06341e54d1f4da8c7bd37aa0577e99bc9d75aed2ec17facbd4bf0fcda6d6be8f | Triage

Sharing

General

Target

default.zip
Size

235KB
Sample

250218-azyn6swny3
MD5

6f407da1b60fddaecee26f5ed847a629
SHA1

9ec5acab7a41c15c2f566ed18ecb42625dc603b0
SHA256

06341e54d1f4da8c7bd37aa0577e99bc9d75aed2ec17facbd4bf0fcda6d6be8f
SHA512

0bc982de2c9e4a3ce31a69f53ee2a0628077202f0b43c7109b14873c4f57ce5c487516421eb68e08b751bb489b8ab0beb1c54dee04b90e899b8b8d25cdaf5ccc
SSDEEP

6144:SBH9ZnoZPUa3IRH7/ssXchYDJKHhzgEwSnMOmYxth/3MeUuQGW:I99o5UeSHDiqUzdwSMOtF3yHZ

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1
- Target
  
  Discord Webhook Spammer.exe
- Size
  
  34KB
- MD5
  
  84e1a3a4f6b0141d85c3b386b67bbf1f
- SHA1
  
  e53550201472911425f36e53f88d01570d983c92
- SHA256
  
  84715e149cbe36f475ac4ed59f5b6e843079296807a6c11a3e97e541e4be93b1
- SHA512
  
  5f2dd8d3f0338157fe02f91048be36e13a60deb95ba172beb1d27b7b4d57d03312ca3084aec78e30c977311acb4307f31bd2a8f156be5b25bd8a034f81077305
- SSDEEP
  
  384:bW//25X57pwEVos/0hgfWlZIKINQM1616B684//ZX705ar2i9VDOA55l4cszRoo/:C6pmbl4lwNLrvx55l4/zm6Caij0UNW
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral2
- Target
  
  MetroFramework.dll
- Size
  
  345KB
- MD5
  
  34ea7f7d66563f724318e322ff08f4db
- SHA1
  
  d0aa8038a92eb43def2fffbbf4114b02636117c5
- SHA256
  
  c2c12d31b4844e29de31594fc9632a372a553631de0a0a04c8af91668e37cf49
- SHA512
  
  dceb1f9435b9479f6aea9b0644ba8c46338a7f458c313822a9d9b3266d79af395b9b2797ed3217c7048db8b22955ec6fe8b0b1778077fa1de587123ad9e6b148
- SSDEEP
  
  6144:M4S7k5hdCpU4YqfkUGz6KpQQZQHDXjNCdOZgLdL5DXBK:M4S7k5hdCEQHP1Zgj
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3