cdc0c1516e434c1d0c560dc147e0e7ce162d6be256a2a2b75dacc12ca8e65e9a

Sharing

Copy URL Twitter E-mail

General

Target

lNSТALL---SOFТWАRE---FREE(bys3lfw4r3.net).zip
Size

9.6MB
Sample

230212-yq1zyaff2v
MD5

0ad3cd2bfcea493620676f7a517f80c1
SHA1

017b235169911bdfa360c3139fc7f1bf75989250
SHA256

cdc0c1516e434c1d0c560dc147e0e7ce162d6be256a2a2b75dacc12ca8e65e9a
SHA512

f90d2f99971ee96f8b1d194d2d225ea9ffbc76562c5ebfea754c792f1c0bc726e2660fff89979c89867495ced0d608af3af2e78dd8305c9aee8f04eed43fc7d5
SSDEEP

196608:6Xp30sEfyYsEs0Xg38f/wx2ieaRjNKc6pwkewxPYFa1Bg:030dydEsx38HwxRRjQwkeIPYong

Score

7^/10

Malware Config

Targets

- Target
  
  SaveDatabase/en/mig/MSVidCtl.dll
- Size
  
  3.3MB
- MD5
  
  6a93c400f7d5bcf8799c0506531f7d12
- SHA1
  
  f8ecd93adfc87ae76970656bd15af3a960a83428
- SHA256
  
  6679297f7e7f17ef37f48fa25f070d78e76324d167aa8b961d85327321e58754
- SHA512
  
  209476a382bce5b53762b52c5b9f3f1bcb0d1f3b3763d1c8aa3ed6c1af838d4b442ffd7a40eb851a6c36a462031ee5fda5617dae5348426f7de3ef73b2aaec6d
- SSDEEP
  
  49152:GRVfgoQrkv0BzBQLW6Ki8gT3lZhrnxySgnpO91MmIusURfvxmtdl:GRVfgoQrkv0BVi8gT3r9xyS1jzfvx
Score

1^/10
behavioral1 behavioral2
- Target
  
  SaveDatabase/en/mig/MapRouter.dll
- Size
  
  3.0MB
- MD5
  
  ed462036b7ec9d6d9d668f0f51443319
- SHA1
  
  1a0bc32ca9dd5b1451355e7733aecb330ece7a58
- SHA256
  
  81f1badd9345f296ae34809bc745ca4dfcde1def0dfd317076d5340981b5fb94
- SHA512
  
  b5f9efcab8686c439880af06d5b0d59da77b7f1fba72bdd97b5645b6bd0761ec069bbaf0d581837c939b7ce5765728210130d6c91c511be61b94267352f5c589
- SSDEEP
  
  49152:ZsffgkQDokXgBtPrrI8+yna8hSWvy9N4m7Zgygb22Bdxs63mkdV2z4ju7GKARnPM:VtwWzJ2BHtvn6Z
Score

3^/10
behavioral3 behavioral4
- Target
  
  SaveDatabase/en/mig/migstore.dll
- Size
  
  1.2MB
- MD5
  
  6edfa6fee4f91d989f0c95add39013f4
- SHA1
  
  c7e06bc42d0b9bb318aa604c7f8d009be3c4718a
- SHA256
  
  acb06cf520fa85c3929645c88d99ceb454bad6a9cb9642097b4b9b8a3504d4bf
- SHA512
  
  d6ff5655e9d434ea881072452a22d9441a3214d6ad08c16d5abc124ff569b0fb6b7deae0ffa8834486decec2247c92950d4d6baacf72ca87d45dda25ea6eb120
- SSDEEP
  
  12288:AEQz64gymq0bj97S1JzTtYZF1oj9JOx3CxGlEEbxdpU+:AEQO4gymq0bj97S1VGF1oBJORCxONo+
Score

1^/10
behavioral5 behavioral6
- Target
  
  SaveDatabase/en/mig/winsetup.dll
- Size
  
  3.5MB
- MD5
  
  b6a2e94c56a141b004e400358e72ce79
- SHA1
  
  fe3a749812c0014d7810b4bc5e2f849384cd9e31
- SHA256
  
  2b40132fa4e1c3de5e70d57935e2c99de437f69ae934a70243dae9a0ce3ca6c2
- SHA512
  
  a31dce366e5d1a53821ea4db01d3f7b1924be9bf5c8e0ab74aadf48c1b6f85d4c7656eecfc0bc9cce915b765589b4bb9c324dce21ae5eae1f4f8774bb6b282a3
- SSDEEP
  
  49152:NHSWbyqeCs3pbW5O/hPMiyYbR6BjG0eFHt6Hfp9pt8/s2tyml418:I/6dYbR6e69ncymz
Score

1^/10
behavioral7 behavioral8
- Target
  
  SaveDatabase/en/oope/MBR2GPT.EXE
- Size
  
  1.1MB
- MD5
  
  4bfd587c99fe34eea0e74622c798b3be
- SHA1
  
  39309fc62dadffb36a6ee75de6194121be206728
- SHA256
  
  5a54bb94f6756deafc0bf25c9eca4e9dea00ddc3af293479bc7c3380f1be30ea
- SHA512
  
  f5ea0477c1c1683fc8c9f5fa7d5071ffc276f4cbf5f9b78dd9529cc20ca0905a60a123cd82bf5ac26f1b83ba0c732c5d9ca8b336275d799a8518179cb0c5adc3
- SSDEEP
  
  24576:h6kHNg53pIE1OJmPJQ3IKxw9EdE+1Hii1:h6UGpAmcIJIZio
Score

1^/10
behavioral10 behavioral9
- Target
  
  SaveDatabase/en/oope/W32UIImg.dll
- Size
  
  2.8MB
- MD5
  
  f3997597c98028d1f72e431fe86bf86b
- SHA1
  
  061207c2ea0b449a4fb73e15e43d49c37c22d802
- SHA256
  
  3ab6dba6eaa7f19e4e0ea4b07aed1e3ae9662a091648bfbf66f7fba0f436c321
- SHA512
  
  2392a281c5ad546cf0acf4e94c5d8e535de4f34063fb9e47867297ec5f3297e5c551e1d764b3dd1357756cc6c5263acd26fa86968b903f67ad2dfb03b93ffb89
- SSDEEP
  
  12288:quSqSvMTuSqSvM6agvGokAAQ4UPTyiJVI:quSqtTuSqtT0RK
Score

1^/10
behavioral11 behavioral12
- Target
  
  SaveDatabase/en/oope/W32UIRes.dll
- Size
  
  208KB
- MD5
  
  2819767cd9b7f93238144c4b3abb97d4
- SHA1
  
  2a303acc5ff85a58d2aa1d1b7fdc2077e430b331
- SHA256
  
  36fa6e3c584a9d03d6063c10c218c2090498a6885de8e3d023867cb849129550
- SHA512
  
  6df3e8b07ae730f24217aeaba03ce97858aab4142bbda6025353d9ffaea2615ab4531143c61c6b2cd68ae19f71156efd0d5fe24e036b498cacffa52609c91f1d
- SSDEEP
  
  1536:FkzzzOMdAV8yEyePaauLXLbfm2Xp0jcM2qKMtzgeO971OuvQwyV/PcBpz+:6zzzOMSLnKuwUePuvQwaUra
Score

1^/10
behavioral13 behavioral14
- Target
  
  SaveDatabase/en/oope/mispace.dll
- Size
  
  3.0MB
- MD5
  
  266194e2736b2a7c190bc5da47ec9a7a
- SHA1
  
  d48f34acff6173fd061ca8e79b1f008e900bda94
- SHA256
  
  efd677146e0cf80583dcd466e2ecf1c8c3ed58d0a502a4f306a6d414ac80e2e4
- SHA512
  
  7a90f1eab18a87d5211d96caaafa9fa7930d70e23cee3dde1b569166dce86b1aa62ad755fd79205ac4270c8af2e1b834a639ef95187fe860574873959d97a7f5
- SSDEEP
  
  24576:AC/2Yq4Ggm7t08aRsxBX5OJwma0UjrYAaCDmNz8W0uUEfTBH4LodcadX7e:ACukGjYaTrc8mexUfTBH4L8Xy
Score

1^/10
behavioral15 behavioral16
- Target
  
  SaveDatabase/en/oope/msftedit.dll
- Size
  
  3.2MB
- MD5
  
  ad8d5b57063dda8523c2f653fc8e93e9
- SHA1
  
  0d59f82d22d0f483f4553681a89e0f5bb533f944
- SHA256
  
  b458aecce93656141538b2aab988e382ce8d6b376a42b05313b701874a4c2e55
- SHA512
  
  417dabf27b5761692011ada6a5c87e13953d58e2045c985a9a45825be2cae5fff9246e2b0708875a4777cecf75c2628e9dd56616466e15b1fd0153dc39af78b6
- SSDEEP
  
  49152:Sl6/Qm3K8bGgu0K3IBnlOq3lrUCBmLUI4oPSfvKqXPeh3ZNwEsoYb9wX5zonj16T:TzS+lBU4oP0Ze4+
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral17 behavioral18
- Target
  
  SaveDatabase/en/oope/msoobeplugins.dll
- Size
  
  1.1MB
- MD5
  
  b165f259cf4d1d25bbdffa1cc676dfb6
- SHA1
  
  4277abb99956e8ea1517f68cbed19292240a93b2
- SHA256
  
  d19748fa57ab5f4692fb6e19a189caf72be3754227acfde7d6cc9e3712480465
- SHA512
  
  fad6a857f2a96f387f412713268eff2cd2338c5bfbd98a75a237d7e93def9d3225f7bed2abcb2b84bd9aef626a9d4d6bb1eb22eb2d1fcd5ce9bef9fffe452ac4
- SSDEEP
  
  12288:REadEKSpoTMRwvzgi5e7oxEu1HoYV8UqK8Q7YatVswMkw97:RTLwRNi5eo6co89qBQ7Yh4w
Score

1^/10
behavioral19 behavioral20
- Target
  
  SaveDatabase/en/oope/unbcl.dll
- Size
  
  1.0MB
- MD5
  
  75beda2b1a92744dbb05878e4491dde4
- SHA1
  
  50e01b391b711c92046183a28df3eb0e92c29128
- SHA256
  
  b6e98f66ae143bc38e5381fa8c0d99e58434169f25202e520664419c2b35412b
- SHA512
  
  81359115deac81e540a1c6f95b6ee8bc57adbc7e514c5c997dcd05e20333ef3b6f52214de74bdc7b55471cfd7be5fb53dc1712cef416b7e9037d030c6c7a2b5b
- SSDEEP
  
  12288:UpiYCl2vyrqmx32Mfban+AYMTkgWOS42xGeyz:yiYC0vymu3rbGiMT5WOS42xG7
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral21 behavioral22
- Target
  
  SaveDatabase/en/psi/audit.exe.mui
- Size
  
  4KB
- MD5
  
  7b24d9094c5e280339308c3c07f590c4
- SHA1
  
  a8fce59c852653f646eefaddaf4326a60d0aec2c
- SHA256
  
  fefb48f24b49a3d53c05cd995857d9305d70e91f3c14661fe24ebe3b5f1b8d3f
- SHA512
  
  c970686c4d0d522ad0a8515dd6ebe7386273d8dd83f42dfb6247158081b9871ecb2ffbda5c31f769e89a8495d73179cae77249b7b07d1aae1de931c49e7ab6ba
Score

1^/10
behavioral23 behavioral24
- Target
  
  SaveDatabase/en/psi/libnettle-8.dll
- Size
  
  304KB
- MD5
  
  b4bc81fb9c2f7c719f0a2fc60634fc73
- SHA1
  
  9f3d7251ecbb3302669afab29c099aefecc2d61e
- SHA256
  
  2f03e48593df73ee7f1efd3223ba4bf773d95c09d214c524f036c7e0508fbbe2
- SHA512
  
  e4a69623d3e88c4301834fdc81dd2a491b86829a211f1f00203c1c8d653c9be64aa378757d95846dd20ff29eca44a943a53fb7ec976f9879be243de9b1450d64
- SSDEEP
  
  6144:MmVFPSeCiKBNFkDk5X5lTqqDMwlFlwKuMNl6:MYPSeCiyMk5/OqFl8M6
Score

3^/10
behavioral25 behavioral26
- Target
  
  SaveDatabase/en/psi/libpng16-16.dll
- Size
  
  235KB
- MD5
  
  7e82a150c75c5b30dc82d35af29b8387
- SHA1
  
  a1ae139ded212b014f92173a6b3cdf91d931eeb6
- SHA256
  
  d7d9d3f584067414f4196b5ff1ee9aff2eafbf3a686340ae18e5dc9ea7c1aaef
- SHA512
  
  7171a1086bc8c746fc2102902fdff7247288cb2d08861abb85ef5bbca47169cd923acf7707f09aa091d283868388641cecc67547ecc776e6f4d897e1ac44ac4c
- SSDEEP
  
  6144:8nClFOtV9yvLwdZRLFfn4lShPNEoDHHpwpFLhKNe:8BVQgRLFfPh1E+HpeKw
Score

1^/10
behavioral27 behavioral28
- Target
  
  SaveDatabase/en/psi/libsqlite3-0.dll
- Size
  
  1.2MB
- MD5
  
  20d3d212255fa1837b258575751ab31f
- SHA1
  
  52533459e489913e5cf72f027f806bc2cf839b7a
- SHA256
  
  c047aa4f99e3b5c4623989bfda93a54ba428ce3c284e24d94d520804eeca7ab8
- SHA512
  
  6cb47b6e7bf50ca16d90df9fe225c98af2c39b982ea418056df6acc2c9c065e675bb325945b9ed974e68692984fc4d0bad345d3a85c307efaa3adb11d336c51f
- SSDEEP
  
  24576:BoES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10LufA:B3SWpsWjRMMKIIDB/LX
Score

3^/10
behavioral29 behavioral30
- Target
  
  SaveDatabase/en/psi/msoobeFirstLogonAnim.dll.mui
- Size
  
  6KB
- MD5
  
  3e2ce10c3308b20a903ef0d3fcda687e
- SHA1
  
  b09ae2111812a91b16e3ef011bf9f0f8eec54e41
- SHA256
  
  75b3420a30fa63390c60a85e12662737fec031e5040a40a08aa664139665b0e7
- SHA512
  
  7cd6bea908eead78ca15ddf74617ec23fef310bf81d949775378b5c2ab8a6fa7176f15848d6b8e7b95ee1b517d739b16f4edfd68d72b1a97064f4985584af5d2
- SSDEEP
  
  96:pSZBmTKN9NKbeLETYQZqCYnO45c0ZtUnq5NMlDlAY/Y4TEW7DWwS:EZg/aGaZUnj4W7DWl
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Unexpected DNS network traffic destination

Unexpected DNS network traffic destination

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32