87419bea1ca64df9c59cd86fbb97d08b4e52eadcd6f9752b693726
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/fsharp/fsharp.js
- Size
  
  3KB
- MD5
  
  a2eeb7bdbd606cbee39bb6a2e0d790bc
- SHA1
  
  3e5352cf23dc3129dda59da76b0d851aef6d3c6b
- SHA256
  
  4f63148d13b0115391b334fafc96053de73a962a5b88ee4a2cf0d2d76f370be3
- SHA512
  
  2cf1606b05becb71f4613b92773df58ed9f1aeb7c8e03d975c2f917e30d66a9dcd790cdf07b60f8e911c94e026fbac0f208a149bbaff6f34b64cc36cbdff18d4
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/go/go.js
- Size
  
  2KB
- MD5
  
  8db39054accf35ca387c2c817fcc7889
- SHA1
  
  0be8c9c4fb77e160bef6aff5721292e23a339c48
- SHA256
  
  32c7a09e8d0f2523432aaeb1e2e7f56aa85fa5540cd7ae8316adb2ad9cda4baa
- SHA512
  
  6cceb25024f815c9f59eb00fbc117dc6a6d32f6fc9db65773542f9a96b1db4d750cd711cdaaeae2036fb1b1c0db544d1703255867d49944f327c60cb0fa88ea2
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/handlebars/handlebars.js
- Size
  
  6KB
- MD5
  
  6cc1da6ab6552d50c93a9ba60de23dad
- SHA1
  
  5f1878e239dd28096c714fac46df69e17afccef3
- SHA256
  
  da07c5559d516c54e72753e83849d6e3eb5fda56ca9508499eebe3120933cd55
- SHA512
  
  970e1886af6de7749a408b02cf941a62e5358f6b69ddc54f4bd45d8c02a4f6549487a8a23104cc146931e2dbeb2af6ab4701a9bc48334acd7003b33c44db73b1
- SSDEEP
  
  96:hkDhsL3RszITV1+/I/+B1BerJzlWK2BZwIBTIwbcdg6EHpf4Og6E8S6g6EB+FpAA:hvL3fbYbQRld2BZ1O0p4OE60+dMZLDs
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/html/html.js
- Size
  
  4KB
- MD5
  
  0ec6d8469d1664582cfecccc0faf50ed
- SHA1
  
  49b72aa3c2da375ae2e9e485b55a004ba8800a61
- SHA256
  
  5e888548d9e9b9448489fef9d2863d1e027d9460e430dd4444a38913730b4957
- SHA512
  
  b6f276c1b5f1ddde907c4ecbc30e64ff48116f9fde1dbb09a2f2d509666d72dc066495227cd5330066a4bc0949e24c20c28c343e5060b4b3639453f77e9a9874
- SSDEEP
  
  96:hkDhsL3RsBInV1+/6mQVV1+HBwBRl0GSytHd6EHaK4T6Ef6EByyEhcKMgEQEJWf:hvL35P+4+GLl0GSytHLaK4ccKM2
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/ini/ini.js
- Size
  
  1KB
- MD5
  
  2d878a74911585053b5dec50502a9c24
- SHA1
  
  28fb5c32ba9b82a3e7ac479cb25124fc11eb18a8
- SHA256
  
  1241417ffec5e23125cb9777f047d0add131bb9c39d7f33ed5dc1e70c001cb83
- SHA512
  
  09c27ee794934a8bf8251dddecf2bee264185f6451378541da7edffc5d83c77cd71a68281f2fda71d462807a5c2d4677148b99cd5fb904b9a4fca204c8c84b21
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/java/java.js
- Size
  
  3KB
- MD5
  
  658cc3a04401446b5a1db4b135fb5765
- SHA1
  
  44e85e1218c6aeeb753a34abdfac5595afae47da
- SHA256
  
  e0fa5e4d0a241ffd71a883dfdf2eaf5e77701d19c97fb7fb1c7d499389ce6381
- SHA512
  
  fd7a5ce94c0feaaab748c597e58fafbf673d232c742f57bb9190b7c13300f19e25995eadc1e6470d79b5b96e66d9510a82888f80e0eeab40600993d859032afb
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  rc7_stuff/Debug/bin/vs/basic-languages/less/less.js
- Size
  
  4KB
- MD5
  
  1cbb96046d68e2f1f53f9da51572eea7
- SHA1
  
  7f26fdea8bd0585c19450d6bec8844d253c6449b
- SHA256
  
  b944d265ceedea9dcca9863c4ead9c061d35386b341cd2cc9ee3279b5f625399
- SHA512
  
  01ad57ca02cf8813d3df454261e8156144d162ff53a3a2fa7c83a0e2a534d428d5edcddc4144a9c4045cb2c07a6e4a1d14f7e878223f3a3f3082dec194191ed1
- SSDEEP
  
  96:hkDhsL3Rs36rMq+q17qcq6V1+/v+ufj1cCzBbu/2nOgeJamEulIHrraW4NUa:hvL3W6rr9PuhlzBbu4OLaDuKqW4NUa
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32