Overview

overview

7

Static

static

7

Passwrd-12...ar.dll

windows7-x64

1

Passwrd-12...ar.dll

windows10-2004-x64

1

Passwrd-12...up.exe

windows7-x64

7

Passwrd-12...up.exe

windows10-2004-x64

7

Passwrd-12...DU.dll

windows7-x64

1

Passwrd-12...DU.dll

windows10-2004-x64

1

Passwrd-12...eN.dll

windows7-x64

1

Passwrd-12...eN.dll

windows10-2004-x64

1

Passwrd-12...32.dll

windows7-x64

1

Passwrd-12...32.dll

windows10-2004-x64

1

Passwrd-12...ine.js

windows7-x64

1

Passwrd-12...ine.js

windows10-2004-x64

1

Passwrd-12...are.js

windows7-x64

1

Passwrd-12...are.js

windows10-2004-x64

1

Passwrd-12...ion.js

windows7-x64

1

Passwrd-12...ion.js

windows10-2004-x64

1

Passwrd-12...fig.js

windows7-x64

1

Passwrd-12...fig.js

windows10-2004-x64

1

Passwrd-12...mer.js

windows7-x64

1

Passwrd-12...mer.js

windows10-2004-x64

1

Passwrd-12...ile.js

windows7-x64

1

Passwrd-12...ile.js

windows10-2004-x64

1

Passwrd-12.../cn.js

windows7-x64

1

Passwrd-12.../cn.js

windows10-2004-x64

1

Passwrd-12.../en.js

windows7-x64

1

Passwrd-12.../en.js

windows10-2004-x64

1

Passwrd-12.../jp.js

windows7-x64

1

Passwrd-12.../jp.js

windows10-2004-x64

1

Passwrd-12...-BR.js

windows7-x64

1

Passwrd-12...-BR.js

windows10-2004-x64

1

Passwrd-12.../tc.js

windows7-x64

1

Passwrd-12.../tc.js

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe52c71d3c04ec6b301d267978f84a0d.bin

  • Size

    23.0MB

  • Sample

    231012-dgrppabg5t

  • MD5

    fe52c71d3c04ec6b301d267978f84a0d

  • SHA1

    4b34fe1c983ab4b412cd3dedec114656860efacd

  • SHA256

    35da11b3609d7b0e88707d28867cb9f946e35cd82318d8fc7abad82025cfc780

  • SHA512

    963c47b77759a979ea96a7c05c73f5d10ae7225ec3bb5680e021c2d01de4b28f60f7d845c38c6d61824dd35eca38c9436d0a298f41b12b5c376a96cdb3a4c6b4

  • SSDEEP

    393216:IPeQsjCG96IM2NIQpVUXrbSYw32ZlZC0w98iYHpNJ:oePCGwIf8XrGHaZPwy/n

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      Passwrd-1234-Setup/MpGear.dll

    • Size

      607KB

    • MD5

      27ef57bfbb5438e4807952802e0bbaf2

    • SHA1

      53fed477e952504ab60251019b65b09f3dfe4012

    • SHA256

      59dc4504f33e9b0756a75d18aeb974085e601d75577828b107b83187ba4df1f6

    • SHA512

      5a6f89ee772b5251a8ed5ed8da61bda85bc7b41bf292599df688f37a62cb3c9272086b9e6ea3c8ef93405d39a98927f0fcdf810b60da48ec62d50017b8de6027

    • SSDEEP

      12288:5euKeIaZ+dwGbzSifdhnTE7sjXj8cjb+YYtaPc:suIaIxzSwDTfjXjBvXYV

    Score
    1/10
    behavioral1behavioral2

    • Target

      Passwrd-1234-Setup/Setup.exe

    • Size

      782.2MB

    • MD5

      aa4fb8876b89288a015fbf945da98d87

    • SHA1

      c85b783c0fbb81123d8d0048f9dc9f685d297078

    • SHA256

      ca966b4444700a921d0c281d2c5d0e1b213e4440c44239a06b7f0adda7337225

    • SHA512

      2328c661c34b747ccc3e14e05648bf5f40bc439c2a17f29eac3315978cc13879fec5ae96e7ad23f1df2317c0131c012abf2a2fc397b8b586dcda844848e26551

    • SSDEEP

      98304:b4srnY4gDOqrzny8PLH/qr5ONWjtmXR/aw5bau7SyDXTlavXHBNS8liNI+:VHgDFf7LHSr5uXQwOYiXnDloI+

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral3behavioral4

    • Target

      Passwrd-1234-Setup/VBoxDDU.dll

    • Size

      371KB

    • MD5

      496df6ad1a158ed5037138e397713ef0

    • SHA1

      287bd2219c955687baa399ded57e9ab64334c63c

    • SHA256

      07c04290f53aaaaa7df6b6ea3a53103b6e3ef8ff658d8097617a9c48dfc6e90a

    • SHA512

      422da26a8f50c1f02c1cc7c4bed37cdb33732039bba82f32c2a14baa8c6a7bc5544856ab26a2071b5ea8e731a296e2c69071da2f067312d05763aa3a9928bb3a

    • SSDEEP

      6144:TTKw9G2rivrR7YR+euVO05XMog3N0++++I333O333qj333MEq333h3333f92333O:CcN3u++++I333O333qj333MJ333h333r

    Score
    1/10
    behavioral5behavioral6

    • Target

      Passwrd-1234-Setup/en-US/AutoWorkplaceN.dll.mui

    • Size

      2KB

    • MD5

      a311c98e7cb3bc2c6f4ad9ca65e95810

    • SHA1

      481168e5c9437731ab632fcacb9c88471c008d6b

    • SHA256

      799cf32fc0515a4bcc0388d0d39618d9c67ee67a1c2000d7344c5a8120004e2e

    • SHA512

      8eefd67ab748725145db643dab47f608b66582c194e42ed412bfe31f26c36b2bd2c4e157fa1bfaa582c697de267c242e5e809be109c7ab3f61f19bd6812e416a

    Score
    1/10
    behavioral7behavioral8

    • Target

      Passwrd-1234-Setup/en-US/avicap32.dll.mui

    • Size

      8KB

    • MD5

      a5696b2d379fb322c7ee1e18c01ca920

    • SHA1

      0063d4f4814d4565334b5937fd83b56287ab413a

    • SHA256

      cb852e13a323c8e226b9bccc7786df3c55e4be16d9d63f4911ea0565ac879a9c

    • SHA512

      01e93385f90fd0a25d8c7da31704cf8d04596113fbc9c19199506bbb5ba978f974c65a636ea663fec0c32408a931499814f806091ef7b3d9ca59c26fa01cdabd

    • SSDEEP

      96:9XIEThBLwopUCfwpyIR3M7Pel5LdDzdlSjrviqEtp9JhZ47/5PYBtTdbhFYIDiqf:KKxy3M7P5vRULZ4S5HTbnWnUrTWQ

    Score
    1/10
    behavioral10behavioral9

    • Target

      Passwrd-1234-Setup/engine/engine.go

    • Size

      23KB

    • MD5

      042ba70df24c200d6fc6cf2c9a2c5ee4

    • SHA1

      ef7e1ce622ebdb31f49eaee72053dbd86625a6ff

    • SHA256

      e3a77cc32a7b2f9aadcbece6115a5ec355ab18b0d492b2a95d5215bdf84a0ce4

    • SHA512

      dd70b9f704e0c49e42147532722fc58e5b4678432118a0f0490ea6c0ca81e4ae14bdc07351f9ce5bb6c6a333b970c891eaf4fe5ca2b9e12beb53a180fce6239e

    • SSDEEP

      384:dyOW+24Cc+a0LOXR7QUNSr9sbszzRorvcIwMD3o2F3CeDBSExt+RLJuzqzBHPpuq:6AB+A7QkvFbCedSg+xJjHP4gb7b83iAC

    Score
    1/10
    behavioral11behavioral12

    • Target

      Passwrd-1234-Setup/engine/modules/auth/middleware.go

    • Size

      6KB

    • MD5

      2cfc86281d65326de6d40ba937a405e9

    • SHA1

      349a086acb18099538e911d87721b9f17e1e074c

    • SHA256

      ed31c9a3037676a31484ae17a0b2ac3fd7658420d6d8c2fdcc4fdbd73f41ae21

    • SHA512

      6267877d2e5d145a717474148854cea7b1b4d523578ad9b07568c2fecf7e873b5e7178d80a4aa606b10a352820f6d258e5cf5debc6c433b22554f5197b47ce02

    • SSDEEP

      96:dfwpn2/11fLKkGmSrK9eEmnGAKBvqiWpvC32pplXbQCLoLd6dLi454hL0tR:dop2/eoCwvqbpn8L6dLi/hQD

    Score
    1/10
    behavioral13behavioral14

    • Target

      Passwrd-1234-Setup/engine/modules/collection/collection.go

    • Size

      1KB

    • MD5

      5b1c1e76b1ab4d214e46dd15aa05e296

    • SHA1

      b5f2a08a4459202cb1aca067e27b90106f18c48a

    • SHA256

      8eadb086f0331f5b702e28513e943cb9b8d58e941f28b67dd2313b815c1f29eb

    • SHA512

      8d29a8bba4354f70fbfef9ed9bd53e0a379092e5fec239c968a6d9b98584c4514f87867330bc2bb48b815fbec6c5364c8588ec5589956a2e86cb85936b3db940

    Score
    1/10
    behavioral15behavioral16

    • Target

      Passwrd-1234-Setup/engine/modules/config/config.go

    • Size

      37KB

    • MD5

      6dbae26fb770337267ef38ab7af45f8e

    • SHA1

      d0167f2ad23e47ec800236f2905f3a47b71d8e32

    • SHA256

      5c41eecf63956d4ff97dd086ba7ecb34a19b1f0446f31e8809618927dc22d6ed

    • SHA512

      9d880de0cd9a61e227c03768006b97140be4cc3444508760d6ce914c87e704daf693071ec818dd7cda8143621b7d25a1d26d1695cdd518e8cf891689ca0e1344

    • SSDEEP

      768:a239zle3W4OxP0Inx/8UmYYl3HQPvJdCwK9WiSzn88rvvqMf7lbdXl3EMu4Jfcta:XtzJPQO

    Score
    1/10
    behavioral17behavioral18

    • Target

      Passwrd-1234-Setup/engine/modules/db/performer.go

    • Size

      3KB

    • MD5

      65ff823e3212086c8a815b56d1eeb7ef

    • SHA1

      b7c64860bb2d47a13eb83505ca93bccc05f6911b

    • SHA256

      fb2111f1c45fa6b51feadbf9e1218a9d431db179ce130d5a21b1b6bc79a56389

    • SHA512

      8389d964889529dba4b9c5b14241db6160eb82214fcbaef3df98c1a16752875926f59b4734ea86dbe9a2272fcd811e048ece88094846da860fe7fa8e4713c402

    Score
    1/10
    behavioral19behavioral20

    • Target

      Passwrd-1234-Setup/engine/modules/file/file.go

    • Size

      3KB

    • MD5

      88ccad7bca5e7c446a0324c5f6d34ffa

    • SHA1

      3492ab0d801ab50d202783a15ae76fb5335748eb

    • SHA256

      5ded7f2bd3014f142d7a23e3434843a3847fcf2bba55b747ccad6e8a5aa860a7

    • SHA512

      2b51b0c2baa05c140be75fb5435d26c966aff51e3cd50fd320b80ffabe1545f7aded175229d0738a19adf21ad647b045d83e6cd370a097cd2109570e7af3ed9f

    Score
    1/10
    behavioral21behavioral22

    • Target

      Passwrd-1234-Setup/engine/modules/language/cn.go

    • Size

      19KB

    • MD5

      c119b260697a4d1d0691c60166c02b01

    • SHA1

      a23e02bbdbc28be9373873d62dd2b03f54466cd5

    • SHA256

      d7e602d2dddf0caae2dc009c614c5f8e833ea85b17e84728d5e2b263269df856

    • SHA512

      b0779f5494ec9dfadcca47a8ea849a635bc712514b7b88fe1bcd19958b541d20f31f1810ee46c2418bd068dcea67bab4cfbef365b3cb24f00eb5d20766e559fe

    • SSDEEP

      192:dzaEACMDaeGO9sze+/utjjdD4HBZL2iqGf45NPRt2xUAIheMh9FsTjEsVU0U6YsZ:dDACpsszzqDW2iqlNv2GcMh9Mbs+eLYT

    Score
    1/10
    behavioral23behavioral24

    • Target

      Passwrd-1234-Setup/engine/modules/language/en.go

    • Size

      18KB

    • MD5

      fc854f4bdaa80006d4d4e9559125589b

    • SHA1

      91d13bf128cbe1010b7551c8970eaa752b2d0e82

    • SHA256

      83c0b89181612c68878156993977a6536726f534bb8f5971a4379f3d64671e50

    • SHA512

      e16c767b7b5dd2c3a3ec89bae0027be893c8f4cd41f70aea2c1c2f112d95c71e9267195576bc2a6ed327d95e26a0c1ba4b1bc61596fae0a4e4943e4e75c2f662

    • SSDEEP

      384:dJbb87szzysnMuZ+0Ro0s5kOkn+uNJzLcv3HjdDK31PT:bb85uIuo0lOkn+uNJzLcv3HFK31b

    Score
    1/10
    behavioral25behavioral26

    • Target

      Passwrd-1234-Setup/engine/modules/language/jp.go

    • Size

      19KB

    • MD5

      66bb05cc30fd20097cdcee5ff38854d4

    • SHA1

      a650455039528062f153c15362c27588656e120a

    • SHA256

      2bcd92220ccf137f1798851806740d9b914f2648a3de8c6f41d8841b60c6a9d6

    • SHA512

      a1950941be7a758d1d26b74424fa2a4653ba8dbb7d78b9970862c4dc360e66bd4a89286ac3f72291ad14b234eab51aed155711e68b469e15e9ba0dbd4a360d45

    • SSDEEP

      384:dlaHm87szzysn70Ro0r5kOkn+uNJzLcv3HjdD831Hf:L8Cuo0mOkn+uNJzLcv3HF831/

    Score
    1/10
    behavioral27behavioral28

    • Target

      Passwrd-1234-Setup/engine/modules/language/pt-BR.go

    • Size

      18KB

    • MD5

      6a709c98e8f8d217064de65ac56d542b

    • SHA1

      a57f24eb322f3254de97ca1368cecda4131fd8ae

    • SHA256

      6c53476d4b149e5fe378aa177282cff699beff06242ece86f73d66fe9307f90f

    • SHA512

      978e6b42447b666bbfdb39a0c8425d52c401a53dd51b5ffb2c49759879f5aacdcc93fe5dfc9096b39f2b45f7f2ac6b8ef15c653ba39a5415bf1042d1238bdf9e

    • SSDEEP

      384:dZk87szzysnacHBC+KL04BnOkn+uNJzLcv30WThGpnF:rk8LcHAL0MOkn+uNJzLcv31TEF

    Score
    1/10
    behavioral29behavioral30

    • Target

      Passwrd-1234-Setup/engine/modules/language/tc.go

    • Size

      19KB

    • MD5

      14ffaabf46a61cda82d9cb4e5a3fb1c2

    • SHA1

      b20b8a53ea6e94c3a19b094fc7fa4842e09c2033

    • SHA256

      52c6bcfc92f1cd5b9bce8ec2abbb3f576aaf60ad6df9789db51f15bbfcd06e70

    • SHA512

      29f9f1f041fe7defce8cf10f05ec6b6d6290aa276336d6987f46de1c7e303fc46032f7212dc51b25d6a9a9b15b43066ec5599b4d03f841f26255a134a334f70d

    • SSDEEP

      192:kYj56FXwuMSeWEsze+/Dsa96MbR/jQ7xAqEm3O09h364zPRAjuroZq/mQcDAEXYW:kYKwuzyszzx6MlVqEm3V9h+urkUKR

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

vmprotect
Score
7/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

vmprotect
Score
7/10

behavioral4

vmprotect
Score
7/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10