81610cb0050c847dfd3711ee87b929fbd3aaba18cdea3e2d07775ccb9abb04a4

Sharing

Copy URL

Twitter E-mail

General

Target

Clangen_Win64.zip
Size

59.5MB
Sample

230312-h3lg1sdb42
MD5

6c04cca87b0d0f9576576bccfab28c6e
SHA1

9e22cedba4ad438cf60b7d9d9aa9e4a8dc6c7238
SHA256

81610cb0050c847dfd3711ee87b929fbd3aaba18cdea3e2d07775ccb9abb04a4
SHA512

64cdfd02a2bb9702a62029a2ae8577624aa274ab3d1cfa5576a44ba36c97159d210160c4fba5d5436fe796df8d1ca411495d41f96c6bbd75738e6c455fa33f44
SSDEEP

1572864:UN++Oi1UlKZz6dsz9BmCeh0VALUdPbXkkQhaY5aa5DVpnD:wdmKZzTB/eieCUk8faaN

Score

3^/10

pyinstaller

Malware Config

Targets

- Target
  
  Clangen/Clangen.exe
- Size
  
  2.0MB
- MD5
  
  d00557ea83c84fc13e4022ebc334a14c
- SHA1
  
  a2dd77369a5053ca2c6b5c02f828a2ced4458510
- SHA256
  
  2c18657185a5a1fd15f124e8a1704bd966241cf35a8a33bdc37270b88654caad
- SHA512
  
  4cb8e423456eb70755f2a70857baaec1e6c5457d3a21f1ba4dd03144fabfb150eaa4b8a7f883add96d925c2f4e3be770c923209e7fd7caa560bff7d120dbed7f
- SSDEEP
  
  49152:nfGo0tqC+ZVBoQx7i6+OBFAg7KQL4Rham:+3tq+E+6xBFAg7KfHL
Score

1^/10
behavioral1 behavioral2
- Target
  
  Clangen/MSVCP140.dll
- Size
  
  607KB
- MD5
  
  52fb5405a1b666cd9f7fb0bb0e38d846
- SHA1
  
  1307eb5951f5aec3cec93df4bef7c6552662c112
- SHA256
  
  d84c640db3bcd308e61d8b8fd39eb0a61f2aa30a7c278765771c7b540116a7f5
- SHA512
  
  2e5bc672f49dd17187f445ef2750249719f967bbdb8a1ca69493f622cd6c78acc959b0779792ce4b799ecee02570dcda6e8c1ee1450cd649fa260041af58a1ed
- SSDEEP
  
  12288:UO93oUW7jh6DN0RUhsduQjqDZ6X/t5mTOKGmJ7DseBiltBMQEKZm+jWodEEVoF2:f3oUW7jh6DN0RUhsduQjqDZ6X/t5mTOj
Score

3^/10
behavioral3 behavioral4
- Target
  
  Clangen/SDL2.dll
- Size
  
  2.2MB
- MD5
  
  5a2819c823a5af53420511a1ceb7a9aa
- SHA1
  
  3b80b1228631abbb7f2745828a25cbce0d9dce09
- SHA256
  
  81c70b7bfa5690b0ff20c15caa499f615a82cf5b49d278da89265eb836036465
- SHA512
  
  da85ca5a8666eb5a2a4bc6b0c9e2f7b7811eb22fe1632a8604274f4fdd5b4303e8943b85cdacb4a3378261d1c0c2d754f4db372294a7146c26a9a546ba83b399
- SSDEEP
  
  24576:HzJfKNu0feee3s8LjMwUiny7Irssh55Z0lZGO5cO7bSbtnG4+bDYnZVBsi9s8ZF7:H9fd8y5m5cv9F0Qc3OW/a45m5
Score

1^/10
behavioral5 behavioral6
- Target
  
  Clangen/SDL2_image.dll
- Size
  
  122KB
- MD5
  
  b8d249a5e394b4e6a954c557af1b80e6
- SHA1
  
  b03bb9d09447114a018110bfb91d56ef8d5ec3bb
- SHA256
  
  1e364af75fee0c83506fbdfd4d5b0e386c4e9c6a33ddbddac61ddb131e360194
- SHA512
  
  2f2e248c3963711f1a9f5d8baea5b8527d1df1748cd7e33bf898a380ae748f7a65629438711ff9a5343e64762ec0b5dc478cdf19fbf7111dac9d11a8427e0007
- SSDEEP
  
  3072:6bsejIuO504fzsOM05Nmy7iGpJ7SvFisgf:6bmX0qQOhmyPs
Score

1^/10
behavioral7 behavioral8
- Target
  
  Clangen/SDL2_mixer.dll
- Size
  
  285KB
- MD5
  
  201aa86dc9349396b83eed4c15abe764
- SHA1
  
  1a239c479e275aa7be93c5372b2d35e98d8d8cec
- SHA256
  
  2a0fc5e9f72c2eaec3240cb82b7594a58ccda609485981f256b94d0a4dd8d6f8
- SHA512
  
  bb2cd185d1d936ceca3cc20372c98a1b1542288ad5523ff8b823fb5e842205656ec2f615f076929c69987c7468245a452238b509d37109c9bec26be5f638f3b7
- SSDEEP
  
  3072:uHT3KS12sljkvy5jXabgwdIFwix1Cvmm1xXLLPAgx+3BfZrzJ9qYdt2mTdIssFor:E3Kdy5eb+wix1Cv/7MBJJ95IssFo2p
Score

1^/10
behavioral10 behavioral9
- Target
  
  Clangen/SDL2_ttf.dll
- Size
  
  1.5MB
- MD5
  
  f187dfdccc102436e27704dc572a2c16
- SHA1
  
  be4d499e66b8c4eb92480e4f520ccd8eaaa39b04
- SHA256
  
  fcdfabdfce868eb33f7514025ff59c1bb6c418f1bcd6ace2300a9cd4053e1d63
- SHA512
  
  75002d96153dfd2bfdd6291f842fb553695ef3997012dae0b9a537c95c3f3a83b844a8d1162faefcddf9e1807f3db23b1a10c2789c95dd5f6fad2286bae91afb
- SSDEEP
  
  24576:jS8/9uHym3+c6zXD75JqzkiTPxk6saGjhn7+DNvY1vDe9tnYP05pi8ZpFUcjt:n/9ub3+c6zXDrqzkZ1vjhiDNvY98W2UQ
Score

1^/10
behavioral11 behavioral12
- Target
  
  Clangen/VCRUNTIME140.dll
- Size
  
  93KB
- MD5
  
  4a365ffdbde27954e768358f4a4ce82e
- SHA1
  
  a1b31102eee1d2a4ed1290da2038b7b9f6a104a3
- SHA256
  
  6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c
- SHA512
  
  54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722
- SSDEEP
  
  1536:dkb0wrlWxdV4tyfa/PUFSAM/HQUucN2f0MFOqH+F3fecbTUEuvw:dWD4eUp+HQpcNg0MFnH+F3fecbTUED
Score

3^/10
behavioral13 behavioral14
- Target
  
  Clangen/VCRUNTIME140_1.dll
- Size
  
  35KB
- MD5
  
  9cff894542dc399e0a46dee017331edf
- SHA1
  
  d1e889d22a5311bd518517537ca98b3520fc99ff
- SHA256
  
  b1d3b6b3cdeb5b7b8187767cd86100b76233e7bbb9acf56c64f8288f34b269ca
- SHA512
  
  ca254231f12bdfc300712a37d31777ff9d3aa990ccc129129fa724b034f3b59c88ed5006a5f057348fa09a7de4a0c2e0fb479ce06556e2059f919ddd037f239e
- SSDEEP
  
  384:nNn62MCmWEPhUcSLt5a9Y6v4HOE5fY/ntz5BBW0O3+XfeuncS79+pWrQKWhD/HRj:YdCm5PhUcxgHY/ntXBzxvV7KtDvCTO
Score

3^/10
behavioral15 behavioral16
- Target
  
  Clangen/_bz2.pyd
- Size
  
  85KB
- MD5
  
  a49c5f406456b79254eb65d015b81088
- SHA1
  
  cfc2a2a89c63df52947af3610e4d9b8999399c91
- SHA256
  
  ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced
- SHA512
  
  bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae
- SSDEEP
  
  1536:eKpLuz7t0fjOUSKdvOKJbdV/qj1M9D8WAPpP3JuFIIMVRy7:VizTTmbJJV/qj1M6WAPpP3JuFIIMVI
Score

3^/10
behavioral17 behavioral18
- Target
  
  Clangen/_ctypes.pyd
- Size
  
  124KB
- MD5
  
  291a0a9b63bae00a4222a6df71a22023
- SHA1
  
  7a6a2aad634ec30e8edb2d2d8d0895c708d84551
- SHA256
  
  820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324
- SHA512
  
  d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09
- SSDEEP
  
  3072:psrzScwzPzuoUxXVxQXKIAqoFQufLTA/1mj9AItH5IIBPmQl:a//wWX8XKIABfLTcmXlyk
Score

3^/10
behavioral19 behavioral20
- Target
  
  Clangen/_hashlib.pyd
- Size
  
  46KB
- MD5
  
  5e5af52f42eaf007e3ac73fd2211f048
- SHA1
  
  1a981e66ab5b03f4a74a6bac6227cd45df78010b
- SHA256
  
  a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b
- SHA512
  
  bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd
- SSDEEP
  
  768:E0mbG0HUxzB7992zIyYsw3jYXjV4h6HgevWASdIIYIASDG4ybhMD:Tma00xVMn08x4EBvAdIIYIA2ymD
Score

3^/10
behavioral21 behavioral22
- Target
  
  Clangen/_lzma.pyd
- Size
  
  159KB
- MD5
  
  cf9fd17b1706f3044a8f74f6d398d5f1
- SHA1
  
  c5cd0debbde042445b9722a676ff36a0ac3959ad
- SHA256
  
  9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4
- SHA512
  
  5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a
- SSDEEP
  
  3072:LIVa3V86CLON9lUm+/3i4p9qZqznfY9mNovvFOhYIlLvyFIID15x:LIVa3V81LwlC//q+gYOvPIBvy7
Score

3^/10
behavioral23 behavioral24
- Target
  
  Clangen/_queue.pyd
- Size
  
  28KB
- MD5
  
  dd146e2fa08302496b15118bf47703cf
- SHA1
  
  d06813e2fcb30cbb00bb3893f30c2661686cf4b7
- SHA256
  
  67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051
- SHA512
  
  5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c
- SSDEEP
  
  768:UbErqQu06rhuOUrRm4MH5IImUVDG4yaC97hP:wuqXhuOC84a5IImUfydL
Score

3^/10
behavioral25 behavioral26
- Target
  
  Clangen/_ssl.pyd
- Size
  
  152KB
- MD5
  
  d4dfd8c2894670e9f8d6302c09997300
- SHA1
  
  c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e
- SHA256
  
  0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0
- SHA512
  
  1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048
- SSDEEP
  
  3072:PBgil+Nig7FXVxb/8lwiaibUixhk980VUuOazbAOXLkdWXxZIIkjVD6XFIIM7y:PBgi8iWXVxbI/Xhk9gazbRqo3
Score

1^/10
behavioral27 behavioral28
- Target
  
  Clangen/api-ms-win-core-console-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  681c84fb102b5761477d8da2d68cd834
- SHA1
  
  fd96cf075a956fbc2b74e1ecc3e7958163b58832
- SHA256
  
  f0f7cb2a9ffccb43400db88d6bf99f2fcc3161de1ac96c48501d4d522c48c2ca
- SHA512
  
  c41a62f8d10290215b8a7f0ddcc27a1cf12a7453c2daabef75bd2ce87c4ffc87d74edc8caa1771beda0bfa26249cfe3c94d4af50b22a5decb6d282bd8a2c4bdd
- SSDEEP
  
  192:SOQWvhW/WYnO/VWQ4SWc0NsxZAqnajT9CJIC:SjWvhWvUsNs/Al39AL
Score

1^/10
behavioral29 behavioral30
- Target
  
  Clangen/api-ms-win-core-datetime-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  2a8065dc6e6e60fb90b4b3f9e6ba7288
- SHA1
  
  400a1f44cd4354dea0117e79ec04b006d6141b36
- SHA256
  
  55e5f10d0dd9c85ff1c6dc7798e46b3a4422fb7ebc583bb00d06a7df2494397b
- SHA512
  
  787e033e35aa357263639d97fdfe8a2ebc9f17865579be13c14c0a4c2ed99432ed8ea79c5046d1b4b783bf5fcf7b713efdd70fca8445a7afcb91cfddc7f9d442
- SSDEEP
  
  192:1WvhW/WYnO/VWQ4yWxK2fvXqnajeCqN+6:1WvhWvU8XlX0
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32