Overview

overview

10

Static

static

10

2023-07-15.zip

windows7-x64

2023-07-15.zip

windows10-2004-x64

2023-07-15.zip

android-10-x64

2023-07-15.zip

android-13-x64

2023-07-15.zip

macos-10.15-amd64

2023-07-15.zip

ubuntu-18.04-amd64

2023-07-15.zip

debian-9-armhf

2023-07-15.zip

debian-9-mips

2023-07-15.zip

debian-9-mipsel

Resubmissions

21-01-2025 13:41

250121-qzhkyswlhv 10

21-01-2025 11:32

250121-nnph1s1mhx 10

17-07-2023 11:46

230717-nxgvjacc3v 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2023-07-15.zip

  • Size

    189.3MB

  • Sample

    250121-qzhkyswlhv

  • MD5

    871c86319c5e3f4455a22a4c45e915f7

  • SHA1

    002f20619e0b1c4d8a13e4b62eac1f67749d135f

  • SHA256

    71f8c272463987c3323776ba0b07f2c500410b5aa8a1a50ae32f3e213d02413c

  • SHA512

    6bc3ffdf508f06c547926d8738b331733fd7b8311c4032bf69f2d39b29ec940dacf28a86fd6a5ef4eebf8d45304ea231394197031b769b9d227412119bc41f43

  • SSDEEP

    3145728:M6ObR24gnVYy9g4o3WLi+MI+g2h0t+KnW/GS36JmaVpZOkyXnFJFxx7iCODt6cGm:WbRxiOy9gBWLHN+g2h0gKW/VKJBVpYlC

Score
10/10
amadeyasyncratblackmoongafgytmirainjratredlinesectopratspynote6286bccryptodefaulthackedsoraunstableandroiddiscoverylinklinuxmacospdfratthemidaupx

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

7.tcp.eu.ngrok.io:14936

Mutex

3d164dab2977f776fc409d5b9c25d22e

Attributes
  • reg_key

    3d164dab2977f776fc409d5b9c25d22e

  • splitter

    |'|'|

Extracted

Family

amadey

Version

3.83

Botnet

6286bc

C2

http://77.91.68.62

Attributes
  • install_dir

    a9e2a16078

  • install_file

    metado.exe

  • strings_key

    222b69c5017792146aee774515f0a748

  • url_paths

    /wings/game/index.php

rc4.plain

Extracted

Family

gafgyt

C2

95.214.26.108:666

209.25.141.223:18065

Extracted

Family

mirai

Botnet

SORA

Extracted

Family

spynote

C2

vbxx.mine.nu:8003

Extracted

Family

mirai

Botnet

UNSTABLE

Extracted

Family

redline

Botnet

crypto

C2

2.59.255.145:56586

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

largo777.kozow.com:6969

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

Mutex

DcRatMutex_qwqdanchun

Attributes
  • c2_url_file

    https://gamer.tattoo/HBSMR3

  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      2023-07-15.zip

    • Size

      189.3MB

    • MD5

      871c86319c5e3f4455a22a4c45e915f7

    • SHA1

      002f20619e0b1c4d8a13e4b62eac1f67749d135f

    • SHA256

      71f8c272463987c3323776ba0b07f2c500410b5aa8a1a50ae32f3e213d02413c

    • SHA512

      6bc3ffdf508f06c547926d8738b331733fd7b8311c4032bf69f2d39b29ec940dacf28a86fd6a5ef4eebf8d45304ea231394197031b769b9d227412119bc41f43

    • SSDEEP

      3145728:M6ObR24gnVYy9g4o3WLi+MI+g2h0t+KnW/GS36JmaVpZOkyXnFJFxx7iCODt6cGm:WbRxiOy9gBWLHN+g2h0gKW/VKJBVpYlC

    Score
    3/10
    discovery
    behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6behavioral7behavioral8behavioral9

MITRE ATT&CK Enterprise v15

Tasks