2121dd17a15c940eb55be2582dab5a255ea099c56ef41c1440270380bfa6842a

Sharing

Copy URL

Twitter E-mail

General

Target

InstAccountsManager.zip
Size

10.0MB
Sample

230513-qvtgnagc46
MD5

0ec87e5ccee05b72ccce92044fa1addd
SHA1

14556fbd46ef38357214afac83021414d49d8550
SHA256

2121dd17a15c940eb55be2582dab5a255ea099c56ef41c1440270380bfa6842a
SHA512

ad658fd4fab0b4881c87e316d82909c22404849ea0be7669ed3dfb8a4927e02bc924882459347e2d2ebcb5411e0d1813a61d7d782b14f8decf8640e26c5e714d
SSDEEP

196608:GDvv5VRWbP99CFMrb+9GAZg7b/vAZLUiJhtwJIAGj1lgz+FCJqLQm:Sv5VkP99C2JAZgv/ofhtjF1HCVm

Score

8^/10

agilenet

Malware Config

Targets

- Target
  
  InstAccountsManager/Antigate.dll
- Size
  
  8KB
- MD5
  
  63c0f6cb16119d4b0611019510898406
- SHA1
  
  67891f6155f965c2577d635e34b11861af5229bd
- SHA256
  
  af39f8e038b3750738635d26977d723a6855557cb5e227b46e74952376504475
- SHA512
  
  ef950164b6f3eb754b10a78233dc7cd5ab0626b0711a4cd8543d2098822abc6bf0efae3e1f1c3d6525b846bfc1a628431cfc1336e19d1a35b896817a1ad3950e
- SSDEEP
  
  192:5j3REz8fO3uSbXtR7p8yPum9oZuqS3Sg5aEiBa3:Ezj5oyqZuqof5aEiK
Score

1^/10
behavioral1 behavioral2
- Target
  
  InstAccountsManager/DotNetZip.dll
- Size
  
  446KB
- MD5
  
  2ac40da17c4ac9df4a8701faf3913a52
- SHA1
  
  f5518fd34d920546bafa8d648aa8feeca3179b93
- SHA256
  
  46bf5f182875f53994b6bee810570f85b2b39643c27ebbee77ce554b1e3b6ed4
- SHA512
  
  80025e7f79839138b7365071265bcc6d791a3fac48cecd7d170be79a46016c3fcef928676e666f6798a18c534310e5e27bf7f2896214dc615f0913f5f2798f3f
- SSDEEP
  
  6144:gsYYIOQaKp/NFN0if3Rd99UW0zW+Lc3P9QPQyHjGtSV41OJDsTDD50Yhe6dwxLVX:geYa2Xz3mPKS4msB0ie6CfP
Score

1^/10
behavioral3 behavioral4
- Target
  
  InstAccountsManager/InstAccountsManager.exe
- Size
  
  8.9MB
- MD5
  
  c94f968c8e7689a38be85b033ff90bc5
- SHA1
  
  b5e286bffa6d5df84a4d712329152a2fa3bf8271
- SHA256
  
  53944e8f2430803db6e6bbb25c22fde5280977cb3d5675a2820bc342402f788c
- SHA512
  
  ebb07126499a081191f827aebbf14bd6361597176f5f08a6b46b82263c37cc94a2a444011c466f105e25a8dbed4ff802c26363fbeaa0310d9353b120d2bc8e56
- SSDEEP
  
  49152:V0nKPEcDfbqyz9aUgpdhJvNy/MQHcAoIAM:V0KFDWU9lgzhFUX
Score

8^/10

agilenet
- Downloads MZ/PE file
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral5 behavioral6
- Target
  
  InstAccountsManager/MailBee.NET.dll
- Size
  
  1.7MB
- MD5
  
  497b5b77aae74e9cbd501ae9633a7b23
- SHA1
  
  b541d643685163ff48db37d8bb68e93737530d1c
- SHA256
  
  b40b8c6a15e1f53a47ccf2ad676a97e2a95184c789be50ee92ea6ad92974b11e
- SHA512
  
  ae88084b8b54641a9924eca6544876b5811c4baa11b01c6dc5724c928c55acc0d474b3aa34826cb34df79c9ec7b196b079e7af2ccc296a0a3e6eb93450875775
- SSDEEP
  
  24576:ynqEb56Q8m9sni2CGOgcqRWusXhtkaiVRt8GmCL3D1Y:Yb56k9snZrcqR6iGWBY
Score

1^/10
behavioral7 behavioral8
- Target
  
  InstAccountsManager/Newtonsoft.Json.dll
- Size
  
  659KB
- MD5
  
  4eb7c61f23c9054f64164a87e2951bfc
- SHA1
  
  cb35dfe3f0d39d2fcaebc9a7be95a2aee1ef70e3
- SHA256
  
  08363fe12e42bd5bb80ef09a7f8847723f6c57341d46080eb8e5f6c5b6b37a7b
- SHA512
  
  b345226fab28fc423e222fae497c3123822d70e66e8506b6c72541ea6fa29c99298fca6f3fe3bc1808f65af70c29e5020d7692412c764738d62907d2b16385c8
- SSDEEP
  
  12288:lktg1lrjC8rjICqbwNjR4xq7iiX19K7Df/SoOKQrIB+jfp:lggD7PIEjR4xq7iiXTK7D3So9AIB+jh
Score

1^/10
behavioral10 behavioral9
- Target
  
  InstAccountsManager/Rucaptcha.dll
- Size
  
  11KB
- MD5
  
  4cba3b990a3ce9e80e3fdb41663a5d38
- SHA1
  
  2fb49cd7bfe532d996a90bde7c67a5da8d229286
- SHA256
  
  ccafa6ad8e140750a4bcde84ed7091bc9c0df32e11e25e987c68c59a1793c2a3
- SHA512
  
  b48a125ea48bda3be801838b7c96be9a0be19ed1737d54b0e93d605100bde11bd33c2a5e8b1964ce64494cf590a8439376139116ec8db08d412044d8b4f143e1
- SSDEEP
  
  192:WhV8P+iZTRkNOdCTC05PLotpwyC1oWuS9JYDq5JlaJlo7ZS3Sg59EolE3:RCBLfyC1vXC2dof5moM
Score

1^/10
behavioral11 behavioral12
- Target
  
  InstAccountsManager/System.Data.SQLite.dll
- Size
  
  320KB
- MD5
  
  cc3fa13d833d4a8a6023bed6169c3fbd
- SHA1
  
  01e196b6f15d60b5443e62b7350dfe0f725495b8
- SHA256
  
  30008f02ee73f42573c38a7ed8c977535edb0e26e11e7cb68a76e8b16352351a
- SHA512
  
  f530ad96a95e22248b44dfe6b4b8aed10a76e43cd4e7d87b32c96006e5b9b5bfff8568e46b99a6431a810d1136aac629c53ae95fa567999f96b8c1fef7f31903
- SSDEEP
  
  6144:EjNhWYLnp3PsFNFaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFFc5cbcF:aNEYLnhkFNFaFeFOFwcGF6cmFWc0FWcQ
Score

1^/10
behavioral13 behavioral14
- Target
  
  InstAccountsManager/Updater.exe
- Size
  
  695KB
- MD5
  
  b6fc23f49e8d892f0b77e14f843ea0d9
- SHA1
  
  f4f336800a86b1b346534c75b7a684a33261fb6e
- SHA256
  
  381d4caa115d0a12e8864d433d6001da997f8b712e7e67c850a221176a2e973b
- SHA512
  
  4acf92349ff9da8bad630a4692150de65a06348254f7c04c7b31fc7c1bb958cb94ca1b36c295c8861854e07d2b4a6f45c15c5b9ac01a5f597fb4a2f69e54b72a
- SSDEEP
  
  12288:n0cdiUCsJSwYMKtsz+Y/iJH96nFGCi+WxlX+1:/Pctsz+Y/GH96nF0+WxlX+1
Score

4^/10
behavioral15 behavioral16
- Target
  
  InstAccountsManager/WebDriver.Support.dll
- Size
  
  52KB
- MD5
  
  edc73a319fc0dc7d886e34602dda5ded
- SHA1
  
  9ecc0033b1fd2911bc11fbc6377084be0f325e33
- SHA256
  
  fff9f4d41d902426410194653bca90f9c35eaf03564fcbb85a628765bccdb624
- SHA512
  
  8544bdb9fcc40a0dfd1a8ef717401b3f53f210bf2867296cc067b5bf8ee2e19d7c8f90de7a61d1008211ac1b64224d0bb933cd63b873c59f404fec63ee661acd
- SSDEEP
  
  1536:Yt0HY1T82z8kOmrWirD73Ib13dXYm1ZMr7hI2TEUhWPbgPI1N0RcW5PeIM6:Yt0HY1T8JkOmNwZ1Yee3c0Rd5PeIM6
Score

1^/10
behavioral17 behavioral18
- Target
  
  InstAccountsManager/WebDriver.dll
- Size
  
  1.7MB
- MD5
  
  64bd90a40098fed6b04015c0c391d204
- SHA1
  
  5539e07c4368f36619cc43597077354d5915fbf2
- SHA256
  
  bec8c0f6391a01dc6931eb3bd689b15c26cbf511fc06b21f68227202a34c3464
- SHA512
  
  950b59160f6fa50e6abeee02ed634045c15abec7a88e73e5241894643ac5aafe98300e93e6b6cc5619be784d19b49b2faff445ddde83289b4b2455e4c9f32987
- SSDEEP
  
  24576:h4Q+T1Q57jOSUC2WJkMssYH7Tf2sN1a3VYDz7DusR6k5HQ4OobS:SQJ57jQWkvsO7KKsYn7DusRN5HQ4Oo
Score

1^/10
behavioral19 behavioral20
- Target
  
  InstAccountsManager/chromedriver.exe
- Size
  
  6.4MB
- MD5
  
  85dda2ec22d5da1c0848c531d1d672fe
- SHA1
  
  4421eab654250adb00e298b3aca92c91be3b9b3a
- SHA256
  
  40a4eddd76c944f261888de296f278c6973783e97d0cefd67b36229652207c69
- SHA512
  
  b4670a1d9a8aeb38d373182081fcd51574f95bc86389dbf0aba67fc3defdf3602ff44c48b7938200728d9cc7c88fe65c13f9b0a669e5f50763eb76b52a4cbb8a
- SSDEEP
  
  98304:5MESvDLLjgVABcjwdJgnxygK4X7Gtirl5RtXeZMOKIeF0qx6D8:5MEwn/6ABBJ6xygK4X6Z6OKFF0
Score

1^/10
behavioral21 behavioral22
- Target
  
  InstAccountsManager/x64/SQLite.Interop.dll
- Size
  
  1.4MB
- MD5
  
  4298b267083735ac80afb9cca3375198
- SHA1
  
  c334abd3aa65c3f1b44068f324fcb86e85bba2be
- SHA256
  
  cdfaa388df56f110442318286a553f90874ffd9d44c39e300457d8c5abdac057
- SHA512
  
  5bdc5c3bbb4197bab372accefd18b4c33122015b7cf444bbcf3f4f748f3966b2da55a4c6fc57cf3c62c667dcffe26b0cbc69454f0b6e5c967afa3ff709d0daba
- SSDEEP
  
  24576:GAGrYMYXX/AWn3FgOd/A7funbxfvXJh6TaYeY:GcYeVgOd4Ty
Score

1^/10
behavioral23 behavioral24
- Target
  
  InstAccountsManager/x86/SQLite.Interop.dll
- Size
  
  999KB
- MD5
  
  528f9d75f604283de2d35be9474b4e33
- SHA1
  
  423fd25dd31ffdb2e682ad0151e0bc951b90d78a
- SHA256
  
  d3c8fc8da086a1ebf1b3db8f2192aaeccdb307bec78cd0224dac9c47afa4c384
- SHA512
  
  800caba4ef7d2927e6d081f066a1ddf149191567f03bff278f3e448d7fb2e38600168512b17d76bf957c5596ab112a8e7ab41d10f806d1a559e51975b0339491
- SSDEEP
  
  24576:Vp7OahszQfZUS0qIL0rK2hjbbFToUcdGf:k3ArxJe8f
Score

1^/10
behavioral25 behavioral26
- Target
  
  InstAccountsManager/xNet.dll
- Size
  
  89KB
- MD5
  
  ed32ecca774be557fa4e917610b59d5d
- SHA1
  
  dfb34239c12b4e9db711760ab906bff6a0970a06
- SHA256
  
  df3f9fc566728be253c18bf1b3b0df2ee3d786f5b64e0a0545c4c1a787968c8f
- SHA512
  
  d1cda48d5757dd4216710b66db9dd34b5a42bc3ce2908222dddeb71583fce1965a02e21a3c09efc17213a9de5681db4dd2d9bf9c2437a320eab366797cbf2426
- SSDEEP
  
  1536:NHAHxHwsquoP0PxDhrU3DQCR+KJOp+Ee6Naofcww9HHeYshDwMuOdwHYcIKsGuP:RAHxHwsZoP0PxDsQCR+KJomJneYuwMuc
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Obfuscated with Agile.Net obfuscator

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28