91a9df678c0451c438f0557d100907dbf623a13abfddebb0c769f903759e55d0

Sharing

Copy URL

Twitter E-mail

General

Target

Binary_v2.8.3.zip
Size

3.4MB
Sample

230529-2y17fsec5x
MD5

d0d38882e12388b89f2eaa34564b68d3
SHA1

a9d3fc0516da3cacd519abe7841c612ebe63cca9
SHA256

91a9df678c0451c438f0557d100907dbf623a13abfddebb0c769f903759e55d0
SHA512

a387f54fb43d7ef99c0c5a69a749eb135197e47e8ece3c44c6e0e51404003fcd1b7995236c47af9c452f5eef3f62d1a3fb0675d3ba601ff5c0b360cc6077ab7e
SSDEEP

98304:qHtwbTpQRsjYgKqPO7a8e4tA2c9V8W2bGb:waTqRRqdGtA26OzE

Score

8^/10

Malware Config

Targets

- Target
  
  Binary_v2.8.3.zip
- Size
  
  3.4MB
- MD5
  
  d0d38882e12388b89f2eaa34564b68d3
- SHA1
  
  a9d3fc0516da3cacd519abe7841c612ebe63cca9
- SHA256
  
  91a9df678c0451c438f0557d100907dbf623a13abfddebb0c769f903759e55d0
- SHA512
  
  a387f54fb43d7ef99c0c5a69a749eb135197e47e8ece3c44c6e0e51404003fcd1b7995236c47af9c452f5eef3f62d1a3fb0675d3ba601ff5c0b360cc6077ab7e
- SSDEEP
  
  98304:qHtwbTpQRsjYgKqPO7a8e4tA2c9V8W2bGb:waTqRRqdGtA26OzE
Score

1^/10
behavioral1
- Target
  
  Binary_v2.8.3/Binary.deps.json
- Size
  
  3KB
- MD5
  
  744741c26c603047a58f15b9b8b95e87
- SHA1
  
  2b55422584fcb3b054246fc3665f53231b144d87
- SHA256
  
  7a675dedf3a261ade704c0e7099aa5d63b48d350ba86a1aab02b6b4488f78c81
- SHA512
  
  36a0726d3b581e0d44c789330fd03d6e87114fb9202bbfc2dd9ba03da573c6b2b2bb7859d4fb29f6ebc10796c6f259247d03e8274df344d85c1cdac29ae024ec
Score

3^/10
behavioral2
- Target
  
  Binary_v2.8.3/Binary.dll
- Size
  
  1.1MB
- MD5
  
  90fe26790dabc99d9aa6b08622cb1570
- SHA1
  
  cd3c395b6e1f4c034e1f1ed9f588b39dfee96ebf
- SHA256
  
  262a4443927e61e556bb0429a5f2cae97827abef5b049b85a7104dbfe9b63b33
- SHA512
  
  58e7ebfd6d3950e8cc55816bf1b331dae7c3fbab86381a6f2c9af5b8ea86f61d60d1d768dbfb882cf07201ecddc68f9b93d195de609f07ca2176af1ee60d9125
- SSDEEP
  
  24576:zB1HYL2RXOSje8n5ve1AvPF1iu1111mQh1111111Fj:dPF1iu1111mQh1111111Fj
Score

1^/10
behavioral3
- Target
  
  Binary_v2.8.3/Binary.exe
- Size
  
  176KB
- MD5
  
  318cc809cd09ca52f8d621337806fb53
- SHA1
  
  14ec9ad35f54dde5c878e41e908b5ee3d29d80ee
- SHA256
  
  d2805172f33627cadb30fecd3cf2c6d0224fb8caa677080e87abde1ebdfdd694
- SHA512
  
  1f2e063fafc58840d1e9950f95331124c8e29ee81444bc00460c36b97836b1cc40904f47091c9760c3c9e975f92fe1ac74cd20a7104701e813777a6d153e13c0
- SSDEEP
  
  3072:eFkNf9uVf0omyRj4wRbwx5dywyYxNOHjdhjbVjemOlyP04wWsL:eKNlI4cEPdSSShH5OlyM4k
Score

8^/10

microsoft phishing
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral4
- Target
  
  Binary_v2.8.3/Binary.runtimeconfig.json
- Size
  
  161B
- MD5
  
  a07927da8710284c49870652cdf7e7ed
- SHA1
  
  6d1c8ef774ae79bbfab4934259ed4ff499defc6e
- SHA256
  
  24474cc0696d2a527f5635030a43d9b49b0e6993ab4bf01f3c33ec3413303fed
- SHA512
  
  ca507c6329e92460559b52e4a6614aae3498494f3e9bbaf692148bd401371d507b3f0e83196b70aff5094626ba26a8a23522be1a3b9647141f246db66d2a7df4
Score

3^/10
behavioral5
- Target
  
  Binary_v2.8.3/CoreExtensions.dll
- Size
  
  53KB
- MD5
  
  ad53677fff6a4050a6a1342606485589
- SHA1
  
  fac1e02aa9e830273e840c7dbab13cd3b1d32ba0
- SHA256
  
  6babea6ed0194f3bd24d9d7be7d9a978564279721469e5e012e3e8f7529ae4a2
- SHA512
  
  05c2541f443c831fed9d4d1568dee73c537100f6a67c775a26a07cfe78e781d7b866e2898e48be425b4923eef8430aff51d8f3d55b5040e4c22be07b54787166
- SSDEEP
  
  768:KkM0nf085WLxXseNr/j5taob6bfeCb+7v9nLoqwl3mTbGLwmfPJp9Tw:KR8AxXsW/j6dyCbC9LoqwlK0Jp9c
Score

1^/10
behavioral6
- Target
  
  Binary_v2.8.3/DevIL.dll
- Size
  
  746KB
- MD5
  
  59e291838ae2c88f5f71108e4845a84b
- SHA1
  
  3cea1ccd379691f34b58863e931ec85be55f4427
- SHA256
  
  9c9fbb292c9b1367576583d634754b72784b8d827483541385150132031260eb
- SHA512
  
  4203893968ceafe1e0e70c3f0dfe1dfd90a795033df69e84f25f68237deeec5ed37f7824c9d9e0cc0b121c72c16abd4059ccb71ad484d15ade427579f362369b
- SSDEEP
  
  12288:T3RWz/CTxoOAjzHljSA6cg8rPbSHYIkhEmEazstA+UinhcoqzJPYoO8l:NRbEluQYYIkhwazrQzqlP
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7
- Target
  
  Binary_v2.8.3/Endscript.dll
- Size
  
  82KB
- MD5
  
  4cbe7652358ccaf06a5f26e76521ae3f
- SHA1
  
  51d8702f7cf0cce2df93798e31acb0486d075274
- SHA256
  
  383c8aa0e9a5b2398f32a14f3786e55686d96af50e381d6b4153d02d4dad7508
- SHA512
  
  68e0709249c3bca09d5a568da5fbdb47c8c94e9f25a1fe8a3b99f06859d23c7bfe68656016fc8e5840fbcf85c2572865b57c237b54565bd88433e42974c0c30a
- SSDEEP
  
  1536:ETrlRlvO8JdUAn3qM7iy2y1OtaFCA78lclS9yvrir2Rn:+5bvJJdUAn3X7iyxlFC0IyvrirOn
Score

1^/10
behavioral8
- Target
  
  Binary_v2.8.3/ILU.dll
- Size
  
  28KB
- MD5
  
  129d587d2d5db8a5ef7f052c995bce7f
- SHA1
  
  aa0a84341d3ee6c1516225b1f73a0bf946bef265
- SHA256
  
  a3540c29567d2fc092da49f53858fc54b69d4681bb640a68b0a79511b8fd6622
- SHA512
  
  c1d5572b5877b34f97fa3ca283342758e4a819620dac9f19fdafeacb9babfb57a0f6d641c0b779c328c33883766c928e029f625def6981eb271bd9bf98cbcb34
- SSDEEP
  
  768:cypfHio4fOKOUp+mubfp552EgBdcgPrvqT:pjgfp+mcfp5SncgPOT
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral9
- Target
  
  Binary_v2.8.3/ILWrapper.dll
- Size
  
  30KB
- MD5
  
  ae9e36d9aa5e4b88c0c7bcfa3a5cafbd
- SHA1
  
  a52c0a2646988e5350d5c33db6a3b0d3bc049f0a
- SHA256
  
  ea6de3373bc66e8fb18e8357ef6c47713c5e987105407f78c4ca236ad39274a2
- SHA512
  
  4511ac4dce419f375926489f33e0d2b9d0f5c2217e6ba7b18798cf7ad58e7f737d25d63f72c75abe37617838b136dae3ec9235c769a2338cbbfc6a2e8189d545
- SSDEEP
  
  768:51WMnEeCarGSaW82QtKExhq9qg9d9WWpmo72:77GUNExhq9qg7FER
Score

1^/10
behavioral10
- Target
  
  Binary_v2.8.3/LZCompressLib.dll
- Size
  
  24KB
- MD5
  
  47298954f5a16ce21e46e9d50034d7c4
- SHA1
  
  d342e2f8ef4145af5052a235eb554164996bdfe4
- SHA256
  
  379bf59f8e11e7bb10e154031c7e66f0e13a4e0888a2b658a8f6fafb9be8adc2
- SHA512
  
  84f779a0a4ba76868c5c5da885994c088756d8bd1ab9d1ee3182c72a8d268a3751af6d59e45e392857fb5c0c96f39c4de60ddfc0987f470a34cff37e56105e57
- SSDEEP
  
  768:eHOBwkHoNhoIyFYBCfrXP7hkssSHq0I+0yS:RfNfIVyS
Score

3^/10
behavioral11
- Target
  
  Binary_v2.8.3/Microsoft.Win32.SystemEvents.dll
- Size
  
  50KB
- MD5
  
  7b00ddec2a2a2e98a83305841b8d6c8d
- SHA1
  
  ffd5895b6c8b7769fe7a65b3856206f2d08af4eb
- SHA256
  
  072c4c3bd30bb673fef956b577724d194a7be840458bc9e4428efe55e4b8e444
- SHA512
  
  d9ae9a29f761bd4d413461091dacd2453af1bec0d99f7571e14f9807d8838510662510c98493ef11f31f3259e2c2ccf8286ab76d0541eab08b290500c0269144
- SSDEEP
  
  768:djZQf++NzWgbIpCWjjjjjjjjjjjjjjjjjjjjjjjjjjjh7/1tXM9gpnHapk69uVJ:dul1sKepnYk69uVJ
Score

1^/10
behavioral12
- Target
  
  Binary_v2.8.3/Nikki.dll
- Size
  
  1.4MB
- MD5
  
  50cc627aa5204ede5824d0151b119660
- SHA1
  
  e99c816b5b45905a541d25bc806c7d6e68522be4
- SHA256
  
  8fa8907947e29c8fdd6627f13e6f775668399538404264b1c5e6ad148ce3f7df
- SHA512
  
  3cfadf3e5072b0354f03ff1fc0a6bb904b14c0b3ec1d9726e82b15b3addad751e09a6ee2ad9d3a18c26fb55b387e0fd5bf32e4119eea384027fc647cae4269db
- SSDEEP
  
  12288:s2T1/y61camJhTKhZo/e/tpQJn/lSMpPO+09pkyXapv0c4aURiSwB5pOL6uLtry+:T8JamJhToZo3ZlSM8+0rzJiS9Ntry5
Score

1^/10
behavioral13
- Target
  
  Binary_v2.8.3/Readme.txt
- Size
  
  8KB
- MD5
  
  8e9f039cf42ff2314e67d4cc735731c7
- SHA1
  
  7fcd802c960c0efdce276b6322549fc34738b764
- SHA256
  
  b48676a022a28a3afcad64d0ced485005cac7ebdbc1d49dc0a662e2298d69b40
- SHA512
  
  052da6589b51ebf06a13c772f57880d39bf66e8ad50874da549e296fda4c082389b5cefac87805296b957a623224c4f895eb16826e4cf5d67410506b2aaf1757
- SSDEEP
  
  192:tdtixo9BBV7t4hTkhQb/hzrdfqGkDz5H+Y:tdUU8ptrlqLH
Score

1^/10
behavioral14
- Target
  
  Binary_v2.8.3/SpeedReflect.asi
- Size
  
  78KB
- MD5
  
  181a459405391af5edea97296a4e9b0d
- SHA1
  
  94826a26e489d2ee4945bcf0e7f72568f21bccca
- SHA256
  
  3ef35d470c3b7e795157d65e78617c164eaafecf60493a797991629a70a54181
- SHA512
  
  25cb8af942fad0c3ca25595f5338cdf1463c65f944f60a47911f8f176dbb73f2c27ff2e73798f02dbef613322ee4b78dbdc9370a0878432ed58128090fbe6265
- SSDEEP
  
  1536:8x8TC09BayvBdDPOzSNaTNsBtPVi84rUZhqVzXHIurnfYjTi:VnBBdiCTPywhqVzXHZnwjTi
Score

1^/10
behavioral15
- Target
  
  Binary_v2.8.3/System.Drawing.Common.dll
- Size
  
  426KB
- MD5
  
  86268518c164bdd38217dcd8e74a2543
- SHA1
  
  3c8d5831fa802ae2e76beb2c01cacb87c66ce521
- SHA256
  
  4df59bb668ff03f81743403edb54a0136fa7a20b761fd35b3ba7acd29a58b73d
- SHA512
  
  27b4d300a1680a2fa573165f7148baf44cbdd004451e67e9ea40c7f81d89c9611fa43859d2eeea02313acc17d1b76e5ca74a3cb8b92e14f3595f16300ceb7548
- SSDEEP
  
  6144:pgERJppjn/ANdOnLsVtCwDKLl8kO7808u6CM8u8/pCGuAlzhQpiljIm8v7ocIWha:PzpprRLs2Ti6klkmwocN07
Score

1^/10
behavioral16
- Target
  
  Binary_v2.8.3/mainkeys/carbon.txt
- Size
  
  1.3MB
- MD5
  
  dd7f09231268afd6daa2deee5f194224
- SHA1
  
  5aa15e217bd027f590d62ce0e3c691f8664d51cc
- SHA256
  
  fdba26654eec253dd5e75c9bd7064e74b0ab2c9e41f06b83853f3dc4e3366b8f
- SHA512
  
  ebb02cf2d13e49f9cad46a5054ecc7bc65f1d010d3ee237183279c83ba861ab255625d0761b0261c0bdaceaf1bb2eb1f95be7f780f6c29a4f4de0fa580a91be7
- SSDEEP
  
  6144:nAYHOjvJ3RyNNTlTfXx5YDupB7FBz6VUQXJa7NLjr3JLv6gDBBxHVDNjJxpDYbLf:xEKfQetPIdR8OvZobCMrm5CpYWOv
Score

1^/10
behavioral17
- Target
  
  Binary_v2.8.3/mainkeys/mostwanted.txt
- Size
  
  862KB
- MD5
  
  d8b250f8a2b2398be9059a043e7ad03a
- SHA1
  
  be0175cc51a94afdfce82ba1df7fd421568acefd
- SHA256
  
  0c6f9ad517384689b300725d48552528065047d2e3f6df82e6fcba440dc70ef8
- SHA512
  
  4ea15c6ae17b92cc60b1866c758b4a50c6625934bcaf3b433a0073ebf45b46d9992e22f4dd68aec45335e3539dcdb07c22ea17764f355491936d5ff41e70256d
- SSDEEP
  
  12288:AYIdR8TbvdAMcyDHt/N5IImpyPOyIEzYbiq:DIdR8TbBcyDHt/N5IImpyPOyIEzYbiq
Score

1^/10
behavioral18
- Target
  
  Binary_v2.8.3/mainkeys/prostreet.txt
- Size
  
  1.1MB
- MD5
  
  48ee02e5d3030246cd45f2a22b72d77f
- SHA1
  
  673ebe7cf2a153bf3bbd0d5f2336c8e286ce124e
- SHA256
  
  b90507faca6c34cad7d562396e4fb5e52795ec3e0bfd784ed92fe4d3acf9467d
- SHA512
  
  3b7b99ac3dd61ab0e93d09ff5a2aa7f6d1b82231d504368a4958b01b2d840a6cbe5a555ed8f2e66465e2aa508ace504d269eac36e5c7817b00fcc3e102d7cfd7
- SSDEEP
  
  6144:IANvFVk002lVbJbZ4Cwlp10Aq+BYW7h5fBsRplyEo9lVA:bvoK3bJdUlVA
Score

1^/10
behavioral19
- Target
  
  Binary_v2.8.3/mainkeys/undercover.txt
- Size
  
  1.2MB
- MD5
  
  2e469e72acf4cc2bbda4091c41185898
- SHA1
  
  7b004db574e0c7da587afde7d5811a3bd78d41de
- SHA256
  
  307950b1bd4969d4d32473901143a9e9bc01f11933a1b1984bbbdf563f4e083c
- SHA512
  
  e21fb1e000fe72705c0704bc9d86c6304a4e27ce688b35bd662c5e56625bbdd1b5272924ee3267e5885c23f57b3349405e1759842c0f2d839426c33fc218eb5a
- SSDEEP
  
  6144:oAarPQHEWC8XyXCCho8xS0q6ZDWP3WWzrg0ucbVFcIFvCZDpZvp10Asq+piZd2H7:MPVFx46ZDWP3WWAkbVFLFjEMRj
Score

1^/10
behavioral20
- Target
  
  Binary_v2.8.3/mainkeys/underground1.txt
- Size
  
  818KB
- MD5
  
  e1c7adda10c86e2389970ea299a841ed
- SHA1
  
  cddda35581c749f6b0fe673b36a49e1f42b2b051
- SHA256
  
  1e0fe29f9bd54df52dd4969fc71910392a264701eb6f02b96fdc490b3e1fdd8a
- SHA512
  
  67972f219a52e15a9dd64b585f9328405de334082fb0e78a1a260793e58e07a5724d27bdccea1dd973c4d63f8e19bd5761f1839788bb945b06d86709885e3489
- SSDEEP
  
  12288:hTmiBpDo4Lt1fZVcg8DPCHH9LoohqoVKXJilwglsfzjXtLv1JwW3W0yZlMQBmEEY:hNJ3s4
Score

1^/10
behavioral21
- Target
  
  Binary_v2.8.3/mainkeys/underground2.txt
- Size
  
  1.6MB
- MD5
  
  4fc560b31e300fde2fa82e100dc40834
- SHA1
  
  35e06a918bbf258415aaa3a79ec1827ef3c3337c
- SHA256
  
  f13aee74fc1446d71da121bef5fb3d5bfef17f88a23ebd5c84f594cbc08347fd
- SHA512
  
  c4b18b6d651733a308cfd2e2c8593c35cfa1bac7bba166238d698cb0f4562aaf6fc36c3963faafd614a66384163297fb5550867fc1975c8b7e485f8ca6b73957
- SSDEEP
  
  6144:BgzcZfZGyVSZ4VbABjhns6Ni+sKD0sUw9F:BQcrCUMF
Score

1^/10
behavioral22

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Checks computer location settings

Detected potential entity reuse from brand microsoft.

UPX packed file

UPX packed file

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22