Overview

overview

8

Static

static

4

package/Pr...el.exe

windows7-x64

1

package/Pr...el.exe

windows10-2004-x64

1

package/Pr...64.exe

windows7-x64

1

package/Pr...64.exe

windows10-2004-x64

1

package/Pr...ll.dll

windows7-x64

1

package/Pr...ll.dll

windows10-2004-x64

1

package/Pr...64.dll

windows7-x64

8

package/Pr...64.dll

windows10-2004-x64

8

package/Pr...re.dll

windows7-x64

1

package/Pr...re.dll

windows10-2004-x64

1

package/Pr...ix.xml

windows7-x64

1

package/Pr...ix.xml

windows10-2004-x64

1

package/Pr...se.xml

windows7-x64

1

package/Pr...se.xml

windows10-2004-x64

1

package/Pr...80.xml

windows7-x64

1

package/Pr...80.xml

windows10-2004-x64

1

package/Pr...90.xml

windows7-x64

1

package/Pr...90.xml

windows10-2004-x64

1

package/Pr...01.xml

windows7-x64

1

package/Pr...01.xml

windows10-2004-x64

1

package/Pr...ve.xml

windows7-x64

1

package/Pr...ve.xml

windows10-2004-x64

1

package/Pr...et.xml

windows7-x64

1

package/Pr...et.xml

windows10-2004-x64

1

package/Pr...l7.xml

windows7-x64

1

package/Pr...l7.xml

windows10-2004-x64

1

package/Pr...00.xml

windows7-x64

1

package/Pr...00.xml

windows10-2004-x64

1

package/Pr...70.xml

windows7-x64

1

package/Pr...70.xml

windows10-2004-x64

1

package/Pr...90.xml

windows7-x64

1

package/Pr...90.xml

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AppSetup.zip

  • Size

    113.2MB

  • Sample

    221008-gpypraedcl

  • MD5

    e942698e0523f048c35425c37080f9ed

  • SHA1

    685a53f3bb83eba6ca13bf804dc211c3a1bdc565

  • SHA256

    e2bae85cda82589d5dda7835c71aef169dda99a4fd27048350906d48db43c348

  • SHA512

    bd409a70625a900374707fc0c7cd635e09e329ef0fbbb55f95740181b40d958e00673075b61d521e84d1cadf9f858a03e57759c9579a7f1d5c6744a3e669596b

  • SSDEEP

    3145728:4BWkfAz2CJyHBWkfPBWkf5z/zpCCCfyOy1BWkfzzlCmyWbdB:tk0hk0kxrwkXHdB

Score
8/10
linkpdfpersistence

Malware Config

Targets

    • Target

      package/Program Files (x86)/ASIO4ALL v2/a4apanel.exe

    • Size

      6KB

    • MD5

      21626ffae5a122daa94a2822f225b301

    • SHA1

      f844f22a31da173717efee29e89694266a98378e

    • SHA256

      00ae1d1a986c6f6b70d92c15417db03d4e35cdb8178f2abb388c8b22974f786a

    • SHA512

      64ced3bd75babc01cc1c0567dbc24333b1f18d9ddda5b82fe203efcbd5dd1e126450d346e94d1ff2c9e6d57750e1bcef19b352341fdc9d0fb05b2554275229bb

    • SSDEEP

      48:iXnPyMjbfu57DDc7B6PnpxESdnEgF2b4k+bkguj6witxH7GLPJZWmtL4Hggb8:lWju1U7Qfbxd12bKnCDW1f

    Score
    1/10
    behavioral1behavioral2

    • Target

      package/Program Files (x86)/ASIO4ALL v2/a4apanel64.exe

    • Size

      6KB

    • MD5

      861265483c1d6bcaacce89ea743c1976

    • SHA1

      983ac5c87f531135b6c64bad182ff6cff65439f2

    • SHA256

      2933beb43caf5d8fb3ba422630f99516abebb7ca8b8ba6371cca51d6cb6d67b2

    • SHA512

      6e2443fcd7ed9fcb8e1fe024078581962f73eca3d50688e76b52e8f340d267aaa3df745558ddaa2a07a8ab74f46e5cff9495ae63fcea4b9057ebe997de3200a0

    • SSDEEP

      48:iXna6Xa/TQIHsDeooiIAeqBaPiSdnEgH2b4k+bkgMjKwitxH7GLdtpZWKtpvGtg/:yigDe9JqQbdX2bKhCzWEGl

    Score
    1/10
    behavioral3behavioral4

    • Target

      package/Program Files (x86)/ASIO4ALL v2/asio4all.dll

    • Size

      115KB

    • MD5

      de9b771e11a5800254354124e16856ee

    • SHA1

      d86ec1217077f65bdae1bc207ba16ad5ed98feaf

    • SHA256

      f53f755e8ae24f9e6d1b925bf32702cf4bd0a92511f87d6c3503830a1fbef9da

    • SHA512

      ea0c022843997c05d9d542479dc8c32e6df9bb0e936b1d3e12aeba3ee46b45cee059e640bc0fa777535befc1cfb9d08cddfc32c6090999c19a4171cf479ababd

    • SSDEEP

      1536:ZvzplGOrgSF1HpH01/n8Cx3TzN9CVmkcu32hl:xJjeRDu32

    Score
    1/10
    behavioral5behavioral6

    • Target

      package/Program Files (x86)/ASIO4ALL v2/asio4all64.dll

    • Size

      142KB

    • MD5

      74edb1ea4bee5a60a683b5bb801f3574

    • SHA1

      55b62e45e7cf3e4b7255c1f3841c886394c8d851

    • SHA256

      5564e99ce1d0ec73e762156af09e3d22bfec7af6f1bdcabe81e64825c7ca53da

    • SHA512

      ff6b8ff3f7f68e2700591991a1b862b2c3311a349c27c0facd0a0277c6394e905162f0637ab48eaa94515af29700d2031838cdaf997f7d6c0d521e3a20114266

    • SSDEEP

      1536:DbF0z8pabtCmKHCZm8d4vzi7YetKrZECd/dUgRqXxJkCVmkcu32h:vJ8d4m7YrZL/y1Wu32

    Score
    8/10
    persistence
    behavioral7behavioral8

    • Target

      package/Program Files (x86)/Common Files/Propellerhead Software/ReWire/ReWire.dll

    • Size

      1.4MB

    • MD5

      2f3f103405dec980cfa432ea93f92321

    • SHA1

      4dc93f9aaba768a9c7d0473168831fe15d48fc85

    • SHA256

      5b2c3a6727e4d1fcadec1e1ea0fa6055d1d041a52211cc75c2b0330f6a1754df

    • SHA512

      4f7704bd77e336c11cc96f1dd45e2f4e98d78421b12696b89b887fec17027d543de0964177cc40114edb8c5b16b148ad24bb6e5bc9a09fce23f7daa34db5eb8f

    • SSDEEP

      24576:uFxEKn67lrLcZNOHMpOn/rG6V0xmPyMbNzb:uo7Fg/pC2xm6yzb

    Score
    1/10
    behavioral9behavioral10

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Informix.xsl

    • Size

      30KB

    • MD5

      f0705d58ba0e87b39a10007ffc89229f

    • SHA1

      f047c86c0369ddf73542b8ba5f87c9408c479bbc

    • SHA256

      4ee631f87c0d47431c3c5539f0dc15cb1498c0bbc59578dfb80a9aeb52e2f0c1

    • SHA512

      1524387ce7e9e118b6999f9c37027f09ae131141216c02ecde873a2c244a49ebdd6dbcf386f1964aab7e8bc49b5c79d83544466aee41c048c84c843e921aa60a

    • SSDEEP

      384:51qG0T8I9S6J9S6KS8Y54prHGWjY/mnM/Ic9vwz8bG:DqVT8kqrHzTc9vwz8bG

    Score
    1/10
    behavioral11behavioral12

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Sybase.xsl

    • Size

      28KB

    • MD5

      d4e1c1857c1d6076f1d834117366b493

    • SHA1

      944c638434d23e96412847edef53a5511b84cab8

    • SHA256

      5d7343288b243f6c15bbaf8df36281327ee7dffd238dd950372132f1c9eaa8e6

    • SHA512

      e25e5a5678fe9cba7be7f7b4e71d3403e03fee6b052de5b432e3d1d93c815405ecefbe376a96bbb7ba8f804a6ce21c4c5fe00d0ee4036fb7398af7311949f520

    • SSDEEP

      384:5XLXu0ToI9S6J9S6KS8Y542cyRyO5NHGiYwfDjY/AnM/Bwz8bk:lLNTokdcyRyO5NHdYU0wz8bk

    Score
    1/10
    behavioral13behavioral14

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as80.xsl

    • Size

      16KB

    • MD5

      5f0e99e5ef22de817ce03f49e1f79133

    • SHA1

      3eac30d1fb959f7991c90c3b8899193ae89020ab

    • SHA256

      5f0d3eb64451fcf4fd48498fdaffd87bb84f04bcf4026b01cd98f7bd65ca0261

    • SHA512

      8867ddce42be1bcdfa1bfdf127796f7292cac9bc2c612e05b917bfec63ac35336581cf4bca7c05bbfacd8109a7803b7d926a9c0780387c6dafefe1e5115ce2b4

    • SSDEEP

      192:YG3EzDI9S6J9S6KS8Y54BuALWYb5QebGnekGvz8MAT9n:53EXI9S6J9S6KS8Y54B9WYVynpwz8bZ

    Score
    1/10
    behavioral15behavioral16

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as90.xsl

    • Size

      18KB

    • MD5

      7d790f81a8956dcb4bae349e930f1417

    • SHA1

      1c259afc49947c43100fffbacf6613b6b9d521ad

    • SHA256

      7b94cbed75c13123739c8312dfeb1373edc6e10a71b95615d95ce872a710d923

    • SHA512

      0b71fbc76b2c422c57f384246a21a6e8ba63c8ac6761fbce53623cb0a20f815197116b1e05a1e4b6a73e6bd6e0b703e1a4b7db3aa15ab5438ceec70c79d4c49c

    • SSDEEP

      192:YG4EzDI9S6J9S6KS8Y54B0iuALWYbmAkebGnekGvz8MAT9n:54EXI9S6J9S6KS8Y54B99WYqDnpwz8bZ

    Score
    1/10
    behavioral17behavioral18

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/db2v0801.xsl

    • Size

      28KB

    • MD5

      0f0dd9c711f0080a7389cb98ec8b7e63

    • SHA1

      5035fbc4ed4fb31a7b15f3f6dc0ed903c992fdbc

    • SHA256

      7ac6f9de83d350313eac33c2ef08432057b4e6d76fc3e916dabd8494d2e6094e

    • SHA512

      9477c5052e674c8fe98ed32f0dfa4e21f7cfadd4f628579bc48bd0e8c5d060bcde5f26fa0763e31ad16ae592386244797f825ae13c902da623d19a1d40bc3604

    • SSDEEP

      384:5hkEXI9S6J9S6KS8Y542cyRvNEffPFlDGAYwf2jY/UnM/Ywz8bC:PkEXkdcyRvNEHPFlDVY9Fwz8bC

    Score
    1/10
    behavioral19behavioral20

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/hive.xsl

    • Size

      94KB

    • MD5

      cad3dd46a534ea5a7e2d165ef2f9cdc0

    • SHA1

      47f2982803c0091cd570ffef9d6d44289c4e0aaa

    • SHA256

      479892c8f5def1c9a69705766b4dcf62dbb89978ae55c44577dfbfd9145d673b

    • SHA512

      f478312589f1f7cf1aacc90ca02a7bcb63583f03b8e68bb491b241c72d62e2a9ad6efb346493ea2036930ae1daf35e0db8be18b615990afe50cbbba6992b483e

    • SSDEEP

      1536:eXqkdcyRsSWlSTQf3TlDaqs925Uo1o5omoKomoptUkAv:eXqkdcyRsSWlKQf3TlDawtbAv

    Score
    1/10
    behavioral21behavioral22

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/msjet.xsl

    • Size

      28KB

    • MD5

      ca9b3364e4a3f3530169a9c82f214542

    • SHA1

      0f1b007d1f274773c6242531366e43b7d444116d

    • SHA256

      22640bc9fd44885fbc959930f523e657d59c9cc5d1b847ad08e9e7ac7115b384

    • SHA512

      8e541fb2b6cdff7d98fc47f356f9e58633e8e2391f748809e97be212ec0b2cd578322732223daea551a467e9486a329d6c1da89cb1c3ce1cd6131b45d20f2743

    • SSDEEP

      384:5ljbIUtuERI9S6J9S6KS8Y542cyR3nff0NGAYwfCynM/jwz8b2:DjoERkdcyR3nH0NVYeMwz8b2

    Score
    1/10
    behavioral23behavioral24

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/orcl7.xsl

    • Size

      33KB

    • MD5

      69efd1c266511f8ab64385235c3d54b2

    • SHA1

      94af77e0d2116c263e5798e0fbf7410df4333eb3

    • SHA256

      0374baec5b67bba27b929ce1bfadb009cbfb10d67632d158fbaf8b6b941d5b6d

    • SHA512

      956383dbf08fa9d9618f403ff55052535b946c261afaba86d3fe52651c409b05789581c231091944f803eabcf26870b6de86aedc1fcb481f18ef6633caf476b7

    • SSDEEP

      384:5xrkkbx3AoEXI9S6J9S6KS8Y542cyRyH5kr3lDGyYufDjY/0nM/hwz8Da:b4k2oEXkdcyRyH5kr3lDJYaEwz8Da

    Score
    1/10
    behavioral25behavioral26

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql2000.xsl

    • Size

      32KB

    • MD5

      ac29c853a64282340ef729348b8f1d67

    • SHA1

      302686cc7c3fe0a66a3ed4256a962426ea9786d4

    • SHA256

      e4ab45c17b706f7689e7c854f7b95b14ceb7f445344253e1e062498b19196bfb

    • SHA512

      a3abc6c6eb93ed3dd57fb144eccd5313f4df5622db337c5a6151c752aef2befe21aaaa854d2e84d083e6ecf4168906f568380402695231f44bafdd4cc3e7f797

    • SSDEEP

      384:53l2bYjk3EfI9S6J9S6KS8Y542cyRANEffPaWlDGAYwfDjY/AnM/0wz8b2:5l2l3EfkdcyRANEHPaWlDVYU/wz8b2

    Score
    1/10
    behavioral27behavioral28

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql70.xsl

    • Size

      30KB

    • MD5

      28613764f23b04317f087aa8cf1747e1

    • SHA1

      75dfbe3f9876aceed493418533f4ccf951f56dcc

    • SHA256

      6220b3d98a88405d80c868a33e446e751ee2f537b2a80e99049e6939284a2d99

    • SHA512

      44d4141dc490684e5dc9d9e0301548402553939435ad86c67211d94de9ea2cea76041004be4446ff47d710d76c46311d2e7ab7f17b1cb445731df353f4532ac9

    • SSDEEP

      384:51obYjk3EfI9S6J9S6KS8Y542cyRXH5LWNGAYwfDjY/dnM/0wz8b2:Lol3EfkdcyRXH5LWNVYf/wz8b2

    Score
    1/10
    behavioral29behavioral30

    • Target

      package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql90.xsl

    • Size

      95KB

    • MD5

      7bcb78a5002bafbb8ebd1b3d3ea7a56c

    • SHA1

      27b495895e189bb26ba5bb884dce933131485acd

    • SHA256

      a0b013c7d76354298b4b9c5293634da45ef971b8f013e0e2d49ce1c6fd326d18

    • SHA512

      482fc566d875bf08bcc554907084218686bd8f4c8a2f395db509fc2473e8a5f56577a6a6d9cee6a8de6b31d4164d8e32babc22bad327a0c8747d90cde1153d41

    • SSDEEP

      1536:9ZqkdcyRoiSHSTQf3GlDTYfq0QKUo1o5omoKomo7v2FAv:9ZqkdcyRoiSHKQf3GlDTYfRvQAv

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

11
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

pdflink
Score
4/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

persistence
Score
8/10

behavioral8

persistence
Score
8/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10