4daaba19d412cdf3838a0c373cdc9b7cfc26423723307482e4b0f946909c726e

Sharing

Copy URL

Twitter E-mail

General

Target

b5902737cff8946ebc43771a47eca5237b2c6cdc
Size

17.4MB
Sample

230116-px3mnsfb42
MD5

7b1c74e08d42757792cb935800da1e75
SHA1

b5902737cff8946ebc43771a47eca5237b2c6cdc
SHA256

4daaba19d412cdf3838a0c373cdc9b7cfc26423723307482e4b0f946909c726e
SHA512

821978f8ae4f5397813adde7a52f8e9a1791e78b7d33a6825e4e6576ae3d0ffd3fdfac8f05bfbc0d0c84813991097e7c2a15f98c7e4b8eee19696466440eac4b
SSDEEP

393216:xsCdwI+MshEZaynVkpk/7Q8BpuiiJKhMFUV28tP33+NM4:AASICshMFE28tvuNM4

Score

7^/10

Malware Config

Targets

- Target
  
  OBS/Configuration/About/UserDeviceRegistration.Ngc.dll
- Size
  
  248KB
- MD5
  
  dca6f4440e5ec8a619eae7cff004d3bd
- SHA1
  
  e20ca06144e249ac3ceaa5e973e30800f83f5866
- SHA256
  
  0002c82c3c7f54fd6c1ae77ecd1e49fd4695e79b3bffb687aa55b5b79b5f903a
- SHA512
  
  2930638c3b6bae7a59972963cb24836ecb7e6529110738791787ebe060648181e68e98a70d54fb738a9937bf9a947742093917b8bbfab0a314d9097a0d8bb5ef
- SSDEEP
  
  6144:kpUkcY8/eXar95fRYL1PIC+k6crKnsGfL51YnFA2OJ4sKoj:kmz/3BBR41QPyrKjfL516snj
Score

1^/10
behavioral1 behavioral2
- Target
  
  OBS/Configuration/About/UserLanguageProfileCallback.dll
- Size
  
  59KB
- MD5
  
  2ef1eff30a933f22c58c3a292e8e7d92
- SHA1
  
  d2aa9b8a3e1fc694b784ad765cdb34e99440b043
- SHA256
  
  57397bb0a9f4b6f55c141b0e9f7cc360cd0d69c4b1e48e683150d04c98acefdb
- SHA512
  
  80cc9cce61f3278d28ddbff287d23bf103343e5ece361f4d76ba9bcc4b5144e6679f67a9bbefe3616cf5b6e6efb4e0df2bb6dc3dd664131a7afb5ed328cb85ca
- SSDEEP
  
  1536:aygogGW9CXqIxU7rWwG4NB268BHLO+zpktrwHpATBJ:KnRBlrWwG4NB26EC+zpkRwJe
Score

1^/10
behavioral3 behavioral4
- Target
  
  OBS/Configuration/About/UserMgrProxy.dll
- Size
  
  275KB
- MD5
  
  f22ecae2e79eeb94c51a16ab42d3525f
- SHA1
  
  57451745ae71e2fa290924d5105dfb7394b65944
- SHA256
  
  bb259c649d501159d9b40558ef5d2c6bc0d8211c1ba4dbb9c94a28f8d5f58259
- SHA512
  
  a619f8ae06099f7b924175fb050beeff2d099e0f7b1161ac5723b874b5381825d2767f72a588ae211cfbaa1d676b81e3172572a70fed09b42e74e3ba992cd296
- SSDEEP
  
  3072:BPav24GoaUgMck/d1LtmglPMBhADp7l9iyc3Jl4XmBn+R3pQVZE66M4ogYNVU:BPabGoajMck/d1LFiBhhYpQVZDT3
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral5 behavioral6
- Target
  
  OBS/Configuration/About/cs-CZ/WWAHost.exe.mui
- Size
  
  21KB
- MD5
  
  ac29d148d51f0ee691d470da3101a0db
- SHA1
  
  cbf27ce221f7555484690b5e35d9c681ac234877
- SHA256
  
  8a5dfc78afa6ca069847372931c496749cf67a0237af0c3a652fb1cbea03b5e4
- SHA512
  
  52ffa95f9ed1a8cb21ead52cd231cc4e0e0fb4290993afcd5dfedbfd7befe908c7ce1af6b60c90b562afcf766dc9e918a779b6154dcf67325e591d8337680166
- SSDEEP
  
  384:ii+fXuHfk62uqbW11MQQp291upxoD7zS+UShOn59oIfkZpbI5QibOdNm6JWxf:iiEs1VQYzUSGcgf
Score

1^/10
behavioral7 behavioral8
- Target
  
  OBS/Configuration/About/cs-CZ/cdosys.dll.mui
- Size
  
  47KB
- MD5
  
  245f1af6417a3ff71e10d02d45cf7601
- SHA1
  
  3ed49143295810e443e06106d373564a79030b74
- SHA256
  
  dfce25a3f3c723d068ec019fcf1ec764ff916f562b77cee61214afe3c94e3d10
- SHA512
  
  bd9df721a678ec62d0de39950d71e6268389b9b9957365d771ba416baf93ae8638e2537fe0ac14828ef01d500415a1017740bcb967640ba6d76a904876b47f6b
- SSDEEP
  
  768:R4aJ6iDjyUcEsx7fNXjTV8PszW7yYsznPy3IhWSzjfQNjeUBe8BVYhIAAInmVLHj:R5J6ivyUcEsx7fNXjTV8PszW7yYsznPg
Score

1^/10
behavioral10 behavioral9
- Target
  
  OBS/Configuration/About/cs-CZ/comctl32.dll.mui
- Size
  
  6KB
- MD5
  
  264ad7f703050808a3980af85a406724
- SHA1
  
  e22c19a360cd32df0a3e264d246b02f09ac936c5
- SHA256
  
  9a946ab3ed71b6c50184018a8779027f8aa8e892a5cb4a795e4674ecfc2c7b2b
- SHA512
  
  8e85d18f64961cb13813fd02f014c4e722d12eafb8229f46b3f7b7814b94b841d035a247f58a89363a6b1ca7802a34a99b18aa268f79b0cfa4797126b7ec9de9
- SSDEEP
  
  48:yt/gzOeu+sfGogiAE+fdncS9psp2o0phusS6QSGNMtfs68mmoG4LZWsu1AOJwbxK:A/PzAEyaS9pspULz2eSB4NWBA0Px
Score

1^/10
behavioral11 behavioral12
- Target
  
  OBS/Configuration/About/cs-CZ/comdlg32.dll.mui
- Size
  
  57KB
- MD5
  
  9883c6cceab64e9d2758c2482de3dd27
- SHA1
  
  c42e6e7f0a145b9cc068beadb81e3d6878d45dcf
- SHA256
  
  96da9c37c5f43e54ed9507d42f8edcdea9615decdb5f2557e87c5b7c4a5c859c
- SHA512
  
  0514fbe2fe02396734c2282295d498d01990814eee5d86c8c9fbc01b4fbf4d07e9a7055d2c5049aeae70912b5c09123f76f1eaeaf29d92338e4b99540d19ba14
- SSDEEP
  
  384:wYBQKh/Lj/PJ5sa/WSeKQ4vUbXLiI9gRFQaz3OvxCCkT3Cj6CmCMThtTmCtt6vlg:wYfZ/PJ5G4vPR27jfL+tt4AbsdsfDNx
Score

1^/10
behavioral13 behavioral14
- Target
  
  OBS/Configuration/About/cs-CZ/fms.dll.mui
- Size
  
  14KB
- MD5
  
  6c9ef9be12d3dff8516a977039d38f42
- SHA1
  
  350c29c78f13f112448f00a0773a4357d20da632
- SHA256
  
  d900b2ee80feec5175d004a3426deebdc66fedb352006f673d257f23521c6636
- SHA512
  
  f8e7f5f8e0855d43b090d959d3c558d2a5e316cf883033bb81ec8ed7738be2368ae5d38bc56a9045373ab7072d840bf417eff2274eab3a662a5da721021ef482
- SSDEEP
  
  384:mrJ9xN7zIy001KnWj9ztiGikifwxMpV+gWKK:8xyK
Score

1^/10
behavioral15 behavioral16
- Target
  
  OBS/Configuration/About/cs-CZ/mlang.dll.mui
- Size
  
  18KB
- MD5
  
  2bb79c98a1aa4279759cdeee4429af15
- SHA1
  
  e66dfadcfdcd64c9c4c1669c7f39986154f08336
- SHA256
  
  a543df3c26cb619ab2eba72f7ba52a1168743517481ef14708e16be30686b411
- SHA512
  
  77e71d30b53a59d007d3d96b910e0c63d4f9ec644027399789261253aad789bfb0f7446e4b5f36c137a1bbcec65ad6d5477b89df023ff3f64b0a323b0c731a67
- SSDEEP
  
  384:shPjqMeu1ExXKhGadEG62SNAMpL3O9uC321WnZ:gLquWKhQd4Z
Score

1^/10
behavioral17 behavioral18
- Target
  
  OBS/Configuration/About/cs-CZ/msimsg.dll.mui
- Size
  
  83KB
- MD5
  
  ae808047c18271d26328f3dd9c3f3164
- SHA1
  
  caf78c53aa4472a7bef7852addad66e60d318f4c
- SHA256
  
  1eb044d8695e01f56823fba5b7dbe82adf5ca74aeacc2e0b3678f4bcb0294fab
- SHA512
  
  02fc74cb509014e83dc6759199d085bb3f53c92656429b0fcd3209a093f8e1b3e64de5540a6ad1f53a434c88faf871d521ee4b1c44a23cdbd2d0c663567444a7
- SSDEEP
  
  768:VQgRiKgSRi5ZOB7dnOO6j/8e0edPrX/w51i4TJH:dRiKgSRiPOBhOjjEe0eAH
Score

1^/10
behavioral19 behavioral20
- Target
  
  OBS/Configuration/About/cs-CZ/msprivs.dll.mui
- Size
  
  5KB
- MD5
  
  7d4f6c3cdf91c4d7ee0b77d7397ef399
- SHA1
  
  3aafc4a4730328724e33599ed5922a2aaec4ff47
- SHA256
  
  6d01c46a5e7e5f4334c8caaa7b105b9b349831443f25b20cfb569f6531e50eb2
- SHA512
  
  beb6c6d6dff9b1679c482807b75028f9ea798f51b3a75b2b3d8cf77db8ca4f9152158ee8321c1cfe29e722cb2eddfe4b9045b49dde3ba4c245f3582985e222ae
- SSDEEP
  
  96:UgEME7BVd1zWWmVeeu6EPvj+xt+kNZnjo/nKU5suve4NWPw/8:UxMgVOWmAao+xBNlo/JeqWPw/8
Score

1^/10
behavioral21 behavioral22
- Target
  
  OBS/Configuration/About/cs-CZ/windows.ui.xaml.dll.mui
- Size
  
  16KB
- MD5
  
  60d121f438f6e39a1b4a730305732aa6
- SHA1
  
  fce026e06ce0f9a1c370d9cfb6c97c65974b453a
- SHA256
  
  2a9f8ab072e55791920c37b9fcd8a9bcffe85a0f1920c5d956fda4403650efa8
- SHA512
  
  0cc3016c3261b242111f7bc5c2ab806c429938cd8acd4a22fdf9e2842dac6de3ba262f00a6b76b2328061f62afb36b93fc90f4531ab4c444a17dc6f4db5927f4
- SSDEEP
  
  192:rwFmH0txornhVvB+utxmORGcfI8lNVbizcXV+4ZBRywt2kgp5P6E+Xe69wXW13b:imux4nvB+utxmuhfIw0cF+4jlHuMUW1L
Score

1^/10
behavioral23 behavioral24
- Target
  
  OBS/Configuration/About/cs-CZ/xpsfilt.dll.mui
- Size
  
  2KB
- MD5
  
  1a8e367051f29e528d142ff4825411b3
- SHA1
  
  d617b3e1e70ea163faa4aa7fd4857cb826440407
- SHA256
  
  f41c05ef0f7b0b64782211bf97e296967d32524b8c7a9d57250c50b766e530db
- SHA512
  
  caaccae934a295434c664533b2999f8a7ff37592f7cd28574b031af44e1001baf168fb079c10edab924e405b0b12243351ca50445dc7c83ebc74cadd7eaa629d
Score

1^/10
behavioral25 behavioral26
- Target
  
  OBS/Configuration/About/cs-CZ/xpsrchvw.exe.mui
- Size
  
  85KB
- MD5
  
  c82b3269ff1c820ea42ecaca0d64d9d3
- SHA1
  
  62b133c00dbdbc5a44b2eade2581c12733a08c2c
- SHA256
  
  3e2ceba1c4375e1acb81452201e8157d85f5f54c95905041f66162eb2ea7a521
- SHA512
  
  121a746968ade5cd88588ed780329cd9726c174a1097452161efd13d420839866cb783b5b0257a195935bcd1bfcd5ca74367c20d86b47cb02e412bdec9ff7e15
- SSDEEP
  
  1536:05loJUQI+r5iAI8QdDpdHf0cdF57KIQ7B8j520ags5VyB9:05loJUQI+rov8QdDpdHnd7+y9
Score

1^/10
behavioral27 behavioral28
- Target
  
  OBS/Configuration/About/da-DK/WWAHost.exe.mui
- Size
  
  20KB
- MD5
  
  daf094a75e2a69f02bd7b1763654932c
- SHA1
  
  03e789ff7c1d16c060e1a578b7060790e984063e
- SHA256
  
  bafeceec460bf582db34e081b10eb9bb6d72bb4ab8f21b0b3308abd685da3660
- SHA512
  
  21ad4093b55d1ad76c68e86f8b90f38320eb2aa7076ef3a157997c0b505a2d0857f5fd737b513eb2a906ebab1a4ca89e87ebdba22ed826e4f1917aec4ffec940
- SSDEEP
  
  192:LZKApzPQ/n+GjY+1WGMMJ++GXYhn4+eeDGryI8SWt2gDcVW5+AWSUNwJWQ:9KOE/tsMVnfg8SWpDcVWYAWSUNwJWQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  OBS/Configuration/About/da-DK/cdosys.dll.mui
- Size
  
  47KB
- MD5
  
  d0720d39f722d65069e796556f4ef0cf
- SHA1
  
  95db150585855c48c6def31f4973a8df1f31bad4
- SHA256
  
  5b825dd0b710fa99703e741bff6528fba8a85a5df5a0399ec5d0bef3b4785b0f
- SHA512
  
  6c02f490c71338d369185fc828606f31fe5346b7fc80b8e58f59aedac2cb30cb80e1d151375e6c0c477ecdd9d8b8fe263363774ff18ba371f38481f0500cf53b
- SSDEEP
  
  768:0ss3J6iDjyUcEsx7fNXjTV8PszW7yYsznPy3IhWSzjfWFVUe8BVYhIAAInmVLHPH:FkJ6ivyUcEsx7fNXjTV8PszW7yYsznPN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Unexpected DNS network traffic destination

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32