5f774265199963003626cc554a6bf1fad54a4e0796c363c89533d15e7c2d1cdf

General

Target

casaclonerr.zip
Size

8.1MB
Sample

250328-tbq4zax1ew
MD5

067dffd0df113d8ed8342c0e6b5db7df
SHA1

a21e6b573517c9f0d423d5603c445f5e2cb2b243
SHA256

5f774265199963003626cc554a6bf1fad54a4e0796c363c89533d15e7c2d1cdf
SHA512

b34e18c340852be793fbc1a9e986cdde1297fa881c3dc64c38f8a50e2764e8860035269af92f7a6aebf6a7bfee6c57c73a02698600e1a21ed5ea9ff4836777a7
SSDEEP

196608:Y0gcH3qJsBMDQaLn84wEgName0paeyn9VEa0jFDlmb7F:XgaVB4QaLStsn9VelmN

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  casaclonerr.zip
- Size
  
  8.1MB
- MD5
  
  067dffd0df113d8ed8342c0e6b5db7df
- SHA1
  
  a21e6b573517c9f0d423d5603c445f5e2cb2b243
- SHA256
  
  5f774265199963003626cc554a6bf1fad54a4e0796c363c89533d15e7c2d1cdf
- SHA512
  
  b34e18c340852be793fbc1a9e986cdde1297fa881c3dc64c38f8a50e2764e8860035269af92f7a6aebf6a7bfee6c57c73a02698600e1a21ed5ea9ff4836777a7
- SSDEEP
  
  196608:Y0gcH3qJsBMDQaLn84wEgName0paeyn9VEa0jFDlmb7F:XgaVB4QaLStsn9VelmN
Score

1^/10
behavioral1
- Target
  
  casacloner/Lofy_Cloner__Casa_Cloner.exe
- Size
  
  8.3MB
- MD5
  
  66e6140ba9e19c29529dceb265b17b41
- SHA1
  
  fefdb348596c3160bac45888d56e6e940a452907
- SHA256
  
  bded5cf8faf4c7ff8a7582538cd325da029adcae50b14f38ed4dc6adabc5673b
- SHA512
  
  b0a26c3d34e1f1043e06ca759d645d10c7b1ab6f05a1d5e1788714b0d568c27f2763450f2af608cf01c7947dc7f55cc403dfa3355d51c45227f2951e4d5a6944
- SSDEEP
  
  196608:GJi56vBAoiL2Vmd6+DNnNgwQ+dtLZ7k30szjad0tNNlezM:GIL2Vmd6mZNjd7NszjJle
Score

7^/10
- Loads dropped DLL
behavioral2
- Target
  
  main.pyc
- Size
  
  4KB
- MD5
  
  b248370c84e395334b5db2c23a31a406
- SHA1
  
  d724fd76f738e45295dd0ec67dd494364c6560fc
- SHA256
  
  71504675c785aed3d14ceb0ec19ac736e1d663a60a2be3a10fb7e3a483884acc
- SHA512
  
  03b4ca392cb07a7f615eed7a322ee913a1d74e4be33525d8158bd6a615019569fa48f40b6140f4990ec2bb385c90ceb5bc88dff9fd8bd53df9685eb82fb576fd
- SSDEEP
  
  96:zRAapvy2IqrvrtUHnPCf0KiqnPb4Rv6qvPrQZMWTwfLRPoOYua:N7HvrtU2Z6vxv8Zp0fVPozua
Score

3^/10
behavioral3
- Target
  
  casacloner/casa.py
- Size
  
  9KB
- MD5
  
  3f3924e78aa2b42958588134c00f61b0
- SHA1
  
  01903d8ecb0b49c76d77091f7b96261a92287c1d
- SHA256
  
  97bc4f2a0b1456b75c830d66e4d0b4dec02c8112ed1d53f98fa1e25c0002fd93
- SHA512
  
  9f026673b0b8acb703c568a270c9f1a74b516a40486539de269140e0fc29b26c0d5dd7fe48a6778ee9c9096cb033f0fac802e5a7c18a9831baa2e8a16cf99c13
- SSDEEP
  
  192:9B5PQw7HLqGyRx1JqGKVQCr68IEqG2Q4bm53l4is:/5PQwURxGQp82Qvzg
Score

3^/10
behavioral4
- Target
  
  casacloner/main.py
- Size
  
  7KB
- MD5
  
  b612a542c83987bf74575c829661eaef
- SHA1
  
  47427bc1dcac885077f235916dfd56b05545a9ae
- SHA256
  
  f369e9f681260c6fb1fa3bcdc1e527adaa949b07c350ec159737c6755a3fe999
- SHA512
  
  d16f3a52ebd94510986e57f41cc3ff917d855f63263fa8cb9a31e20437c1e08f2a5232ba69dd59593c34a4ba43cc6ad28a23319d2783db23dfcde69ef50b8ec0
- SSDEEP
  
  96:uaGyUZ9KvrnUHrhPCfEKi52nPSmHLbZR1xu:CyUGvrnULEUDmHLbZrxu
Score

3^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5