ccd1435a4f112cd6b28dd4351622db674c7dca64e3e7875bb1db36f3763e35ed

Sharing

Copy URL

Twitter E-mail

General

Target

sonder___rainmeter_skin_by_michaelpurses_ddv0ejb.rmskin
Size

24.8MB
Sample

230412-ylteasgb3y
MD5

2616bb4276e2b83fcf8c77284d546675
SHA1

edc66dfea781dd5a3bdc95ce39d229a619a51fbb
SHA256

ccd1435a4f112cd6b28dd4351622db674c7dca64e3e7875bb1db36f3763e35ed
SHA512

0122dbfcaa446581ff7ee79c1f6c4662e9d8b8d9478a6ebb0ad66379d2802b4abc331ba9dc53206de85a2956b26fff01f2247bb29da47261632373f677655144
SSDEEP

393216:fxip/zvhH8LRCFOQmD9SiDvk3q2T2lhuHW+K0QZSTPcgrOfQhDQRJUVEASHs4sWG:f0RFUIMw1a26lhu2p0QAcgQQhgJdAS8

Score

7^/10

upx

Malware Config

Targets

- Target
  
  Plugins/32bit/ActiveNet.dll
- Size
  
  16KB
- MD5
  
  955c79d5fc1bd73dcb0b1f4142939eac
- SHA1
  
  044eebd7a057dde25a7084f8f6fcaf236b07dd17
- SHA256
  
  5bddb3b79dd3d4273388d1354b860f9b70072098faa9805d0652a26a77bb8296
- SHA512
  
  04fdbeb6d978d17dae077b2ab4a41d2185acf4b9ec4b01c708e77b06a715524474902aa3cbec6d57c1e3dfd56d37f66401308c917b17b54650416e10f5313b56
- SSDEEP
  
  384:R1r6eCRBAF428xGbqtwR4p6LpoZNYp04yUbID70s:3yAYSyjQs
Score

1^/10
behavioral1 behavioral2
- Target
  
  Plugins/32bit/Backlight.dll
- Size
  
  21KB
- MD5
  
  26724c78a61a20520f7ac17f3283c36a
- SHA1
  
  954f221183b78a937008819eba2e67dacb1309b8
- SHA256
  
  23adf67351ea99dec9b720bf461c809d76777703f5837e28e4600c554ba499e9
- SHA512
  
  6c5270c07004aa9d983804ad58e49aedf29baa6e66b0efb1d14e3ea2ca10857010b487918b496310136f605c5f82cbc5802686e65b185103288227daba7f7475
- SSDEEP
  
  384:aSyNa46NBetcur9jp+H8aVLD7cORrjwx3S5Sq9nIKu54:aNybWPOceDZKC4qIKI
Score

1^/10
behavioral3 behavioral4
- Target
  
  Plugins/32bit/ConfigActive.dll
- Size
  
  86KB
- MD5
  
  e3ace6bdf16c8cc05eacac71dab76210
- SHA1
  
  137c0c903429ef27ea2f819ba7246e1636c20e07
- SHA256
  
  e7667e2f5808da5b8640bb5a9c1195b3f704c09a2e4445acaaa3ab149da2e2a2
- SHA512
  
  43d12c76c62e21b958ecde76524baa6176c1e7e03f815a04782dc623836bc9a719550a5b350b255c04fea548528a28514ee39273409d1b5351ab6975a24c25d6
- SSDEEP
  
  1536:pgGCgcsWo6cdpy9kBwAcXrEhuhAEJV8QnCFqiYDHLYfwQRuLA5sH94z/L:pgG7tbpy9lVInFqiYjEKLA5sH94z
Score

1^/10
behavioral5 behavioral6
- Target
  
  Plugins/32bit/CursorColor.dll
- Size
  
  99KB
- MD5
  
  f24b861051bafdcf2f0fac9ee81cea76
- SHA1
  
  576f33ba5d8bbd188eef9e513ee374dbc7a6787b
- SHA256
  
  24669005e11902808d7ada2613688b1e7cb6ec659d18a71d4126aedd0d21804c
- SHA512
  
  d619ae0773cc25fd5fe387cdf50a9988e33ffa698ec3b03d6338dc625e97c87927308ada750ac18555b44adebd5ecb15350116db96533fc4bd6fff408acf6d6b
- SSDEEP
  
  3072:/G4LJ6Jr2MZr+agFLZJg2QZyUE4gFqcVTP:eKq2qrpgFbLQ8zUq
Score

1^/10
behavioral7 behavioral8
- Target
  
  Plugins/32bit/HWiNFO.dll
- Size
  
  121KB
- MD5
  
  59c3201f1318261e70bbe1b21a3cb6e8
- SHA1
  
  714b358c8a8411430159017b9c77c6105802f699
- SHA256
  
  bfdfae26184f04b1d109bd17a6b9bf0d92ca72bc3e276857616d44cef43a894e
- SHA512
  
  b5576dbc9476d5572773e027d634bc54191dd3f190744dcfd3925ebb1b9da22449f56479023f2f53d4e9daa82ff91e31affaf49beb13ede1fa60c0e94357a184
- SSDEEP
  
  3072:u8tDsBj6K5f/UcvOYqd1eR1uDYIFtHeIY7mDT:3Af/UcS1eesaeIYW
Score

1^/10
behavioral10 behavioral9
- Target
  
  Plugins/32bit/HotKey.dll
- Size
  
  109KB
- MD5
  
  de8c5937aa1bc483b4755daf5c8a8653
- SHA1
  
  4dc94bf60970de4a06e9263561da52bbd38a4dc5
- SHA256
  
  8156db912e404003b8c3b037780c3c69900ff13c16bc99143d3aa18a6601c89c
- SHA512
  
  260639e91535f0b8e29a588549f415fec7433913646c032c00d412ab72539902d7f2fda521b641522b3d8622b8afc960d1233c830e736972b4cd1a64a21ac2fa
- SSDEEP
  
  1536:dEQBTsW9PtcdRGQRiVBZxls6L1lHc/8sLLP+oDyTeKM3x2gj3/HHa+nt7nkA4ybS:dE6jkRmBzl3l0d2SKM3x2/u4A4yb
Score

1^/10
behavioral11 behavioral12
- Target
  
  Plugins/32bit/Mouse.dll
- Size
  
  94KB
- MD5
  
  5f3be6d06a0cac486fa4de4cd235c81a
- SHA1
  
  70d1e2a7d0ff6c4a6390a7091a1b97880b7b8dab
- SHA256
  
  dae960180bcfd84cb04a862e57a54f65e57f733a1033b6babf940be7b3536ab6
- SHA512
  
  160789c5bf6c7ff19ce3762bf0aa35127752f1bccca49a48d4f98dd275efbc1c20041a60d35be1c7c5121db5b918f5fcd2e5129375d3f293c7451f7525b796cd
- SSDEEP
  
  1536:pvsejsWrcdny4XO9w8aWVuFH68k0zksfEMJO5NVMV6c582LURPpPpacPYsqV:pvPMny4XO9wsVLt0l8MJO5oEW8fPl4cu
Score

1^/10
behavioral13 behavioral14
- Target
  
  Plugins/64bit/ActiveNet.dll
- Size
  
  16KB
- MD5
  
  613479af7b5ac4487c35d47f5ff41f41
- SHA1
  
  fef770aab30fdd4c1f502c491dd609d0b1728881
- SHA256
  
  ba6b4a75d71575ce1f6dca523adf6d7b335bbb220c844678d3f2d0a2c652f54a
- SHA512
  
  d4b72fea91bcd004d4dea1397a5c8ff2a7567f9d1ecd712a9d0603e8e455fbbff55a358ccce59445df75fe93d6795c81436b0839865c96caa49214a8f9b7d220
- SSDEEP
  
  384:ynr6eCRBgF428WpxGbqtwR4p6LpoZNYp0yytbRaD7E:gygQOQy7Eg
Score

1^/10
behavioral15 behavioral16
- Target
  
  Plugins/64bit/Backlight.dll
- Size
  
  23KB
- MD5
  
  758440f5f74ea6e9a19d5b4d012650d4
- SHA1
  
  f611a183f47d40840f4b508d26fa8583193f12e6
- SHA256
  
  3bcd934844c9e8d455a4283b7a51870375f912fd8718591c67777227d70d0138
- SHA512
  
  9fd59e6e50ab3636e639a7c64d02343e0e93500c8c54e8262a06d87bca2150f1aba1c61e3b719822e4528bd2e97a1ce555d260d135ab73838edccddd86b10992
- SSDEEP
  
  384:/mydqoPxU8vKFd2X6VPvVRnh7fY0XZ2tUw7ZDfTu5Gxr4/55co+OACG:Z+OKFkKVFRnhUgs7k5Gx+EOA
Score

1^/10
behavioral17 behavioral18
- Target
  
  Plugins/64bit/ConfigActive.dll
- Size
  
  106KB
- MD5
  
  0419a4540198edd00b178c9f8aaa274f
- SHA1
  
  b3c613f7524941b01d177bdf1fdcbdd0c93d40da
- SHA256
  
  f8a5dc3f6ae9157cf16885259c7b055c9e47ee4a7e759c37e91faa4109385532
- SHA512
  
  6494a7d8ee2a8f2941afe4d5722ee6f11e38bce031a4fcf6c78605646847923edc03ee58f24ef9c4d5cf6e3af66e813cd1738ea0a4c4fb50e5713cff674af6fb
- SSDEEP
  
  1536:6dFCNsWFDdc9dlFR7RmR94StseqRFBk8DS5M18kp/4iWGoR3AmT+3:6F85UfR7E3vqfze5Xkp/rWGoZAmT+3
Score

1^/10
behavioral19 behavioral20
- Target
  
  Plugins/64bit/CursorColor.dll
- Size
  
  117KB
- MD5
  
  3ffbb933cbb31da5acb2f35814ecc6d5
- SHA1
  
  5fda8e86ed1f676cfc99893d5f2c235eac6226f7
- SHA256
  
  e8ebdc081b437cb5220dab62ab0b2c05b48b5da4196ac3461a6c17c272f06647
- SHA512
  
  21de1bf6669f4d6f8ddcd868c0e9ac3e5ed9f9ac1d0933edda4a8d4ae09f07869aaef4b7470a6ffbc1fe12058ff15ad97995308c56904b228d870d0cd2fdf0cd
- SSDEEP
  
  3072:GyLvxN7e5jOE7PqWoWqFgm7BkmA2dKwLswQLkQNqevZ6:bN7qjPlosm7BVAYPLswQXqW
Score

1^/10
behavioral21 behavioral22
- Target
  
  Plugins/64bit/HWiNFO.dll
- Size
  
  139KB
- MD5
  
  c8077ddf91e3eb0c2b4d8ab49695ad21
- SHA1
  
  a3baa696fc5943fc55ff0185cf0b4edc009c5752
- SHA256
  
  54a0284ae3f7f35f7b339c9d341afad603cb02f3d97f24790eb33acd90e46bf7
- SHA512
  
  7a44b6ed593d78511f99b859cd1f3bd52827f0761ef9c550d897216c6c9efaf562c87bb562b04e39bc6f0e80403a7ada2d7c7863df0e851ab7abc0012a3df047
- SSDEEP
  
  3072:HMVqqLvEa4vPxqaA0ANsDPGOe2jWFM2sXub2IzB+:4+qanOsfe2jWe2pS+B+
Score

1^/10
behavioral23 behavioral24
- Target
  
  Plugins/64bit/HotKey.dll
- Size
  
  140KB
- MD5
  
  e5690c08c6c9560a7a3bfa71950fd397
- SHA1
  
  669f8cb7f8a8f9ecf4a122f523c3587879c52e50
- SHA256
  
  2f0b6aee13ed9c158f2f406eeef2c598cb5ccbb22b9a38c3054db15f76ed9469
- SHA512
  
  9b5ca45879fc10819f550a1d4c5f279dd754a4f51790a57be8e1ed98d206e57f323b354b004823aff1563a30afcfcaca94cf776ff30fc8460d2d0a8b078c4fa6
- SSDEEP
  
  3072:Bm3iUxQMjPgcCKPXrDU+aifniRblYFkK/:cx1PgKTI+acixlYmI
Score

1^/10
behavioral25 behavioral26
- Target
  
  Plugins/64bit/Mouse.dll
- Size
  
  115KB
- MD5
  
  225e2a5c3d9b7e1a0eef653eb75833df
- SHA1
  
  e7ff9c384c8e5cc0f20fde781e1268c9c49638ea
- SHA256
  
  79713b410f63a1efa5c927afeb825e46600ae8146f4208739cde7c91b3fb2c9d
- SHA512
  
  3720dab965986168ddf249326e6be3edee47b2a3958db0adeac5eefcea6362576d7b77c85ee3df82461312c8592bb58047d91115b1cf85f8fc24f442dd90b3f7
- SSDEEP
  
  3072:v0TYUKYXONpJPAl22HPqWJ9gwN7fNHNtLxI9SVrKjvTpUuCIgU9:EcpJP72HPqrwN7fTrPVrKjrp8Ig
Score

1^/10
behavioral27 behavioral28
- Target
  
  Skins/Sonder/@Resources/Addons/HWiNFO/HWiNFOSharedMemoryViewer.exe
- Size
  
  921KB
- MD5
  
  eb2761fab3333a02410e8e15c5f9ca8c
- SHA1
  
  2bed21db3c29401cf92d92baa5e2273427d57472
- SHA256
  
  9ea52f792679a83534a0503e44817140ff0c991e7d7e41fc150e405685457e61
- SHA512
  
  ec99b307220cd05cdefdfdb04f19f87c816622aba03297ecb552bc94dddd71217c45769f3bf168b23c66b00565ab259d114a2e5354a8ad9e922cc669662211f1
- SSDEEP
  
  24576:cceIkb+lgkrGhZPD7h0Ul0Q0aqNE4p64:cHV6lgkahF90ex0JNls
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral29 behavioral30
- Target
  
  Skins/Sonder/@Resources/Bluetooth/batch/bluetooth.ps1
- Size
  
  1KB
- MD5
  
  18f6727dac6aa4681ee62a1099738c66
- SHA1
  
  10cecd2b18158fb44d5e3d7a59bb81350f2eb3f4
- SHA256
  
  3d97c8673b6e7473075921b040932c75fe874c626ecd3470eac59bcda47c35c5
- SHA512
  
  26c4e5ca81b77e3f64077e9c1313b1e5070c2c1264adec5bb305ec79f14d61e3877af39813bff7d920c135742850c948dae6c48981bfc374db141c3572d9747c
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32