Malware sandboxing report by Hatching Triage

Sharing

Copy URL

Twitter E-mail

General

Target

sharex.7z
Size

22MB
Sample

221214-nyagvahh66
MD5

c133a71f461eb44b8d4ec0dab2886352
SHA1

7305dd02db9f9d950bd19e3f74b0355ad8be29f5
SHA256

428d7fa627d74326ce61469231f7423afb7cee5ab1d86bbd97f65c8f89deaa14
SHA512

ca1ce86383d3ce5b1694c24e4a86c3120668f61fa3dc2d52a2882804176233d4f24bdb70d720f10680b5b79d9c0661ab4d305a85d4030d4c642bee69a0072c26
SSDEEP

393216:oWaeT7OlhnL67FWvHTWX54uytzxIyvFs6/8Tb9NEy1zAxhgIl:oWpXo1O7+H+5/CIuFEX1NAxhge

Score

10^/10

coreentity

Malware Config

Targets

- Target
  
  Languages/zh-TW/ShareX.ScreenCaptureLib.resources.dll
- Size
  
  28KB
- MD5
  
  14da675d9e2476a7244b27f1fce485f3
- SHA1
  
  9fdfa456a1d5a2f93a4b7a8f57dd3d491d1d4c78
- SHA256
  
  ab0300317a0e1deef7fd8e1faacfde726ce856e6c354d8e184a8afdfd7b0ade7
- SHA512
  
  3cd21a281304e721cf238213d9e7e7db792e36a748909666e6f6b2cd234a720e612775225698063b327715d71451e6b7f072473cb446e7b716dbdef3949454fb
- SSDEEP
  
  384:wWYQjcHYwbAiCmXoqHpN5XBOv7mnLK0Q6lj8acEii6aB:9sC4LROv7mnLTQ+3B
Score

1^/10
behavioral1
- Target
  
  Languages/zh-TW/ShareX.UploadersLib.resources.dll
- Size
  
  42KB
- MD5
  
  e629c1abd11a4d7e61bcb9146fa38af1
- SHA1
  
  7d70194a8ea828f560e88bb7c8aac9c4ef22c7d9
- SHA256
  
  3a1347a34b6e66318cb762c1321e93dbc383f69064d10ab61cc2b25115e66db7
- SHA512
  
  52b5c4547b114c4ecfa59c596e3886cbb009c28ff057d64e53e2b495e6b944f6ab3637336c3fd69d3deda62ff203929bed39f4efa7d22d158bba6f773b32f1ba
- SSDEEP
  
  768:b6iaH9db7MPLuAQN0uoOzy3ij3U9n8xBmBSN7gb5n+y58ZHFxZiA:b63d8PLVQN0uoOz5Mn8xBmBSN7gbZ+yg
Score

1^/10
behavioral2
- Target
  
  Languages/zh-TW/ShareX.resources.dll
- Size
  
  64KB
- MD5
  
  b43c5edea71e91d9d5685e3020df811a
- SHA1
  
  4e58af0afadecaafd974bac05c31da522de168d2
- SHA256
  
  39526361dcf1d1cee1b09461054346574e2eae8a25292920e6ad9311e23f6f9e
- SHA512
  
  5c9b702446a74385824a6bd2729062d1cb04ec8278a2935bbca67fc572eb004f40ed8be533a137fde317e5b7a416edccdebc88bf54dc51d78415ed3ba9b6af63
- SSDEEP
  
  768:JovWxlrmjuF4tbGE9a22xlobHxwL1IglFwCDQ9+/BKlZFCm7Bmm2QKB6ikG:JovWxlrmiCtbG2clobReJ789OBgZAwG
Score

1^/10
behavioral3
- Target
  
  MegaApiClient.dll
- Size
  
  111KB
- MD5
  
  d1c953394bae2344c275b69d3ed432ec
- SHA1
  
  f01b217959e50e2ee3e5a26829740e92b477a7b2
- SHA256
  
  6ff5c330a5349d1c903eda716038c4c2c401045e8216d460eabe47fe66120ca9
- SHA512
  
  60c08ce1f37dd178335c881efcfc6cb35a9aeebe60ad3885922644ca8a71cee5112c5e2719cb5c50d10403a5fcce4ce4a1e652f9a2760eab9419f8fc3835749b
- SSDEEP
  
  1536:EO21sYdEPXp1wCNvhvExetgkwLKN3KCTnNyQwItaL/H:92eYoa2Ff13XnkCtaz
Score

1^/10
behavioral4
- Target
  
  Microsoft.IO.RecyclableMemoryStream.dll
- Size
  
  57KB
- MD5
  
  aedcb85e47ea5ddc1182043ba311de33
- SHA1
  
  e7b124978b60a41bdb2b90a5862c2724af1c3569
- SHA256
  
  70d1c7355a48071f0cea3984bbe34ad24f11a1a16140bb901587f0e852397a97
- SHA512
  
  20f5cddff59a9c48354b9fbfc0e6ed716fd92ed6dc35cd45116db6f1ef759055b83a7f53b434fb9ba7b24dca49865a243d025be1e60fa3f807963cf9ecbc0ca6
- SSDEEP
  
  768:N4rRZa7odkCYSdPljNbdOJC3ywL6/2+psJlmjdPGANh6tVzHTNx9zKm:NIljxdMwL69yfmjpGANAbzzpzKm
Score

1^/10
behavioral5
- Target
  
  Microsoft.Win32.TaskScheduler.dll
- Size
  
  326KB
- MD5
  
  a844ac745a4005fbd3f51d79ff88583c
- SHA1
  
  92671774fd4be9781a77d2788a8dddbf8981ead5
- SHA256
  
  74fe1a6a1e36be7d893e31bbb4d4bd83bf4b927e715276cd5607982139818ebd
- SHA512
  
  5f0734058d9146ffeb552abf443df5097cf134a4737bed499467830e08d97f5d1996c1f1647c5c12289ca4d4209effd480010afebc59d50290d4ca7d45bb41f8
- SSDEEP
  
  3072:o1sSJApTSnQU/x0ImhuDzHfs4zbYOjujDRfygDgKQINXLLHIaKlay8weCycJ5Dfm:o1sSmRIt/xhtsOju1DH5NXnIKAc
Score

1^/10
behavioral6
- Target
  
  Newtonsoft.Json.dll
- Size
  
  685KB
- MD5
  
  081d9558bbb7adce142da153b2d5577a
- SHA1
  
  7d0ad03fbda1c24f883116b940717e596073ae96
- SHA256
  
  b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
- SHA512
  
  2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
- SSDEEP
  
  12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5
Score

1^/10
behavioral7
- Target
  
  Recorder-devices-setup.exe
- Size
  
  1MB
- MD5
  
  9f3dfb3b26e8207a51f4ff4c80184f54
- SHA1
  
  5b6cd73643479ce99bac9d1262d2a3165fc55790
- SHA256
  
  3e6c588ea0e26407aa431f9c8cfb3cfb9a0b0933a0c3a641973fc0ca920e761a
- SHA512
  
  8ef0e36d301183c08594e41e3c0cd95e862bf85fd1a83a60f23fab752794e63b9fc423574ddd5b92a70eda8169102975f83936a4485cea399300a8b600712a3f
- SSDEEP
  
  24576:t7FUDowAyrTVE3U5FmUw2LB9+55x7awFhJdNo69lOy7KTijli:tBuZrEUW2Lq55DdN7POGjY
Score

8^/10
- Executes dropped EXE
behavioral8
- Target
  
  Renci.SshNet.dll
- Size
  
  785KB
- MD5
  
  100f3487b7d64026df5b68138535b734
- SHA1
  
  a7974031c9c6e46897ddf017824949320e251d82
- SHA256
  
  f6a4be2a762ffd5a1f8d47c0deb34c3015d479bd409d01cc96f1d2d0be55caa2
- SHA512
  
  93665d418d08f16f744f37741d50168225cd2b8d3b0dc00cd6c87438a7aa784a04c417084c3d17d833f4a2450718aeb964c4b2d4f5597daa084f725d8683d207
- SSDEEP
  
  12288:f5lqga6rBEEKAeWgVmfedIASjLrj3xVvPTrPTrQ2irclmKJMElmMSSMs:TaPEKRGzGc5Dk1f
Score

1^/10
behavioral9
- Target
  
  Scheduler.dll
- Size
  
  11KB
- MD5
  
  d8e3839dbedc966f810d529828457696
- SHA1
  
  fb3525cee09d5d5be47112bbf00e1cb9947a7832
- SHA256
  
  19086383436a3d274370abf54c2dcb805d4c68da495b45fcd6718c1ace6b33b7
- SHA512
  
  f832b067915b3e26deeff532d8be0260946720b2d68a41a962f512f295eca4537c33fc98c4919b80320201671e4ca6702db66faee5c5f7f377665fa6a207ab7b
- SSDEEP
  
  192:LpU/mq68m4wcF+UQf+5BMc5iiI78VsDPot87YvGwV0Woifj5yuQ:3qbmBcF+Ta+c5FVaPot8lK0W5AuQ
Score

1^/10
behavioral10
- Target
  
  ShareX.HelpersLib.dll
- Size
  
  1MB
- MD5
  
  43c4e63be1a974df874a5070a6c7b3d6
- SHA1
  
  a8e2b62350525369aa2843e0c77fbff708a37673
- SHA256
  
  9d614e1908a2e7a6d0e11b551c1911f90d28f6c0a37149bdb992c305a3c78add
- SHA512
  
  9c54d3a02d7799974f25028ec3525c520832f65028e72d025ab7e6c953f782e8d54068543b775d7737b5f98a6cb310c3292dba685732ddcddf2495655f4ab4e6
- SSDEEP
  
  24576:PgzY+4bmwgUQCLPsvuEEvrAK4WhsPEtPUdrk4z51h5:Pg9D+LPsvuEEvrArr
Score

1^/10
behavioral11
- Target
  
  ShareX.HistoryLib.dll
- Size
  
  165KB
- MD5
  
  49516debabc14a3fb26c13a96cf42c03
- SHA1
  
  9f14f7d759332b8449f90b69509bb541aec8f217
- SHA256
  
  4a92d1d0f5d29db0117fb8dc840c6f6fdf41d6d77435038ac2e7fcecded9629b
- SHA512
  
  1b1897944f5d7c3fd25885d484740c8c13c73688bf370eb1ab96882560c687f97634524208223e81abb9bb119112a195d92193e6604842038d4c8e7216062d70
- SSDEEP
  
  3072:+2ByiP3JTr4N52rNPV8/KZcF1nzJLXOyYiUxcAOq9OPbafv6r6:+j4JTsN5TOfv6
Score

1^/10
behavioral12
- Target
  
  ShareX.ImageEffectsLib.dll
- Size
  
  136KB
- MD5
  
  d8b984b56ca5db17a4c730b1b1dcaa8d
- SHA1
  
  fd6ce12c5a9e80a36ba86957657b9c09d7ecf323
- SHA256
  
  265c1de77127c51834e36aed227fd6f0cd73a74b68059e6285ed03dedaee26d9
- SHA512
  
  46fc970664bc3ef534bade6e1b142f82c41ada940bffe6d482f0a96777cd8d80853e89fbd753f3706e6e9c79f9d6784fc0d8bcbdce4b845986a93f2caddfe0a4
- SSDEEP
  
  3072:16gUGMed0d5wPkLyhY2gnKMpVU5hIOadsEYT5dC8ZUeS1e:16gUGMed0d5wPkLyhY2b/VEiG8Z9S1
Score

1^/10
behavioral13
- Target
  
  ShareX.IndexerLib.dll
- Size
  
  45KB
- MD5
  
  b2b2c89fe6bebccc499e4476edd9c2f6
- SHA1
  
  4382a0c36ac4b8b4254b52d455ace3ccb0cc80f8
- SHA256
  
  2be978327538fb3b9e1e5bdb176ffa04b438872382d66ecd0b687e6e5fffc138
- SHA512
  
  f2407911c6395974dfe0dec3a2fb9920931480a255fa46fbe51b1d333462e4001b247d598ed51c781928729259a261d92b58a623471c4b5bcc4898016fbb2b52
- SSDEEP
  
  768:sy4SjFRIF9Rnxjd/VmaWBiHHI0DuYgFRFUIYF5F0e:3jIBb/EaQiHj9g7WIYHue
Score

1^/10
behavioral14
- Target
  
  ShareX.MediaLib.dll
- Size
  
  141KB
- MD5
  
  23c3c7fa3bc216de5ebf929e3d3aa8ed
- SHA1
  
  569d81f10ec862914ae28b6337c96a796ebb679c
- SHA256
  
  8ea98b3e82aa4e4239f2dfe55eeb300bda11e63bb852784d2fd86c5add27aca1
- SHA512
  
  d1ca3efcffcf4c585f12719fd3d0d8600acf548c2da8783560bc0d5ca9f6e1279b79d037bbb01f90e5839eaa31d0af6762e212b2b3ba00ff4590445d85b9dc1d
- SSDEEP
  
  3072:9vGpr4ZbeQGZ5q9YL88BS6SGN0QWtHTg658+xDooKI76ZxpLEswJb+s5wGd9yI:9vGpr4Zb1GZ5q9e88BpSGck6RJb+4wGK
Score

1^/10
behavioral15
- Target
  
  ShareX.ScreenCaptureLib.dll
- Size
  
  658KB
- MD5
  
  905b8950d9b956708aa988355718d871
- SHA1
  
  8aa763ce3dba870c10d04452e54a1101b3c4fb5e
- SHA256
  
  a1608a0c6d531c7e3223fdb0c6562ed8ff0bc3e8d32d93ce9934e60eb09a8a2b
- SHA512
  
  1145e8efc2efa9a78b4a12ac93f53f6cade1e265ee08ffc8dc5398e79370c313b5d41ebdcc3a025835be53037e396139371895016590c9cf99d4da010806c62e
- SSDEEP
  
  12288:tor+GebXVfmFsVsEoHNa4cLULWHB7HagQlG/gb:AyVuFsVsEoHNa4coLWHB7HagQlG/g
Score

1^/10
behavioral16
- Target
  
  ShareX.UploadersLib.dll
- Size
  
  2MB
- MD5
  
  f21093a742541fe5994cc3a138f2736f
- SHA1
  
  e60d4e0c6432e77ba1d33131869736e0754db25b
- SHA256
  
  a3f9536770ffd43c22bd30208fcd6179efef8709d67a132fd567e795d4728b8d
- SHA512
  
  1f5505ec714db834f0ab30259d3bc3c89048a0691cbf9607581e7ea2b10ae9caa428dac0473103438301443c54e398788c9f862d48e9edcc0a3687461cedd329
- SSDEEP
  
  24576:/SAltobUu+4bH6bIcVt3yDhw2gVGbAtp07RBLgIZRXBaxUEPYF1:HYVw2qp0g
Score

1^/10
behavioral17
- Target
  
  ShareX.exe
- Size
  
  2MB
- MD5
  
  4822034a6d599f0724505fc1cd923b99
- SHA1
  
  30fdd2ca1e05a32e697e5a3bc022ac732cbdf2fb
- SHA256
  
  b9eb9daeeb987e9d98b6780fb13b02a9150f04408b2a178870ae68a92332ceb2
- SHA512
  
  e5c2039731e700ebe1baf722c6497c6466cf07bb8ca3523ed635881981556f66e78e21fc297f292fcff540808cfa9cd5f1f35d67fc342cd7cfcd7629b0cac671
- SSDEEP
  
  49152:kK9UPsP0F5n7ExB73vdItTNKz7gnqVCsY7Dgx2rnlX:V9LCsY7Dgx2hX
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral18
- Target
  
  ShareX.exe.config
- Size
  
  1KB
- MD5
  
  45cb68137c33b889a566ea605edf8847
- SHA1
  
  ea412c3b795a63ee42dcb52e3570dc07db03b4a8
- SHA256
  
  4e0087f4c969c3bac647ee5ca6bb1128aa1969dc22bba156654d68b3abb38ceb
- SHA512
  
  8a0c04091de3b700b2c8f8ff4e2adabdee2d37587f1405b90231cb2e83d546af86d65c7e56c64bee42427d19f200aa4a5d2f373b8710c51a7e9545bc264fa746
Score

1^/10
behavioral19
- Target
  
  ShareX_NativeMessagingHost.exe
- Size
  
  6KB
- MD5
  
  bd3beb5c29aa4b130c5a14f92105f08d
- SHA1
  
  2d5d88da1d97ab278405041c664196be8722bcbb
- SHA256
  
  c20d712950bbb5d5c96524532225846685c0e2531dfc52215de030673c125a38
- SHA512
  
  32840e97c4abc1625e147ca868a3fc2d34c9720ffe3743986ed723c8c657ec93977c7e332f172859ada6c2f2f8495d0d51393cf05e6244d5cd831320848a8b55
- SSDEEP
  
  48:6bi5wicAbSWWBSg+RpMmAv5RtUXHb8wiV18zdhGF1lZx+AqbDoqcluWW8kmxe0NY:IicAbSWxgy45RLwQYdoPl+A8c2KzNt
Score

1^/10
behavioral20
- Target
  
  System.Buffers.dll
- Size
  
  20KB
- MD5
  
  ecdfe8ede869d2ccc6bf99981ea96400
- SHA1
  
  2f410a0396bc148ed533ad49b6415fb58dd4d641
- SHA256
  
  accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
- SHA512
  
  5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
- SSDEEP
  
  384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score

1^/10
behavioral21
- Target
  
  System.Memory.dll
- Size
  
  138KB
- MD5
  
  f09441a1ee47fb3e6571a3a448e05baf
- SHA1
  
  3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
- SHA256
  
  bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
- SHA512
  
  0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
- SSDEEP
  
  3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score

1^/10
behavioral22
- Target
  
  System.Numerics.Vectors.dll
- Size
  
  113KB
- MD5
  
  aaa2cbf14e06e9d3586d8a4ed455db33
- SHA1
  
  3d216458740ad5cb05bc5f7c3491cde44a1e5df0
- SHA256
  
  1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
- SHA512
  
  0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
- SSDEEP
  
  1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score

1^/10
behavioral23
- Target
  
  System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  16KB
- MD5
  
  da04a75ddc22118ed24e0b53e474805a
- SHA1
  
  2d68c648a6a6371b6046e6c3af09128230e0ad32
- SHA256
  
  66409f670315afe8610f17a4d3a1ee52d72b6a46c544cec97544e8385f90ad74
- SHA512
  
  26af01ca25e921465f477a0e1499edc9e0ac26c23908e5e9b97d3afd60f3308bfbf2c8ca89ea21878454cd88a1cddd2f2f0172a6e1e87ef33c56cd7a8d16e9c8
- SSDEEP
  
  192:LGLxTyHvc4ROgcxAdWXYWJeaPtWsI9A9GaHnhWgN7aJeWw0fnCsqnajt:LgGLROZAdWXYW8aPcyHRN7WEqn1lx
Score

1^/10
behavioral24
- Target
  
  Telerik.WinControls.RichTextEditor.dll
- Size
  
  11MB
- MD5
  
  21873c87cffc81a6508283b017a18266
- SHA1
  
  1fc1ea94239f40e19a485670124557e65d2f6146
- SHA256
  
  03ced93e27ebc7b46e75d9b63ef8709f985a2d47a07a5be9e25806c1e21b1fb0
- SHA512
  
  4b21c1c9f69d344ecea530bb51fdcc8c30f832a70b4ef0efc56ad3f3d6dffcea5704a08688a7b801a4535b22d4ef29a19f7e4fd330a0fcffab300c1ef6e0ebef
- SSDEEP
  
  49152:j158UjzpZfgqZkqjqVkf7/ibBVx+KCmT9LGK6ej8FL0VjZO98Z6D7nYaGnND4aEO:zBl6Vkf7/ibHj/Z
Score

1^/10
behavioral25
- Target
  
  Telerik.WinControls.UI.dll
- Size
  
  6MB
- MD5
  
  ec747648ad0bd1a4fabec55a8a2c6b39
- SHA1
  
  6a5336b95412a8968fbe362977484195f3a3532a
- SHA256
  
  74113e96d4ce3a557769b0ea4ebaa2b534923beb662966712550c1c3a689e6a9
- SHA512
  
  99c14103658a7bb8a0b9155c80e411b6fb0432c7e305da5c32ede2e6e8f65465b10b1bc4a80292cd956e8a9d943b7bdc2b11a161d5256a89bb4952ec4b35a51f
- SSDEEP
  
  49152:YtHWCCzY554iAb5V3LlerNUYZO8UO5/ZFuBGdWkpVfwpVePPVjCi+ssnk52mLGIM:PUtF9f0EPNjCaQ
Score

1^/10
behavioral26
- Target
  
  Telerik.WinControls.dll
- Size
  
  4MB
- MD5
  
  f9d40beceece1f9d56e5e70839f5deeb
- SHA1
  
  aa76abe5e0447c575d7b9f169be2132e8cd2fc69
- SHA256
  
  450409036b8f53cfa78940ab0566ec0d1ab5e542cd89094cf217d3d6254d64ef
- SHA512
  
  dae12ba033e915b617f8baacfc4c02794c5a54dbd3b103eb97331d721e35e04f70a3c9e2fb890e45328f058b0bc2c98b6a817adf4a382fb03f705a735025eae6
- SSDEEP
  
  98304:ewS0BM6aa9DMbJcioxcKK2SewFiYCJc7vfmIAAR9DMbJcioxcKK2SewFiYCJc7vX:ewS4M6a9ABqN46a
Score

1^/10
behavioral27
- Target
  
  Telerik.Windows.Documents.Core.dll
- Size
  
  509KB
- MD5
  
  dcde9617d9cbc1d6667d0155dae121eb
- SHA1
  
  a7c7b929ffc25a5b10c07a8a88718f872bb8731f
- SHA256
  
  b05f4b3a3b70311d5d167b0b99263aa7cd72f51a9c74f642e3220f6b8c49ac7a
- SHA512
  
  df007ce97fa11e5327cb15735cdae64332ac4c8504b7c2d5b97d4c224d9ce2d39f11365f15c1e34c14c6001aeee5dd9605360860b940cb9d2e9484cadbb94589
- SSDEEP
  
  12288:7+nm6jrTksp9SnAVBYq5dfHN8b19rbwIuOjz7qAi8Y5Gvl9ijI2:umu62Y6H6b1
Score

1^/10
behavioral28
- Target
  
  Telerik.Windows.Zip.dll
- Size
  
  139KB
- MD5
  
  af5fc0b982cc71544743d369231a8d63
- SHA1
  
  da3894ac26d039579a4b6eb36d5bea39001f8f21
- SHA256
  
  51c9d8c70b4b0bdd0a5c5fa5af62c645cefaffcf2afa992bddfb1e509e736262
- SHA512
  
  dab9a720c4ef60af0af95de26cf64b0c4a77a44ff3847b3347dd88a5b4a98e8b528300464f819d2f3f2df022340cff0fb8210615ebd9f3cf0a1b5719b5e7f21f
- SSDEEP
  
  3072:0hnjo6JsdG1Ovc7f/qdlSOP+OkVO2+Ddn+Yd7ZhIQjFIUEpV6uOs:0hsy1OE7qdlJx+CjFIZEuO
Score

1^/10
behavioral29
- Target
  
  TelerikCommon.dll
- Size
  
  894KB
- MD5
  
  acc40d6d5c95ff3e07dee7b65887501c
- SHA1
  
  bf0db916ed46b9d0a21589cc519643b68241bae7
- SHA256
  
  f91db0f0eed76160480ad0aab36a7a5b2393e1c7dd9de6d42ae71a70689bf9ca
- SHA512
  
  a18684b544a6c08172c9b23bff1a9e138e13a30282274a9d76d5d58f9f4c81205a9b0118d053d352437a391e2108ec824ca134b418cf4c107dc33ee9003d51f4
- SSDEEP
  
  24576:/KIPrujuV9NthHaD8XAV1jnQxZdlCG3pFb6KtXX2nrfSNT6v2q6w:/KwSYNthHt
Score

1^/10
behavioral30
- Target
  
  zxing.dll
- Size
  
  486KB
- MD5
  
  8797a7c1e8d1c1d5a33e577f7d848b2e
- SHA1
  
  a9e5f8475981da92a61c8c0e3a339b500deba3fe
- SHA256
  
  b78398f301411d2f3c42a0e9545002209fc45163bf9c8843ebec6a08c81efec7
- SHA512
  
  4d4d6a9e5b5efe285f54a0a0ae5391fcfde4a7e4a2f50d1dd313384b41ce6a404fbca967f673ff4207dc6477b1463ba4535702acfe41338fab3e5c666408ed97
- SSDEEP
  
  12288:jCDrMGstdlU51enqGvA78PrVmLE1b1f1lWXrzHwePkHbVXwF8:jC3uY51en9tTVmLEf1WzHVPkHlwF8
Score

1^/10
behavioral31
- Target
  
  zxing.presentation.dll
- Size
  
  19KB
- MD5
  
  3054b494a03838d035f3d412ff0096d5
- SHA1
  
  981f069dcc6cd73f734a145f885a82b68e6be7f6
- SHA256
  
  d7497d712162aa3b761e3229314c8fc46c0a6d2a8752a4517da1f5d5d05e5b76
- SHA512
  
  30f5e8c173c375d47836fe9403f8baa44bcbf3ae396c27c3ba9f8166650fc7e8b1c7515d5eea66f428f392cbbcb1b5763cadce6b0a9513d46bbbbf6aace57c70
- SSDEEP
  
  384:5nCp1S7zkbc2bpQKhycpsjNoVQYcgN17hpfSO5JRw:5+bPbdhycB+Yc+pxDy
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

T1112

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Looks up external IP address via web service

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32