f1595d131565081a1f69d10f083b75aef447f9230901f51b35885a7640952ba4

Sharing

Copy URL

Twitter E-mail

General

Target

Email_Access_Checker.rar
Size

3.2MB
Sample

221123-gsa3vsda76
MD5

7718fd73fb256583291909ace8fd6052
SHA1

56a797ea97cac1bd1dc9c3c9a5954818355f9aa9
SHA256

f1595d131565081a1f69d10f083b75aef447f9230901f51b35885a7640952ba4
SHA512

807e76b4a1466df0b90733be8e2d5f90629c454c1f784e75ce3b0ca431c4b7f6d0ef4fc184ebf71b3998052e6337c23cc0e94acad5ba3b3ec046758895bd1ad9
SSDEEP

98304:3VRHnkTgDw34Q/XNJKnm9WocC/2+ziS6R/zW4KpCwjTTujRD:3VRHkE8p9JKnQWrQiYpTTujRD

Score

7^/10

Malware Config

Targets

- Target
  
  Email Access Checker/CheckerBasics.dll
- Size
  
  16KB
- MD5
  
  8e3cd46a43352a4b9db1bae60a500d7e
- SHA1
  
  bae7605f5cb276f059df38c201957774a014d824
- SHA256
  
  4f13f13adcdd5edfdfb45e85d90e34c13f93abc5a2b18eee1ac673aacd45b3db
- SHA512
  
  51ee9f1340f0bdd9725f498e5699e15fc066d94300f3d11142ffdc241341d1399efb48ff73349a9beab77b092e9d04cc1605fd1978737dbdf8a479de69310278
- SSDEEP
  
  384:msrH8A5daZlZZWW5MVYg/Vc28cHNRDJWJupJcJ:O7IDYspy
Score

1^/10
behavioral1 behavioral2
- Target
  
  Email Access Checker/Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  5f3d2cfbc21591b8feef1efa3e59a4d0
- SHA1
  
  15d1ad963a13b6c8ae28c26e7dc1cc3da2bc3bb8
- SHA256
  
  f31d4fd7e729fc6cf4ecab972b6b1ee897918a325b1ca572030966f831e768fb
- SHA512
  
  05135188c3b75cf642e4e1e833d01c24d2ce2c2b1ae71b0edf048e453a4716226d7af582365d2f6ab803b4b0fe83ce67d4c39125963fc50d597c30e56ae74a2f
- SSDEEP
  
  1536:hLeJYLqthWMjfBiRlijZFgWHdQe9nLClbWG:hxLqtQMv7d9nLqCG
Score

1^/10
behavioral3 behavioral4
- Target
  
  Email Access Checker/Email Access Check.exe
- Size
  
  1.9MB
- MD5
  
  99eb3228318a00cd6923f0002eaf931f
- SHA1
  
  7e163e32d0cd804688d59a5c5e5aec4b46f24330
- SHA256
  
  86c14abab269af86eec1959271e17a800c75a4d71e0984fbea26301e2c30f11a
- SHA512
  
  4ea76dd089079c3f54a8d04553cc3bfc40081320499a531a3a1a9cf4b9e399d9d15f854af30de040618532f2a8cdc22a08c5f3a5c1642ddca51d7addcfe7d1c5
- SSDEEP
  
  1536:O7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfcx/kiO:Eq6+ouCpk2mpcWJ0r+QNTBfcxk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  Email Access Checker/Leaf.xNet.dll
- Size
  
  131KB
- MD5
  
  c56de89f88b5e8203a637fc0cc1fa0db
- SHA1
  
  9363f349cede784e4df71cc10800ccf24198d5a2
- SHA256
  
  5f4938c1140be5e19f0bfd0fe9838dccf8554db781c56482660aa7dc751fb4bb
- SHA512
  
  ebdf518847197be834fbcb3f48235364ea6590880d28bb0de889d136699616f564caa7d0fafa0925bc7d2897c19e6c13b940863bde107b46e7ca42fd8d5d84f6
- SSDEEP
  
  3072:uHeYr3uUsQkelHrlYJ0arx0y0M0M0DngSYJELx/aZhttaM/yR0l:Ke4uUsQkelLllaroLY3
Score

1^/10
behavioral7 behavioral8
- Target
  
  Email Access Checker/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral10 behavioral9
- Target
  
  Email Access Checker/configs/CheckerBasics.dll
- Size
  
  16KB
- MD5
  
  8e3cd46a43352a4b9db1bae60a500d7e
- SHA1
  
  bae7605f5cb276f059df38c201957774a014d824
- SHA256
  
  4f13f13adcdd5edfdfb45e85d90e34c13f93abc5a2b18eee1ac673aacd45b3db
- SHA512
  
  51ee9f1340f0bdd9725f498e5699e15fc066d94300f3d11142ffdc241341d1399efb48ff73349a9beab77b092e9d04cc1605fd1978737dbdf8a479de69310278
- SSDEEP
  
  384:msrH8A5daZlZZWW5MVYg/Vc28cHNRDJWJupJcJ:O7IDYspy
Score

1^/10
behavioral11 behavioral12
- Target
  
  Email Access Checker/configs/Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  5f3d2cfbc21591b8feef1efa3e59a4d0
- SHA1
  
  15d1ad963a13b6c8ae28c26e7dc1cc3da2bc3bb8
- SHA256
  
  f31d4fd7e729fc6cf4ecab972b6b1ee897918a325b1ca572030966f831e768fb
- SHA512
  
  05135188c3b75cf642e4e1e833d01c24d2ce2c2b1ae71b0edf048e453a4716226d7af582365d2f6ab803b4b0fe83ce67d4c39125963fc50d597c30e56ae74a2f
- SSDEEP
  
  1536:hLeJYLqthWMjfBiRlijZFgWHdQe9nLClbWG:hxLqtQMv7d9nLqCG
Score

1^/10
behavioral13 behavioral14
- Target
  
  Email Access Checker/configs/Leaf.xNet.dll
- Size
  
  131KB
- MD5
  
  c56de89f88b5e8203a637fc0cc1fa0db
- SHA1
  
  9363f349cede784e4df71cc10800ccf24198d5a2
- SHA256
  
  5f4938c1140be5e19f0bfd0fe9838dccf8554db781c56482660aa7dc751fb4bb
- SHA512
  
  ebdf518847197be834fbcb3f48235364ea6590880d28bb0de889d136699616f564caa7d0fafa0925bc7d2897c19e6c13b940863bde107b46e7ca42fd8d5d84f6
- SSDEEP
  
  3072:uHeYr3uUsQkelHrlYJ0arx0y0M0M0DngSYJELx/aZhttaM/yR0l:Ke4uUsQkelLllaroLY3
Score

1^/10
behavioral15 behavioral16
- Target
  
  Email Access Checker/configs/MetroSuite 2.0.dll
- Size
  
  305KB
- MD5
  
  0d30a398cec0ff006b6ea2b52d11e744
- SHA1
  
  4ceebd9c6180a321c4d4f3cfb5cfc3952bf72b45
- SHA256
  
  8604bf2a1fe2e94dc1ea1fbd0cf54e77303493b93994df48479dc683580aa654
- SHA512
  
  8e06ff131a81e73b1ff5de78262701a11ecc2bcdaf41011f4e96f11c5372742478e70b6a0901b61953c21c95725532af8d785654405ec5066ad157e2143467cc
- SSDEEP
  
  3072:K6J2UBugOAI+yjNDWswy1MNo1EvnvkgvloSVQBjDifX0pPSRZ9KZdf8uvqtXfZBF:K6Jr8xhFzfOaa3xqQnQGTO
Score

1^/10
behavioral17 behavioral18
- Target
  
  Email Access Checker/configs/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral19 behavioral20
- Target
  
  Email Access Checker/configs/svchost.exe
- Size
  
  15KB
- MD5
  
  bef80f0cc7b0229d8520f4af100e6d4d
- SHA1
  
  b725564836833b22034c7b060b5e1bc5d6e5602c
- SHA256
  
  ad0655f47d4d5d5d790e374474fbcb1638da17fc352b93e20f8358dd14afb881
- SHA512
  
  0d539063a70e4c24f98f82eccc9e9b1f5736cc159dfea49bea5223e79709c8b5509a6c63c967f92903fe9d78607857b276a50f71bc360879404adde7b0e28b9e
- SSDEEP
  
  384:zGxiSy04Ri5C6I9jBYm7hZv8TSreSz+kk13yJP:zGxFA5DJeSQ3yJP
Score

3^/10
behavioral21 behavioral22
- Target
  
  Email Access Checker/configs/update.exe
- Size
  
  2.5MB
- MD5
  
  7e772de094a42139664cdbf4f345f397
- SHA1
  
  e6fd139a987a4d860aa87a1a2308b672fa48b77f
- SHA256
  
  796a8d0f8e2a8fec97bf697f5b1df52b3bec7563d8e478e34df88c74f590863d
- SHA512
  
  a439083e206370f52afd02cfe3a6a1738cc93cac23ecec54169d296c68e787ba4dd77d90c37170ecf613fc802e463362a3a285d343fc220fb282c53425b35738
- SSDEEP
  
  49152:OiakJX7SOtreDoGI4bpbzfBbbIbgPQh90UM5DAilMBerDV0W02:OvkNGaum45BIkQhO5DA65DmL
Score

3^/10
behavioral23 behavioral24
- Target
  
  Email Access Checker/configs/xNet.dll
- Size
  
  104KB
- MD5
  
  158defd55a804aa8d4d67bfdf7a4af9c
- SHA1
  
  9dd41914fa181cb5225e593373f7dca062d7af0b
- SHA256
  
  6c7ec4cc31a2ce0b97703b7a42e3448e9b87d96dda12761ca24d8787ac27cff1
- SHA512
  
  e98062b3b035d7d87c3457621c5ffc0aefed490544739219c4f4cafc3e7de248f1cf91edb3564e49d406f9fcaf314838d33b2ddd7e3b1a1751e5819b9ab798d6
- SSDEEP
  
  3072:0IALHSH7PhqKnUqnV+xnEdSCo5E/awN5lRd0YjJ0:07LyIqnV+xnEdEmf
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26