e77d6aad20b5587dfb7e83f691131342673c47cbdbbb627b894c050820a63244

Sharing

Copy URL

Twitter E-mail

General

Target

comm_bluesoleil1.6.1.1officialrelease.zip
Size

9.4MB
Sample

230103-2kwd2sdb54
MD5

35ffba79be57fddeb315726338148b95
SHA1

428f8e901f893e9eadcae4a3ab6f303d7f45b7af
SHA256

e77d6aad20b5587dfb7e83f691131342673c47cbdbbb627b894c050820a63244
SHA512

64b6593bb20c7701a9df90f34a38ca01faf01ec954aec5f7395e60aeb95f5ed5629343e79c53cee54ef057c354414c5be2c01366bd5698bc489a3648b9156e90
SSDEEP

196608:mZMTwT4T9A3QYk4ew6yzDb6er28qvdrHZC57UcjkcfR:ds09A3HJew6ynx4xY5gcgA

Score

8^/10

Malware Config

Targets

- Target
  
  BlueSoleil 1.6.1.1 official release/AmbiCom/OXSER.SYS
- Size
  
  48KB
- MD5
  
  39f8e23163aa3e972cb59c6eb70679ee
- SHA1
  
  bd2864f8ccbe51495cf1e588663f9c5db9545ba8
- SHA256
  
  86ebd5e0f7954ddf8ac61cc468193a775203a229f9be813c741291f8b7b81070
- SHA512
  
  bfb69c3830af46c688e6b1635464032b613a0509f40a927147a45fad074d264cc32f35a346b536ec21467248329e6e990679e2392cd8b48099f0f4cc3d89c5fc
- SSDEEP
  
  768:TPvP6lZwsh/w2wCvLyX9hURDfB0rUrKdEK0clL+Cf:TA1Y27WGDfCrU3KX
Score

1^/10
behavioral1 behavioral2
- Target
  
  BlueSoleil 1.6.1.1 official release/AmbiCom/OXUI.DLL
- Size
  
  92KB
- MD5
  
  992d81cc27757081fdcc4e88513a07ae
- SHA1
  
  c79c3e8b44c07cad585d12be3aad142a081c97ad
- SHA256
  
  7ed14f3d5acb9d6f6ecaa7c1bc6b74ac1797e76f73bf0930cf46ba14791eb1fc
- SHA512
  
  6eb7b641d5f89841ebf2365e90791fb1b4e89c3d93907f07b65df98fea9883c1ef356daefa3afecb61a4113a7bc82ecab955252bc05ba2c1a68e1d2eefba5c25
- SSDEEP
  
  768:CbJhlFZtGcwXZgtOMfuqZYm1Td1TRaoQWNMqeJ3oo+/SriB9DpkFM4f4bT/20Kka:QhlFff8Zsh1TRaQMqeao+HHfjK+o5Zn
Score

3^/10
behavioral3 behavioral4
- Target
  
  BlueSoleil 1.6.1.1 official release/AmbiCom/Oxserui.dll
- Size
  
  22KB
- MD5
  
  cc9882b9ec7c016c5558427171c6d3d4
- SHA1
  
  18bcf3a058d2d9f2d2a02ce5a184c10b5ffe31ba
- SHA256
  
  f7f3c3d7235de46efffd3d167e3c8c8cbcbea959e0ebb73dc2b3bf885c59cb85
- SHA512
  
  7f47090ba7ee25b03b710c98ebd51791426e9eb05fc55636cf89628bc8ef6d8ddfa07531c37228c2fc90ecd41c3f9f621a7c6e1557d9c6bde6747002cff9270d
- SSDEEP
  
  384:WpttvHiaHe8NtAEsLyrM8gVtKb77qvOeZZXgnud4Y+QWKuTh:WpfiaHzamr0m7VeZ4umY+QW/
Score

1^/10
behavioral5 behavioral6
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/OXSER.SYS
- Size
  
  49KB
- MD5
  
  8db0dbdec7880e81b73b8e7e8e9a666a
- SHA1
  
  0821c82c5a6a34d52b020f70f71e688742c7dde2
- SHA256
  
  02aa13fbac7f6451f7bac5feae509e99e02d21badabbb61dda953f4be50bee11
- SHA512
  
  bff232152e45bbd96662f3a0631e057ae57b6fac3c62f610394d64b81791cb7573a47e072fd96225afaa8c70416749a9d4f51fcfec4fffa29238a5a6bc7e6ba7
- SSDEEP
  
  768:Vra0AG3InM8WfiClEugJmTLQGFsfdDufNpIgbiU35jSy+L/++y0TjhmVzaDtI:BEMhffB9vQGFsfQsgOaSUMT9mBaO
Score

1^/10
behavioral7 behavioral8
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/SCBaud.cpl
- Size
  
  72KB
- MD5
  
  3b82611e599a17b0f64c8b60a7524c37
- SHA1
  
  4029b693120e995ca3c6c3785bb45a5ea9fd47fb
- SHA256
  
  a3b3f94ddd08563ce300cf7899f012834c238ea38baa60f17dc478a462c35355
- SHA512
  
  7227b8cd775c45a94567bf820ad7e8be68f7cb410571e533158c768253c858d737a8863b676f1334da0a47079d17014cb994ee0c3a0c4b002f63b058a811c74e
- SSDEEP
  
  768:NvjuWGDAWqQlrVFUgTbu1FJSYc6N8YX5w47o77o5k5rdc0cjBe:5uWGrVFUgTbaFHNFNMXoW5Bc0cjB
Score

1^/10
behavioral10 behavioral9
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/SCBaud.w9x
- Size
  
  84KB
- MD5
  
  22c591e694a081c05ea6f0310c7aab77
- SHA1
  
  57e06a3dadca8338e0cee00b69cf8cdbecc81338
- SHA256
  
  342da4f50cfb34b623ca08c1a75b78d7c74a56750f54b8bbf358e2fe5863a584
- SHA512
  
  ded4507fa029f9094fbe4557dd9b74e7de8d3c84d697cc85aa7b24a7a2694505abec556e68f7ecc7f2a403195a8e90246aa4110bf377beffddeb0c0fc343fc68
- SSDEEP
  
  1536:1pfA2MBtpTzTlw9hZ3XVu3Ly4MKj+Bcyzd:7A2MBtpTqhZVu7y4MK6BcQd
Score

1^/10
behavioral11 behavioral12
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/SCTray.exe
- Size
  
  40KB
- MD5
  
  5957fb8e1fd27e4b58e8fbab3f128bb1
- SHA1
  
  ed3e82db780a9a96b2033e077adaf0a3c5625147
- SHA256
  
  02fdf005f854e26c7bad390a068e460a8ced0a0291372f711dc6a60d0a1d23ea
- SHA512
  
  fd24ebaeb69740b77ffc531565509f993c91dd2cd2cdc0b9becad88b5867d0bcb7cea59a8807ac13d2f0a890094eb03b778fd424e2a1bbd24bfd8af834a90576
- SSDEEP
  
  384:OghFJk2pod1aZCduDlDD6LK9V+6dyW1nSi1KAxKhEt:bhFG2ozMV06L8CRxKKt
Score

1^/10
behavioral13 behavioral14
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/Sio9502k.sys
- Size
  
  46KB
- MD5
  
  f6acd9575b5d77673b979bb46ff6a837
- SHA1
  
  af50d06521b852d4749cf3635fed2bfe152778f5
- SHA256
  
  8a5507a651cb580795818bb9a070ec7e6af9b375908c4c717303af7e896d1d17
- SHA512
  
  3a8ee7ce96e320872c093e5287af7b115e519ccb29bae473edb14d2f41597f33a3100af0789125fd5319c41941870890f74c20dd603fc1c8b2f923104b9b4fae
- SSDEEP
  
  768:jxe/A7+bAorSGNCJidT7Dtxs3cwO5l3XHh8Ommrb:d9XwuqFv1lnHhrb
Score

1^/10
behavioral15 behavioral16
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/SioUi2k.dll
- Size
  
  76KB
- MD5
  
  d5bc498aaa82c8ef5710c296d0901fb6
- SHA1
  
  46dc475d02fb99c667d8d9997ecdba515d0254c6
- SHA256
  
  c04fd2cca27037fc238e84eb1ecb3e104bab350f937b721c76ed2e525b617b89
- SHA512
  
  103e8c9df61d9814fbbe4746106723836373bb1a41ef47f58e285037ea73898165effa71d7c411062de58cd62f6867a0a06241ed636ad6808c3ba069367eb24b
- SSDEEP
  
  768:gNigVMJzG9CRDjCwlVfETw5lCwxWxoRpakUFJ+BiB9PFH2Y/phYeJKm6iuOhK:kiN/sTw5kwmo/IThhRKmgO
Score

3^/10
behavioral17 behavioral18
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/SktBt2k.sys
- Size
  
  47KB
- MD5
  
  42a39aa7ed51616e36adb5abddf8349b
- SHA1
  
  700041c65fb3a759c565b4a5028670ef575d8c4c
- SHA256
  
  4f7b7d33afb9b7d6d611e3d5270b527784892b9a2ab52c55ab4e9122dd603424
- SHA512
  
  05f81fa19c53d6cf7a51f13e87a47d75c50a5e7a60d99af3cef999c8fd252e53c616bc1fe721c994406ee6dc19f47374e3196c4819ef4bdf0b6add3cb913bfc7
- SSDEEP
  
  768:35PEAW+zAT+SAfdCKDjp2QAl6zGPkcLer8mYrTl:p8/TCM41ANXrrTl
Score

1^/10
behavioral19 behavioral20
- Target
  
  BlueSoleil 1.6.1.1 official release/CardsDrivers/CFCardSyss/wssbtr1f.sys
- Size
  
  62KB
- MD5
  
  85c3baa151a6118b24d7701ddfc2d1eb
- SHA1
  
  6593d9aefbae65858f4bbda3b42c48ec6d748784
- SHA256
  
  bf38ef38b81c8c1d750acffa80e36f697dce5b4883432c31db7f4a15c79d7c6b
- SHA512
  
  3e123a8fa6f39c0a9b7d788e1849dcf3cd64634df6713d259f488c7ad7c9655491e2e631219228fe461adff9d74cf0156cec8d6bfbbef49265667b05c257280a
- SSDEEP
  
  768:3cq5Tmn5IC1FMUIUyzzpkcORY9/GRFq+OIB1UGn7RoSX:s3n5LzGXk1RKHYzUGn7Ro
Score

1^/10
behavioral21 behavioral22
- Target
  
  BlueSoleil 1.6.1.1 official release/Setup.exe
- Size
  
  165KB
- MD5
  
  502758f09710b5b4223cc3f46d5c3be7
- SHA1
  
  f4abab0c9e5b351920935f8152205768bec5047a
- SHA256
  
  99136e6caaf20a9a62ea061c831c68b2fa781ced4f16819d96442fefe5aa75eb
- SHA512
  
  d484477be06c892e553b737604cf0b0a7095c772618f53bd2927b48011ea0b444711cb4c80c0865faf533971d3955799f8cbde26761e386a39c8a286bba153d5
- SSDEEP
  
  3072:eMssQNxJUJTNw+1vMjRqT5eofEJGt2oCNzQEAGZFlLLqC/NJSw:5QON0RNJB
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  BlueSoleil 1.6.1.1 official release/bluesoleil.chm
- Size
  
  943KB
- MD5
  
  b8105bcb1ce78eb59abe8001b0de8cef
- SHA1
  
  7f35f20b484f27ed4f857c1f704e67f993754482
- SHA256
  
  6aeeac2469f3dac1af2e73996d448fb861739d38ad16dc3a941553fc3e501840
- SHA512
  
  aafe38d8c19d8e25a6bc8e34c3e1327f66185a871671165003001256574f4b9aa5ecc65fc4a93f2e262c2ff7d703e61b3ec8dbbb1a6f35fe0c6c0692825fd411
- SSDEEP
  
  24576:YtOUnK26L8krXv+7Rtq1y0eAs8iJgWfei7NfEiY7N4:YQLL8krX270leH/Gk9eS
Score

1^/10
behavioral25 behavioral26
- Target
  
  BlueSoleil 1.6.1.1 official release/language/0006-Danish/btpcfg.dll
- Size
  
  280KB
- MD5
  
  a44ed4ed014b01750813b61a783e4e8e
- SHA1
  
  718d137ede8b18e0432259f851a72fc50d7543bf
- SHA256
  
  4ebbdc51d337a540a6f11125265785edc4403676d631e8c6095f8b34cd8ec4b5
- SHA512
  
  445831f965964f311b370ed3bd77217fd9fdc64595b27fa4cdc132119951967339dd71b9ed6f5dc738dfd9789f1882b0ccf382ef1841d4489230a102c8c6151f
- SSDEEP
  
  3072:dpP2nqnQuFEFiRYfYGQAwX9c4soSqQ6W9oOBrEhRlaCrwfQbzSG8Lo1wgH7CIvA:dBaqnWFcYQvAwy0HJiQdxHu
Score

1^/10
behavioral27 behavioral28
- Target
  
  BlueSoleil 1.6.1.1 official release/language/0006-Danish/btpres.dll
- Size
  
  2.2MB
- MD5
  
  d7570771ebc8b0939ca66d22c67d8ebf
- SHA1
  
  00b8a3f859ef69e809a40581b13cfbeca40b1dc6
- SHA256
  
  3ef375917cdcafb1621da89f0c39816e8597119dcd334ab3b8a4d8f0e7989689
- SHA512
  
  b9165065c859967b6cbde78cd3fcb9eb9740890adc3f9f445cbf463d4bc949be9cb134227370235458ca4f599a65d8e47ec806b7cdce31506b6aca481e66644f
- SSDEEP
  
  6144:yH0bPcNwi1EdP30Ehw3BJ8ca39ZVuZy82Vo6DadkCTxscyALYz2TJeuYra2Rn3Oe:aEdP3OryZOaZaijm8d1oLYcHm
Score

1^/10
behavioral29 behavioral30
- Target
  
  BlueSoleil 1.6.1.1 official release/language/0007-German/btpcfg.dll
- Size
  
  284KB
- MD5
  
  0fff2c7dcebd6e4f47c2f68a29e88e21
- SHA1
  
  121a77846a460936158981ecf6e3a4643ae3afe8
- SHA256
  
  57060626359b4bf2620a1ab38eb0a8e1032da7688efe6da4c39f237dad8db4e8
- SHA512
  
  0bf0f9192177ae6aeaf87ca4daa08931033cdd91cf7fd44cd933cedfb206e31900f9825d990d299fb5354ffa06685b7d25517e90cd1a2b440826dca7c491fa2f
- SSDEEP
  
  3072:D3YPxrhRdVQYypwAZw+6ZbNk9SMvjtXCxn7HBg4+yhrSfQbzhvORMYpVfhW8llUb:sPxrhHVFypwAZw7Z+vQlGRSEQ+Z
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32