umbral | d359af1182f2b7c19d38142afe0ec9986574f879d980d6a5dbdf0446f3ec0493 | Triage

Sharing

General

Target

Counter Attack 1.3.07.rar
Size

24.8MB
Sample

250109-vnvhlaxlhk
MD5

7fed163a2736714d6a442508e513b909
SHA1

890c8743a6ec58b057643fe4a364cd178998173a
SHA256

d359af1182f2b7c19d38142afe0ec9986574f879d980d6a5dbdf0446f3ec0493
SHA512

90130c2d339952abaefcd78a8cba64988b1bf1466fa43243f02b5ac6cff1f9dcd44af6595611abf913e0bc215696fc7f2b26b2fd0c03219c58249017fef07839
SSDEEP

786432:yhYXPfMHHYSwl5z4jiaZXJ0T3jztawZ3Hy8wxR67:yhYXPKozYiaZX+1aAMx6

Score

10^/10

umbral execution vmprotect

Malware Config

Targets

- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/index.js
- Size
  
  4KB
- MD5
  
  e462fb7561f6c9bccb24e62bb93889d2
- SHA1
  
  1becca75907b3ae5fb7de82e0cb495ff0fc90517
- SHA256
  
  ff3fc42d5f912950d1095c43c8edb8a3be63c8eee9db5ca5d39d5668f68f7b41
- SHA512
  
  4e7e83e63195ad0d9d155e3d00e0dc228148c95804d817779a043abe3672087fdc9e038ede8f6510fc88cc283e3d993499cafa8083e5104ccf0360df845acb26
- SSDEEP
  
  96:gFEuLu1uHsWwXphsk/9TLsvyOsSnWX+OsM+3qYsMxiT9:4EMej/ZuyEnWv+FK
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/accepts/index.js
- Size
  
  5KB
- MD5
  
  4fe4d2c90a2fd19d6e97443a7d24f815
- SHA1
  
  282263f45f6bf80fbf43f4097d53b5b60ff1a05f
- SHA256
  
  be2decbd50610e8f995c1e312ee4dd6d7c1244cfdf03ee4c4a3da68e572dada1
- SHA512
  
  c795b7285cc92616a46fd1ad2d00ce65fb4b269e6b6fc35315891d119b7c25b7f4573540be0627d577123201d9cfe119c8a53f0e75a8b6ea870f8d89a130c213
- SSDEEP
  
  96:oYG1MGmGHqyl8rAyBkmqFxo+uerpDWMlB8fdOGUJTit4UG9bCZhPwA:oYG1Xlqyl88yBD+uerRLD0YQ4rcZh9
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/array-flatten/array-flatten.js
- Size
  
  1KB
- MD5
  
  4b17fa06c54846b686b8b799e9dd253a
- SHA1
  
  fc6cc30e8b8ec09eeba62bac076ed627aa3ee8d1
- SHA256
  
  766ca145b6d25e3d60f352a716e8fa1876bcdf362c0767c360cf24f335bc281e
- SHA512
  
  72df1668f464f6942c484155b667086bb6f83f77e826ffcd146ee045079db3334aba270bffb66cdd796d4c9308121ec2a67a404289f19914c45d9a6c15435e71
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/index.js
- Size
  
  2KB
- MD5
  
  b9e991c0e57c4d5adde68a2f4f063bc7
- SHA1
  
  0cb6b9eb7b310c37e5950bbcaf672943657c94b5
- SHA256
  
  9c6c900e7e85fb599c62d9b9e4dfd2ea2f61d119dce5ed69ac3a8da828819241
- SHA512
  
  3bbd31eed55c32435b01fe7356d39749e95f8f49222115ada841e751ad36227e6f427efdc4e8bad36d8ccd37c2e92c01fa67c24c23f52023df8c1e1be1a3b4f6
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/lib/read.js
- Size
  
  4KB
- MD5
  
  c148bb38c59ce266e271c96ab1f2d192
- SHA1
  
  027f3fbd8a5370ddec744d33ec9d594db41f6293
- SHA256
  
  1e9e274755366c39ae70e8b9a7a42fc12219566e67efaf9b7ebc2a8b337f5b6b
- SHA512
  
  bc4779cda1a3b130eb8cf76bb40676046ceb514ddc5c1891d7324776e6188e5d5ceb4c0799cf2fbc007786849ed07903cb59f61ffcac407300eef0a16cb7c498
- SSDEEP
  
  96:1F2ISKMGJ0n9WbOaHSb+IR1+GFQBnPQCbfkZ/OPqgVB9OuCyMQ:1FwZYbhHSb9R1+GFQBICbfkWVBqlQ
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/lib/types/json.js
- Size
  
  5KB
- MD5
  
  6b036408f968978bf9668496db9953ba
- SHA1
  
  af1f14428152576f1c047c3462d26a7feb98635a
- SHA256
  
  44f8b529333004e2aaff6db3a1dbe7068f1ac5fa1173e9634686a78c2262af35
- SHA512
  
  89bef97d3d5d0c8da0f3aa1e178fee1d04eee5200c2f037bd55761a61e6c6a251f7314e82343761ef227a997909f4a0237a3ff5f79a1a7bb9e879a465ab84f86
- SSDEEP
  
  96:1F+Graz+dz1PbSDp2qjlvqzi+QBYwxcG5l+NbkAZiVl7g6A4QYSR:1F+Graz8TUj0mx+wOgybriVZg6ffSR
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/lib/types/raw.js
- Size
  
  1KB
- MD5
  
  acb38e4fe575afaf8d1a257e47c6e362
- SHA1
  
  ea7411ff5a71df8d426322d07103e5894630e29b
- SHA256
  
  4e9cc80a7ee8bd667c68c264b4c374b28e731246ddb6ec22c3968daf837e30a2
- SHA512
  
  157427ad25390339b045b9bb81753709498b69b2cc8b9c918c19d52d1cb4f6bbe5b6b07885d0a7f66ef359b7080dc9a42216f71911b08ade04c1a112192bff50
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/lib/types/text.js
- Size
  
  2KB
- MD5
  
  beb4ada09306f8d6435566d9e88076d3
- SHA1
  
  eda9bc036c9d10f1400cd2e4a8832949671cadc7
- SHA256
  
  54a6e8ef720b06a300b21f6c60387805dec743a64154784a609dfe8c6860776a
- SHA512
  
  5d9c9c6837b9599d29db9b1eb54cd2a4e215feeb028137f31c20f2b02e38f600aa8c02721444dc41d7bfc206ad39a810076853d09fa1e3113b5708a75443131e
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/body-parser/lib/types/urlencoded.js
- Size
  
  5KB
- MD5
  
  906a833480ce8841bfa5aeb95b5c085f
- SHA1
  
  8f74a7d616bf363b78844d3bcc2f554d7c76a952
- SHA256
  
  752717d87aad57451638af2073b04eba964f348910c0bcf0070c43e732de5eb2
- SHA512
  
  7676871dd3012dad0472be51698d9d1677622ba3d392417a41d22ef7f6d7df6c8085516bb9bdc45d4f125815161899aa889d756d18cd41f11e2402e659f7934d
- SSDEEP
  
  96:1F+GrIE8S/wtosB5XaYp2Yy+QBYwxcGw+NbaZMz71LX7g6KspqOJUICK0mMQ7eLR:1F+GrIE8S/wtoGXaUyx+wODybGMz7132
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/bytes/index.js
- Size
  
  3KB
- MD5
  
  83cf8fe86424252c5a9a3e2fe90dbd57
- SHA1
  
  bd46529e5637ff1a659f1d4af2598925b12741e0
- SHA256
  
  893fcbbbe962dc00e40dc2e4b20e76e92d874dd257345003c6575d940e91a37f
- SHA512
  
  f0630152a247cf51dfc677c22323afccc667350a11db093b59b93f403481deba1d44cd78cd53f4c4a3e2df297c35fe54cdc841c10c4667ebb81d3a54fbf56d43
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/call-bind/callBound.js
- Size
  
  413B
- MD5
  
  fda064fefaeb89252271922954d69a4f
- SHA1
  
  7bac1561b456a282abe97cb9bc4e5e0d8a10e769
- SHA256
  
  2b2fce7622fdd680256d28bcd59c30913546a825bf69d754d21a1d21ccc2928c
- SHA512
  
  b0746c9dc90bb513e7d6190470ce0acbb0c2059b97184b9391f581e9a490729669c8479ba8eaafc1980f4e058a396bad11031d048387b5223a7b4b9e6a4b1dae
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/call-bind/index.js
- Size
  
  1KB
- MD5
  
  40109fa1aade9c89c9587e77011f7301
- SHA1
  
  91f8eaf2fba5ee5c36e33207feeceee846c3e04a
- SHA256
  
  6b4ea26f8ca351cee55da416500ffca72fdb14eb5909f1512ce8ca68e47d7621
- SHA512
  
  d308a91b496c9fbd2db7d8b907d660142172342e990755093d892cf2b8382504119593bb83882f37db71e925803c37b9b098edc748f09eb6dc3f84b8dcc28f9b
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/content-disposition/index.js
- Size
  
  10KB
- MD5
  
  43a307ff7de26dbec523ec966c434f94
- SHA1
  
  ed7f187b72a7b1f81d113bad5aa9347c242120d5
- SHA256
  
  e86a88a5d1a9dd74faa753ca4e47a78e38ae930f3206e5e887cf6cb0ad70cbf8
- SHA512
  
  79c073d3f0dea6c1606029b9a476cdce30ebbfb7b6ca95935a2e3f2cc97e70f3f00dbe8b7067beea78dae120f4941e60a7aa26592cff18e5cdf56f335127092d
- SSDEEP
  
  192:NnPSCe5ZBHNVzX1t6/khk3bnEm+4qcVupDAGJvyAJK:NnPSD5ZBttXbMqenircgDAwrK
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/content-type/index.js
- Size
  
  4KB
- MD5
  
  4781c7ea0309edac61c3a36e3ea9da10
- SHA1
  
  1b6e7e8d1963ce958cf0f225223fadb5ef12f86d
- SHA256
  
  7d76ae0f8ecc0a8c053de97b0f695f3fa3df33f692d1bd241307995304e5f63d
- SHA512
  
  d458f8962f44ec30bf519a54aef063960d9cac2a954493383fc2ef46781c3244740f18c7daf1821b4e0babbd56b356228f7247ce40de9f3276de91a71c66c78c
- SSDEEP
  
  96:CJFvvhHgqZlI8IDzdlalSqZf/gf6GosMySqUqMGa9Nw+j0i8L:CJFHhAqbI8IdUYVhvJMG6Yii
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/cookie/index.js
- Size
  
  5KB
- MD5
  
  db5deda6183845891fe9b5667cde042d
- SHA1
  
  ee23ab87c951b0d3e3cdf1d6072a126a84491335
- SHA256
  
  9fd02358eabdf6c27b388dfdff94061655620a352253bfc5b01ee4cc30ca36b5
- SHA512
  
  1b6957f2ef28c5d4e14e02e8d6fea08d7210c0f2eb9de4788799fcc57d806998448622145ca45f0f605db447d97be982c62211535bf421d8c02d9e384e7db339
- SSDEEP
  
  96:sdChhqAp9V3vGycd6mDxj64MRHMqwa+8g+3ndAVVJiN9B2RQhAh++xctZt1Y1JzI:G+hqmP3ObxlvodnwRQhAU+it9szI
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Counter Attack 1.3.07/Editor/fileaccess/node_modules/debug/src/debug.js
- Size
  
  4KB
- MD5
  
  74bdccf347345d27fe8a4ac3add99c60
- SHA1
  
  a2b8a915c86fc750f56a7137860f19ec1182ee21
- SHA256
  
  d8d1c1d6c387ab67c3f28d78fd0b20b9becd69442db9d3efe110ca464b509c8a
- SHA512
  
  c2d47efee2a4442be6375d623f46b4c7ee9552c132b9229eb284bdd98629edd02664167805b0af9b3faaa9b1906e9ed0c5e383396d4995cef7051f9a450e1b99
- SSDEEP
  
  96:TlGI0EEQUGReeJ57vPukDprmTC70WWnuOV123LwdVVktI15wHlL6ci6:JR7Jprp70JX23KVVkWsHZ06
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

vmprotectumbral

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32