General

  • Target

    FrostyModManager.zip

  • Size

    76.2MB

  • Sample

    230129-r7719abe87

  • MD5

    b935729d976dd5d6fb59034c312dea45

  • SHA1

    a451a9eb47041dae7de5295f0a336512395a7fb7

  • SHA256

    278b4f23c726d1f613d3bfee8ada418a5e9fefec48e2a65bf5897a9d576c19f0

  • SHA512

    c49d3980dcd40205e44e91250b8180addd8b3e4be3fab3104feb14a5e7af3ea71f35c29388058bd2410e8e58ccd4cb02ab932ae623e98924d99cdad33f7b08c7

  • SSDEEP

    1572864:Wlph++TmZpG0ftxn8EKR74cChlKkGbJvipRyjj8nKzwPoJTr:Qh8W0L8jR74Bh4bJvuYEKzwC3

Score
10/10

Malware Config

Targets

    • Target

      FrostyControls.dll

    • Size

      93KB

    • MD5

      54d44bccf6751a510ee28af593d46f38

    • SHA1

      7b880233895c8f88333628a49f23091ca3f90ed7

    • SHA256

      4bbfb2c774e794f81cf36cc098d2f7557a83c53539ced95864e585703b875e52

    • SHA512

      1cfb55383bbcb70fc95a3cafe2141918635366c552ad7496a2969ccf5e08b3a8ac14aee15dcbd95068819135c0c7be95c170fc99f75fb2f36da1337546035b97

    • SSDEEP

      1536:foNHmpEFOu2AnR1JFBAw58dqoMUoMIxA6pcy/:fOo8fMWh6MX

    Score
    1/10
    • Target

      FrostyCore.dll

    • Size

      5.9MB

    • MD5

      3be6ffcf334c31d974441de5af89d976

    • SHA1

      879a384253cf06f17b0b678af6021febb61399b4

    • SHA256

      ad1b508791b8e2be087b00f8546198dc917ffbb696f678fd10661e788abdc886

    • SHA512

      7eb06e4fcf32c8d54f74838898260de0e1bee21fb5284edfd55b8a71f3b073fee32c4af76df418517ef4f08eccd61b2b335ad83137f5684d9059c695344eaabb

    • SSDEEP

      49152:zm+vb0L77N4j6rQ5Tw5IFSH3Yd5Tso2VBZzbrDHg4D9hkV/7NQzBbaQ3Jd5QqXF:zmYb

    Score
    1/10
    • Target

      FrostyHash.dll

    • Size

      112KB

    • MD5

      a346a19c61b56365cae1908ba999f829

    • SHA1

      a976cfc98ce01fcd8962fd7295f0b1024e857e42

    • SHA256

      57870a81fdd7454d906dbd781c74c697bb728430e262307494d5ae3ff8343a2b

    • SHA512

      f991a552a2c9f7104cfef817a1381e6649457a851edcea5227c98edf7d11a12799bd3873a5bc5e6b520fa8cf7df85360cdaf9a3045ad462bc935697efd8623b8

    • SSDEEP

      768:52sWkDDFa8XESTzu2C34+/cdxrXV8XE7qDXxctYltjBlyQFsYjgaYK:52stDDFJXESfcXqXtmDXxcKzUY

    Score
    1/10
    • Target

      FrostyModManager.exe

    • Size

      506KB

    • MD5

      ddfaa96f9107eebd8c7c4bb70e176260

    • SHA1

      5d52b3763a3db9647ff45d6b78f8caea250f0f44

    • SHA256

      3e1babb9f7bdf4f2603925d1d72045289d18787dd4fd54bd8ca14eea7dbeacb3

    • SHA512

      befacf1c20677e5471c3c938f43c76bfcadff016baa24f5b1391dab6b845692603712cc38884a10e0c73fb18e53eba4a9e3648c19c57081dce7643619bcbd58d

    • SSDEEP

      3072:cK/Enmv14hwXJ4+apOV1HanACMdS2YUFsviH8zQa/fgrf637/fYiCus2r:1/VvSOZ6nwXYUsaH8z3/Irf637/Qb2

    Score
    1/10
    • Target

      FrostyModSupport.dll

    • Size

      105KB

    • MD5

      eb6324c60e16d1ea0ef0a99678cb7066

    • SHA1

      f6004c0e9b1a2455d453eb145493259f4fbada7f

    • SHA256

      89df600676b20710fd42dffa950d91a81fa9312bfadd0b489c36cb3ce8b60a8a

    • SHA512

      e0b89b0246ff92ec257dd1681f2244baa510e847683cc37d41c2b67034c17081080057618ba58287d7e0a576accf5e08d6f2626c4b020330b6ab86bcb89921ae

    • SSDEEP

      1536:8AxMFgFinESlZRkaXvowyKp8Nf+5mCBY+v0KZIpY3usnl9Q:8AkkaXv1yK2NkYY0KZP3usLQ

    Score
    1/10
    • Target

      FrostySdk.dll

    • Size

      2.6MB

    • MD5

      91fc717ea72f06a3578d36016f195aa4

    • SHA1

      d42036397e48dbfb88ca033d0f5d7bb81fb3d8a2

    • SHA256

      d34261b69fee5775f199d5040a63fe5c5cab399df89f13ca35dd38d625ae0843

    • SHA512

      a779f573d4b794c6fc66a0610a1148a1f0e4ca9f2d2657fe19f94145351ba6bd9310e941cf2ea35d154183a6fa8384a9f34878a38e33b3d922e72e9559d883e7

    • SSDEEP

      49152:U3oJosmwkxQ1fqDs/n31tP1xh4jw8fOAXUR0EoEB8/mZKlytcUiKbOoBZyXmv:UQZJ1fqDmXhV4IeEBCtlyvpbhZP

    Score
    1/10
    • Target

      Plugins/FsLocalizationPlugin.dll

    • Size

      35KB

    • MD5

      776b04f82fb3473e866c1b5681fe3072

    • SHA1

      c179b733a1300d9a4f7d1971648ecc7067664c6c

    • SHA256

      46de449f02db6d54a563b7964c7f3bf4a13ea7df805bc9d14eac1eb72df85eac

    • SHA512

      1203799957e1c13abc2774c6ec04107edb96d72573407d97e9ff4bdbe6f9eae95ddcb0c5e0117cf546c67ee0488c945e5985940b904e189953745201ba5a6907

    • SSDEEP

      768:OVROUsQZb8lAgkKg6p/yzS7/qja3cz1FvcWMm+:O3zwyKd3izu

    Score
    1/10
    • Target

      Plugins/LaunchPlatformPlugin.dll

    • Size

      13KB

    • MD5

      f9cb0e33a42f0cca043550ff7975b9e2

    • SHA1

      ce158ddd9419cbfa6482dbf97bc35d0fd20c956e

    • SHA256

      c62474a2b722a7b31b9a62743db33d3aed9746e8dce30dc9e3aa83fcad44c9a4

    • SHA512

      99e7820a7bc5c0c3697cf7401461bfe107f65335da0d7e1f32ed7cf1debabf9f79632d7067e2ff275f1a4f7b6b4e1fa7c18948fab77482b67644cad2e7c6f2a1

    • SSDEEP

      192:KyBVhQFFYM/arAHIB16Cr9VyBXpCSeYE75jJMN+4Kf6IHggU:KeVrSCr94BleYIc8xf6IHg/

    Score
    1/10
    • Target

      Plugins/MeshSetPlugin.dll

    • Size

      245KB

    • MD5

      a7921c2d8f74e8c09aa4607b20044f27

    • SHA1

      449abdcc05849133a6f6eb5f9549bd2d8fabab68

    • SHA256

      47c7fb446df4c6abdbfb5a1ac871b4aad70977d5bb2b186eeda18f4934723c65

    • SHA512

      27e1a1b2db297b8e7e7baddc5acff06fb5515c84ee206cda0b99a1abd4ebbcfc7ac9c67ad28dea51456f7b6adbb8bd794e3d6d785aa8fbfcd29de608d6668869

    • SSDEEP

      6144:QhpoZ7XaoaJPtFfyIN63bCGTdsbvg9ceriLPEbOqrvob:YMu2C8dsbvg9KPEn

    Score
    1/10
    • Target

      Plugins/Swbf2MergerPlugin.dll

    • Size

      82KB

    • MD5

      0a21868b1f61d4832f007b1a7cfbc20e

    • SHA1

      7ad569aaee11b6aa1d06cfa83c753204967d050b

    • SHA256

      a935dc3b99576c0a70c69eefd8888065440982513dd09e439ca53fc14bd0b078

    • SHA512

      bcc7d11ed9f4d704f08574eff797722b2a76846db7c643a65131975c845ae0292e4c1d6ee8ac271ecbd43ead0d25294d57d4effae1a0cc012f97340dd22a9d7a

    • SSDEEP

      1536:64sqPeIV4fIdjMUDQJ/JMimXPYycfUo1sr/KRcf:64sqm7fIdjMRrDf71sw8

    Score
    1/10
    • Target

      Prereqs/NET Framework 4.7.2.exe

    • Size

      1.4MB

    • MD5

      c84209349f18afe5a41ce04e9ae8f487

    • SHA1

      cedbbf404b166a5e72d035760bcb0fa508e4f4cb

    • SHA256

      4e49c56e4cf9df2e837a8a3010f5a8b4deb096429d56e7fd9ff70ab394663678

    • SHA512

      37006954e3afe07fb02d24894cc34794618b78c27a1b514818985b6cc1fa3e896ed99ba2e4aac3f6469d263819bd94ee70e7113946c51ba83c93b74826fc8fa8

    • SSDEEP

      24576:NGHL3siy9hlzSmtLvUDSRbm4Jah1rVxXmBz5px02ZJX7KnIOXL6LKoAoY4U0GXFy:yL3s7PmeTUDBzrVxofxTZJXOIO76LK/y

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      Prereqs/Visual C++ Redistributable for Visual Studio 2015.exe

    • Size

      13.9MB

    • MD5

      27b141aacc2777a82bb3fa9f6e5e5c1c

    • SHA1

      3155cb0f146b927fcc30647c1a904cd162548c8c

    • SHA256

      5eea714e1f22f1875c1cb7b1738b0c0b1f02aec5ecb95f0fdb1c5171c6cd93a3

    • SHA512

      7789eabb6dd4a159bb899d2e6d6df70addb3df239bda6f9ead8c1d2a2ac2062fce3a495814b48a3c2bec12f13800ad0703e2c61c35158b0912011b914f098011

    • SSDEEP

      393216:xTPq5dCsKSR65cX7Eyd/qnejOX3L8T8KYfU3j:VP5iw56oyleejcL8T8fc3

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Prereqs/Visual C++ Redistributable for Visual Studio 2017.exe

    • Size

      14.6MB

    • MD5

      0af5748a2e790472af28e64105760eb7

    • SHA1

      7ecf5797bc24eded2454aae6f3ca95c4f6eab807

    • SHA256

      b192e143d55257a0a2f76be42e44ff8ee14014f3b1b196c6e59829b6b3ec453c

    • SHA512

      9c3f6195477f836cdc948cfdb52f8e14b9b7ff9b59d036f6fe281d01d1cfcff53a7bed1c861f8e142a0060c5b8ee14d6df647f3de2181ac309da2863a21b92ce

    • SSDEEP

      393216:lLlptVYmfr7yBG/4VgXR7hg7omRRjMW8Y6PJUA+bTqfQ89:lxpttD7yBG/zRKoOjvSUA+vqY89

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Profiles/AnthemSDK.dll

    • Size

      11.6MB

    • MD5

      9c009ff799df68e027ad91e02ed0b3da

    • SHA1

      c6e1ba7f1c60b5e79671245b50275d941179f21f

    • SHA256

      69655c34d8112b6e5951bf7f108a42b84ec4dd39d3889435fe3ade7a38ebdf9c

    • SHA512

      4be1af14d9e24b5c086662a0a85813020e607f5ea476aec6572dbc4df6277d438e2f3bd73123cc2c2f88896b355972586b9420b31ef878293ce6350a6d7e3047

    • SSDEEP

      98304:MW6Awh/bYCKxVKC/NBcw0rSC/Ns2B7PxQpAbtBcrlC:K+KC/NBcw0/s48rl

    Score
    1/10
    • Target

      Profiles/BF1SDK.dll

    • Size

      5.0MB

    • MD5

      865199fd0f2341285d23e09d8add5c8d

    • SHA1

      538328ab90487922d06be80ae12aa8f9844207b0

    • SHA256

      e14254dd1a8e39aba9c4ae1022fd5a5ec817370daf57249daac5bb818f025f1a

    • SHA512

      5bf67c34e7ef9d4930a65c68835d39ea4713be78a4fe7315069adc1cd9e13fd7fa08269314e2e43535099ec653d2a92d0acbbbe180b2cf6e30fcaac5f2d22273

    • SSDEEP

      49152:dGk/IOeK5gBr5evQ8hbVJSr4SQzKlfFTB+Im0SLAYrTf1Bzail6kA5Pjh:QcPRvThbVJS0SQzE9TB+a

    Score
    1/10
    • Target

      Profiles/BF4SDK.dll

    • Size

      3.4MB

    • MD5

      250fa39af332975d5059fdcc84bce13e

    • SHA1

      fbc42e8845130a3d7dd4fd93d27cf99a9158fe91

    • SHA256

      14614487e8724c3d6cfc1aa97fc904a374eb23c5a8d282b532d1da0ad6916341

    • SHA512

      b720d4561b7cc091312230b115395fe8ab0487fce1d8b70d443ef1d1116ba2bd593299c941306a9ec863855a83edd7c354a51e566e09f90f5a0d0c7cf4a9aa5e

    • SSDEEP

      49152:Y6fkXBAWtNdTOX7wuoCvoplGHxsArlj+2RRv1An4CaW+j:8tKpv

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

3
T1012

System Information Discovery

1
T1082

Tasks

static1

coreentity
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
8/10

behavioral22

Score
8/10

behavioral23

discovery
Score
7/10

behavioral24

discovery
Score
7/10

behavioral25

discovery
Score
7/10

behavioral26

discovery
Score
7/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10