Overview

overview

8

Static

static

1

base/DAutils.dll

windows7-x64

1

base/DAutils.dll

windows10-2004-x64

1

base/FCUI.exe

windows7-x64

6

base/FCUI.exe

windows10-2004-x64

6

base/FCUI.exe.xml

windows7-x64

1

base/FCUI.exe.xml

windows10-2004-x64

1

base/Insta...ls.bat

windows7-x64

1

base/Insta...ls.bat

windows10-2004-x64

1

base/Insta...xp.bat

windows7-x64

1

base/Insta...xp.bat

windows10-2004-x64

1

base/Inter...Vw.dll

windows7-x64

1

base/Inter...Vw.dll

windows10-2004-x64

1

base/Loader.exe

windows7-x64

1

base/Loader.exe

windows10-2004-x64

1

base/Newto...on.dll

windows7-x64

1

base/Newto...on.dll

windows10-2004-x64

1

base/Regis...rt.exe

windows7-x64

3

base/Regis...rt.exe

windows10-2004-x64

3

base/Regis...ll.exe

windows7-x64

6

base/Regis...ll.exe

windows10-2004-x64

6

base/Regis...xe.xml

windows7-x64

1

base/Regis...xe.xml

windows10-2004-x64

1

base/RunAp...or.bat

windows7-x64

6

base/RunAp...or.bat

windows10-2004-x64

6

base/openThankYou.bat

windows7-x64

1

base/openThankYou.bat

windows10-2004-x64

6

base/runApp.bat

windows7-x64

6

base/runApp.bat

windows10-2004-x64

6

base/uninst.exe

windows7-x64

8

base/uninst.exe

windows10-2004-x64

8

base/verif...ll.bat

windows7-x64

1

base/verif...ll.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c28b949507a6330ec9e768251131e823e1ed1587b5e8913c9e70009f235e9bb

  • Size

    8.2MB

  • Sample

    221125-1y6aqsab62

  • MD5

    8803467851c06eccd2a3d11ba4674f9d

  • SHA1

    59e06cbcc691a02542527a087ae6dd4b73619fe7

  • SHA256

    5c28b949507a6330ec9e768251131e823e1ed1587b5e8913c9e70009f235e9bb

  • SHA512

    87d7a6e84637a16cc84e7b605c8efa0b951bbc539c4627a0ae18a37d9c49801236d27aa447476767fd346d850c0e792138405b6d68eacef4de04246fbab3699f

  • SSDEEP

    196608:S3LmewhVow/N1XrficH/16DJ327UGowqBh3wLTK33+fe:S3LHq/N9rR/GhBBwk31n+2

Score
8/10
persistence

Malware Config

Targets

    • Target

      base/DAutils.dll

    • Size

      55KB

    • MD5

      c2435a7d9f1651e671477ebb57cfcbf9

    • SHA1

      6245c0b9639b47ff3871f317a50752d16357a975

    • SHA256

      d4b77e8988055594e7af2dc641b364d5272c97102cbd250d6bdaff01a3d6cd34

    • SHA512

      d49b7b1f13ab5602e9cb2590ea81c7b250cff4e59ab4ae2a99e62f5178b2fc4028d3aa052e86a2b8d1d980a6aa7e0970f336ff59f074ccb9c57a5fba39082603

    • SSDEEP

      768:hPKPPKeX3t5DODCeOhbNCQtGdoolmW2B7p699fM7ZEOtI+NbV1Vq:hiPPKktUDCeOh7O2c99fM7ZEN+NM

    Score
    1/10
    behavioral1behavioral2

    • Target

      base/FCUI.exe

    • Size

      365KB

    • MD5

      376167b2e31a2af37f27cba5fd66467d

    • SHA1

      e7812d3631dbe9d68e86151705a21c0f845a31b5

    • SHA256

      735d089135087ee6b9bbac999eace92939dd4c33a60b5d72049df15bc01854bb

    • SHA512

      fef3a6d708e13e548dce554b1aee224ff7f851970e3eae01805ec0e856c797e8ef25db853a1ce2c6098f68148c2c2c233768dc3db650b034582bed335e700fd5

    • SSDEEP

      6144:8WpaPLItYxGc8G5zD2yFtqLItYxGc8G5z/2yF/d+o5JVHT0xAd3TpDS16UHXrOwN:6PLIWGw5zD2yCLIWGw5z/2yD+mXzgG3k

    Score
    6/10
    persistence
    behavioral3behavioral4

    • Target

      base/FCUI.exe.config

    • Size

      270B

    • MD5

      455e49ce62c15e710109e27d796bc07b

    • SHA1

      c5fb946c32bbf485298ccce382dd7ef360e2b80f

    • SHA256

      6353cd37e2d0debdcec72ecad91e6022dc14b355462a1cc0350993f8a268017e

    • SHA512

      09e45a644654e477116ca6d8fe96f2cdb3b1fb5269c4a694cb7e8e3e387ce440e250bea4f9b792d4ffb56a057379447e1d7ce49aa3416fe0181ef0f5b53f532e

    Score
    1/10
    behavioral5behavioral6

    • Target

      base/InstallAddiotionals.bat

    • Size

      575B

    • MD5

      572dd3b3b4b32eecd108320d12649962

    • SHA1

      dde5567d342748c17af81675dc2860a3974810fd

    • SHA256

      a1e380db748fb868dd66b63967c20835a031659ce5475867a028835e4e01002b

    • SHA512

      4d7f22849c4122401e8328bad9b5ad88e5a8eaff191d3e254bf5e9a5db766f148a9a4edccf4fb1ce9ff84fd44057b6249145dcc6a5d8439f5dab1a3c55cc124a

    Score
    1/10
    behavioral7behavioral8

    • Target

      base/InstallNet35xp.bat

    • Size

      446B

    • MD5

      57270844dadef4f6d4493f4860f4fc4c

    • SHA1

      781c48c7d311f96b8259c315095b114ea390d588

    • SHA256

      0fae86bd16f8cac3f37d740926834e8de3651ba2984e65e8e7afe1e7c3157f8a

    • SHA512

      51f0a08f659d4d719d9ec4e47089b1b1ba82b864e7007c36dcb8fe42e85e342b37a89f0fa4480999130974cb07ecf130ca5454b224b4306b64d83a1f9579814e

    Score
    1/10
    behavioral10behavioral9

    • Target

      base/Interop.SHDocVw.dll

    • Size

      140KB

    • MD5

      c43f379d6dfeb7a29b6a3be4320ce346

    • SHA1

      ca74941430b9c2c6eafa7cd0d531f5d6f725c55c

    • SHA256

      ba17c704e4d7ebb6e9973765198e411732731f225cbcfdbd079717c3bf3ef49f

    • SHA512

      7238659be805a86eee14b3265cbc564216de75a85635486a119c1a2e944ce3fe04eed79431bd0d053b042167d520bd197be725245471918e97a2cfe082d208be

    • SSDEEP

      3072:VTeRDP9ZU5GLY9a/sBOTwlCH+OdmvQxqzUleX4Zib8N2fAhajEVuHoJSLs9GPwRW:VTeRDP/U5GLY9a/sBOTwlCHNdmvQxqzc

    Score
    1/10
    behavioral11behavioral12

    • Target

      base/Loader.exe

    • Size

      9KB

    • MD5

      742e80ba7b4079837754e1bf64ec8bdb

    • SHA1

      beb9c66ca175728b2d70f7b418f3d0027e9e1743

    • SHA256

      1935d84f0a422a66b16f446cd1b07e9ea9b3a9ed598cfba1bd2208a3dc60d828

    • SHA512

      87c693bcac75bdf5e5e3a1d1cbb8f6b44eba7fea2085f0a6a77d1d35a9f22f579e5756837f8bb7ed7c1356b581229f89dea00c1a05a843f232d1246edcd844a4

    • SSDEEP

      192:El2OdW1qQfUTkgIIKGl41/Tb7p2w1GMW0uWZY:NqUj5amJvcw1GMZuWZ

    Score
    1/10
    behavioral13behavioral14

    • Target

      base/Newtonsoft.Json.dll

    • Size

      392KB

    • MD5

      96bc18f8dee95af3771763dee0e15986

    • SHA1

      b087180286743cb8666032d384a95f344f547729

    • SHA256

      2c30504710edc00a34840d23f097a575a8ea96d63c1df829a4bae31e8714d4a4

    • SHA512

      a24fccff5024fcea88b6355563360958210211588d2ec2734fba164a83b8bec3fd151d0369b8be9cef00f054e40cc082442de2b5b0ad822750b3bcc234c7fd9e

    • SSDEEP

      6144:urOhJfyPHhGLjPzmHKkKm3Wri/mbr0tZzPEaN+ILWlOJn14:wO/YsCqRmmcAQrZLWl5

    Score
    1/10
    behavioral15behavioral16

    • Target

      base/RegisterInstallStart.exe

    • Size

      7KB

    • MD5

      79b26d6c53a451c96454bcee611350bd

    • SHA1

      7975573dcf8654d954b21601474dad433905093b

    • SHA256

      d5d24d8e0fe89d082881966bd5e03a6a784a8db8c5b05c47dd6b512c37466e7b

    • SHA512

      75669c2b56f4c0ad03eb7d98e3ac4aa7ae4f93e1e18777a01651468eed78e976e06ece555f91e58c0ce300c73cf76af19d8f0b2d53d016473cf9c3d9e2cf44ce

    • SSDEEP

      96:A3bKpIrljiVFzlJnKpvlyxPMoaR2zNnVkFDvIikTZN0ADrzBUWZwiW4dzzNt:ebSIrNiVdlkpvwhMNRlxv8L0QzBUW+W

    Score
    3/10
    behavioral17behavioral18

    • Target

      base/RegisterUninstall.exe

    • Size

      7KB

    • MD5

      d7e36dc5c079cd93d8d0a8d33b1819a6

    • SHA1

      f5cf37b37a443e899706d2fe107534e8e8a4a21f

    • SHA256

      4c0758fdf48e8dc3188ba5ff8df7b8c6df4a8d3f7ec5e1843305852a1e1ead2d

    • SHA512

      a4c87d5c648eb14a6ec0e0c30fee893944c45a13511d8ec26b49ec45565002d73ae4b7ec9be6a741ec4cdd5a2b3dcb8ae048c94e65ca7b030943195202f8aa5c

    • SSDEEP

      96:H9kKlfbpxct1GwYseHmmSOUa8B9zaj8dctSMV5RPDtXMbh9WOBjyyJQzNt:iMYzYseHmmSk8Bkt15R5XMbbWfl

    Score
    6/10
    persistence
    behavioral19behavioral20

    • Target

      base/RegisterUninstall.exe.config

    • Size

      270B

    • MD5

      455e49ce62c15e710109e27d796bc07b

    • SHA1

      c5fb946c32bbf485298ccce382dd7ef360e2b80f

    • SHA256

      6353cd37e2d0debdcec72ecad91e6022dc14b355462a1cc0350993f8a268017e

    • SHA512

      09e45a644654e477116ca6d8fe96f2cdb3b1fb5269c4a694cb7e8e3e387ce440e250bea4f9b792d4ffb56a057379447e1d7ce49aa3416fe0181ef0f5b53f532e

    Score
    1/10
    behavioral21behavioral22

    • Target

      base/RunAppMonitor.bat

    • Size

      100B

    • MD5

      725126d44de4220cf95627bb04a6b1c5

    • SHA1

      ce388a3befcec8aaa80a2d15c1d64681b97cd516

    • SHA256

      97b940bb91f4c102a23c6654bc557fb37626790b0f50a3eb04e7b0c48d3719bc

    • SHA512

      afc3ed66ea86b427e29249e961bbd350e89af63c2671b1278f647c61f3469018c753d1ac3b2d1e43a0424e5f6f8eda085eb626b14a81d21dbf62632725c5f4c9

    Score
    6/10
    persistence
    behavioral23behavioral24

    • Target

      base/openThankYou.bat

    • Size

      340B

    • MD5

      c62bd04389494fb8da60e90030c09b83

    • SHA1

      cd7148fef04d8242abc150fb14b07e7eda4e6125

    • SHA256

      ed666d253d1f46ccc44359833e575c0b968a93c5fb05e963da411eeffd8606f8

    • SHA512

      27b1e3127ff53b180232ada1b171abbf88055ea09f14400edcb8fa629fbd41bd0678722dc3cb113aee931d89121376ec05af93ffe252d83e6e61a4d3c3e00cda

    Score
    6/10
    persistence
    behavioral25behavioral26

    • Target

      base/runApp.bat

    • Size

      28B

    • MD5

      9a0228426a9e0ab3fb08e83a91c1774e

    • SHA1

      95520565eb3396781a242c37d2e4afdf1f32b289

    • SHA256

      65a7edef981c41abdb03b1f77fe6bee27e60c64c6adfdb402d5494556c3066ba

    • SHA512

      39932920b5297dffb671a13ac244df9fb995a1a95d9cb920338c6d5d008da0899c2dcee3ba76450374e9876734b1a386fe62dc454f7cb579a6f4d909ea6a15b0

    Score
    6/10
    persistence
    behavioral27behavioral28

    • Target

      base/uninst.exe

    • Size

      100KB

    • MD5

      812ceda63e8fb52f08d13a270f60064f

    • SHA1

      3b3108938aab9ccc4d0fbbe16d7670e0b0b4d244

    • SHA256

      d2093bfff19f6f22e50aee57086375d99f630eab21c5c429fc5f5bf00583b5c6

    • SHA512

      9e09625a39304049d5d4c78f3d420ed8859189a473568b3d8747cc3336c237c65fde4c89f480238f9001a05830bda50a604d0b760f358f1138d617df5a002ce8

    • SSDEEP

      3072:bgXdZt9P6D3XJbOpo2eAjEu5fiXEVgfo7M:be341OpTjEu5qXEVgfo7M

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral29behavioral30

    • Target

      base/verifyUninstall.bat

    • Size

      464B

    • MD5

      960d1953383c5d0234bcf649bd871b9a

    • SHA1

      e1bc271ec32b7fa78d8f2f877266a22c931253f2

    • SHA256

      1c1a6eab7eb47c1fd54696d66d2ea6debc2a0731a898be047271998ccb48b073

    • SHA512

      b0aac1c2838c7bf46b36850d7b436b3683a093bc87077114d32295349d619feadda96f9be428be17f5bd0903461d309dfd319d05fdf74f71845ccd12241343a5

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v6

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

persistence
Score
6/10

behavioral4

persistence
Score
6/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

persistence
Score
6/10

behavioral20

persistence
Score
6/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

persistence
Score
6/10

behavioral24

persistence
Score
6/10

behavioral25

Score
1/10

behavioral26

persistence
Score
6/10

behavioral27

persistence
Score
6/10

behavioral28

persistence
Score
6/10

behavioral29

persistence
Score
8/10

behavioral30

persistence
Score
8/10

behavioral31

Score
1/10

behavioral32

Score
1/10