General

  • Target

    Blitzed_-_Free.rar

  • Size

    5.1MB

  • Sample

    230123-p9hs2adc54

  • MD5

    e51d1e0971c2caef3fe51038eec24823

  • SHA1

    35cdfa5f62e5209cd8ab9e348a451f818625fc58

  • SHA256

    4ba34a564c6feeb397ec4d850ff87303af4747cef19cc5ed955692fc0057c118

  • SHA512

    41b2c88a3c9a924a96b4c73a909a98f0f800e3763f4019165a6d61f54185bb617b3d715741a818dd9cc68537bf3f39d9a52b3e1e94627cab7831a5bc8f07f99d

  • SSDEEP

    98304:g3Ue+ivNLftJvszNuP50iinwxJxM3xGEj98EH549AqQ+UeOl9s0lbv:kUSFfQIDiwxJxExGEjvSAqR0J

Malware Config

Targets

    • Target

      Blitzed - Free/APIFOR.DLL

    • Size

      13KB

    • MD5

      91b4d211faddb0ebc64fb000d75d96c1

    • SHA1

      ba496c122f8e562ff0a4fb272a68f0b9e7bf0a3c

    • SHA256

      e47ab6fb21bd8943f63d79387533abac0c2bd98245546df44c4f333d8013c4de

    • SHA512

      3f16b0b4618d446d0e42ed2063c611b4ffa72a5b0ff438df5286a216167881737e65d494aa12186e511690eaca2f51c00889c9eae5ab6392c1edf885e5592919

    • SSDEEP

      192:NVjzYtxJYPX7OdfdnHpZt8kit/2Y3ciPYEC3qHa:NVgbkXK5NHpZikit/NYE4qHa

    Score
    1/10
    • Target

      Blitzed - Free/BlitzedGrabberV14.exe

    • Size

      4.0MB

    • MD5

      820faf3b5907d9acbeae055ab5d63882

    • SHA1

      f3f20cc4fa8e82f968fbfa792dc6c7c02856b3fa

    • SHA256

      a003ede157f01780d40938ecd78ace7848676c3f56a956c331da85c93f737699

    • SHA512

      e6a0e144415636fb64edc3fbb0e62902dee68a5e55dafcf44c016c7628853758b7a84d6e89d17e89633c97ea818a22021640e513dc7f922abfb0da2142e1e727

    • SSDEEP

      98304:T6BybR0T+Srp3YVrsk9N8ivyhAdsPSQxhsnWJLXq0f4ogd:T6RfSVN8iNISOlJzqwU

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

    • Target

      Blitzed - Free/Costura.dll

    • Size

      4KB

    • MD5

      501981c7fc457d59238eb99780efb615

    • SHA1

      f1f25c01f6acf33bdd62c4f82d3ef078e76f0906

    • SHA256

      41bb464ac7c0d192641077e44a59d7d89860c3c620a59961f2fc4a4be47deae3

    • SHA512

      5921d0662add6c8aa075106878cc56335ccbf059d8bc7f359fe9e02a52ec657c3e5df1c718929564c09f205e4bd299b086f3e7424141f5e55ed0d756f65ee1e8

    • SSDEEP

      48:6F+lni2qJfjVRPGwzCo4MhTN0KDdilETrVsH4/QWk1qyFVT2IbG:7g7KedGEiYIWM2

    Score
    1/10
    • Target

      Blitzed - Free/Guna.UI2.dll

    • Size

      1.9MB

    • MD5

      0f07705bd42d86d77dab085c42775244

    • SHA1

      7e4b5c367183f4753a8d610e353c458c3def3888

    • SHA256

      cf9b66e11506fa431849350c0cb58430a71e5ec943d2db9ef1b2e2302f299443

    • SHA512

      851b1a4c470ee7fe07ce5619c16fd391428585926c5b559694a9e445633ea51ec86c74a3bbf3bce39d943c4bf714dad2fd3c4a4d0703be2333541c79a2ee97f0

    • SSDEEP

      24576:m8Yq6KN2liAVp0j4DuJPbTzcH7DlktjfEzgKxGgcKM8Q3xajfgY236RYgPNsP:drCqfE0KctKM8Qv6RYgPY

    Score
    1/10
    • Target

      Blitzed - Free/Sodium.dll

    • Size

      59KB

    • MD5

      fa95d735f88e819edc0cef02d3ee4781

    • SHA1

      9e3c03ee4b0efeedf59edaca15ea304d2ec4cec7

    • SHA256

      bf5b02ac516e9b62086649f43a29287c7872bbdb87512e9d5ec1be681c77a94a

    • SHA512

      554cf8906c7e4bc15653685e70e96995bfdf0803fb30ca196d8bc34f9bfb888a7a1de64e8441415155889893ac7769bb643aa87913f5176c80588b1e3a38348b

    • SSDEEP

      1536:CjCH26g5fMVJXJO466QZmtQLrG3HbK7HIN8xmZ/zuXohMU6i3HFkdEpy:CmH26gr466HtQMbK7HIN8xmZ/zuXohML

    Score
    1/10
    • Target

      Blitzed - Free/System.Diagnostics.DiagnosticSource.dll

    • Size

      34KB

    • MD5

      8d9df432109f1cfdd86723b5f171e3d7

    • SHA1

      85dc92edd4b0049ed9049e075c4def8a3d64e43b

    • SHA256

      d22133818a30313e0becf010d78a556a56b34ea361dbd33588c9817631fed540

    • SHA512

      5c83303934eecfa61c43a071d29c98e5804d37a5dc7f7b035772d6a168b0c5e65dfabef20b46214e65493c4bda44831cafee83615498fbe9e718c884f4650edf

    • SSDEEP

      384:iQobG82oiaPaf/gn5LQ0+0zdQUv2CtyW8fiFISWbW9pWJbWivT1Nq0GftpBjAvnC:nA299fI5dxzL2CC11vimvnEBBNFT

    Score
    1/10
    • Target

      Blitzed - Free/Vestris.ResourceLib.dll

    • Size

      75KB

    • MD5

      6ceb6c2788498c18d43deff634a7cbe4

    • SHA1

      bf13d97c49552fa35b0fc5550f4dd3442cf9fe7a

    • SHA256

      6d4df46db20da580ca269ae94bbecb93ae1162da1c6b4cbc86850185f8ae156c

    • SHA512

      8573376f7a93e116773e0cfc186b6b79c834537e2d2c2c32512f1edf684dc1bb7a71b23be074eabceaabe54025c74e877fd46ffd6fa4806e82cf418b89a2673e

    • SSDEEP

      1536:4SHviIDAqoPf5lYvBE7+IXIKr/3RxOcVVG3vKZYgmC8ITPzw3fowk6drYMOHaJIp:4SHvPDAqoPf5lYvBE7+IXXr/hxOcVVGE

    Score
    1/10
    • Target

      Blitzed - Free/dnlib.dll

    • Size

      1.1MB

    • MD5

      4d0b771879de85137ee7e5f0d4bb4b16

    • SHA1

      fc32cccd0cd5c3ebd968bcdf48e32a7ea25e9bd7

    • SHA256

      962332e8c8cb459fb2f7dacec5d7a618cc53b1b49bc1740156398c89742f43fd

    • SHA512

      bae39862ea07ebc5c9aa07a7333a880471baf4bf52eebedc03536e45584887eecc1075e0c0171229a54900ab93a66db9f666aa631c160912f538666da8c9e980

    • SSDEEP

      24576:0eTHIbE7MJp9VuObrLhR4r9gBLKzcWQSv7fwlwhe:U1JoQJR4rm6k

    Score
    1/10
    • Target

      Blitzed - Free/libsodium-64.dll

    • Size

      397KB

    • MD5

      5416694767519df7a2c7dec09f7c17fc

    • SHA1

      88b7aac0b466571efa649c390c340860d2b15f93

    • SHA256

      0c44cdd6581b94910d7440193b8f5d9804e679afdb814801ab0d7b828c5d41d7

    • SHA512

      0e14f014645382d5d8d4c458b003146137f50de53668bbc1cdef621c5421d0c164cdc41a612b2bc337aceb2c55089de237099358b57c8ea50ea706961f93fd30

    • SSDEEP

      6144:SeN0vm45+XnEKVDYcoYx93ebHWITzPMZV50DErQxqVE:/N0vkEiYWmH9s2DOE

    Score
    1/10
    • Target

      Blitzed - Free/libsodium.dll

    • Size

      477KB

    • MD5

      4f6426e3626d5d46fb19c13043cb84de

    • SHA1

      9dfa32f957c19c843a568b57d555d6d5cbc61579

    • SHA256

      7a960129f6d3f8d44b4c6be27f587c29aa8bafb9c4d3c85bb84a5f5d8fa6e2ba

    • SHA512

      7a83adf2b36973ceb52bfc95591bc91d4ac778a4e11d11723f6d8bf208811b8fa7d072851cfed73407c9413455de717e9a42f8e6bb1a133cb2b1981c66bb5832

    • SSDEEP

      12288:U5PlaOdmbSUHsuijq4BxhK4Y/OfY6QyMDEh:U597q4Q/OfYUMEh

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks