7011b5995a1753ef8076c92c0d07441742aabee263bbd604f690b64778b85bc7

Sharing

Copy URL

Twitter E-mail

General

Target

Image Logger.rar
Size

67.5MB
Sample

231013-qj3wysaa5z
MD5

98e6fd2eee9e6ee76d01dc0752db9196
SHA1

48821f79c5339420297f745b4c38bb16ae13bc86
SHA256

7011b5995a1753ef8076c92c0d07441742aabee263bbd604f690b64778b85bc7
SHA512

7895d82a18344d1ef509381eb2c0be0f4e4b7659a37ccd48706cafc7164cbcdb750ebb2407398897c856dd8224f0a8d844f4b96417f06189087e9a34973d85d0
SSDEEP

1572864:OuX2tItDMG1RjZGYNmKydzncjiKB6LOWKzm4moC83B/AoeWqu8tShOhNymWa:DXtOG1vGYNwzsiKB6LKzm4RC2xLeWR8d

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Image Logger/Image Grabber.exe
- Size
  
  67.2MB
- MD5
  
  abb4908e03b1dc565b057f4d27ae69f9
- SHA1
  
  5514d7bc163ce065f351ce04516ce5d4d08d37a4
- SHA256
  
  ca37dd2ec08b31f9e8e221f36ca0f2158a09457a86ee05e897501f52e5a39b99
- SHA512
  
  333bdcf9b819fa8a10e1015446b7c154b53522b03c1c19c334d1f1a50599a50e48639691f18b44d4359661b2d66097723196ae35073623e720717e038cb4c7d3
- SSDEEP
  
  1572864:tGF1s9g1H4GF7Ou/Yy/KAtkui9bTBBfZAsv:tGF1sVRXyyAtviRasv
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1
- Target
  
  Image Logger/RTCore.dll
- Size
  
  227KB
- MD5
  
  1eabe8c992be9d9f1bf404dbe7958af3
- SHA1
  
  0182926b649a7fead824bd5e6465ea0ee6ed9922
- SHA256
  
  45c0dfc00be360c71e3c262d0a88fe3b99cc7c7ec39c23dc6f1b0077e99accbf
- SHA512
  
  b9bb5dbfe0848417fc7712adf301c86fa739a3caf598b033c1aee51db76b9286f6cd35ce3d838100edf09a964809863537080171bb32b4e9b7bbd61429506278
- SSDEEP
  
  6144:u1/ZmgjLOq7cSp0mldWdPKuoaT6yOmmye5L:uRZtjKmlsYI6l
Score

3^/10
behavioral2
- Target
  
  Image Logger/RTCore32.sys
- Size
  
  30KB
- MD5
  
  cf70107d5b616b985cf97bbeeb0c08a2
- SHA1
  
  413433ef697784b599fea00dbd841b1bbefb19c2
- SHA256
  
  869344c31c491df7f9b2c4ad8e26e38664a425590f9fa4f523d1e5d27ddc1f96
- SHA512
  
  ce7f71f37c60e569a7e91148dd8911a15bcab6db54ed9f28aec3764d6a3b8f6c42a7005f1917851f483f6d723172be4ffef54e4c4019fcc3c2ce339cfa988dc5
- SSDEEP
  
  384:fh15WIIWWdjTOGkgT+XOsFBvhwP/dsbtsI72K2gMQZKDpevu0e2WVh3uBQ3klGs8:f1MjkgT+XlFjXpTp2HDpaq3DC43
Score

1^/10
behavioral3
- Target
  
  Image Logger/RTCore64.sys
- Size
  
  35KB
- MD5
  
  0a2ec9e3e236698185978a5fc76e74e6
- SHA1
  
  4fe873544c34243826489997a5ff14ed39dd090d
- SHA256
  
  f1c8ca232789c2f11a511c8cd95a9f3830dd719cad5aa22cb7c3539ab8cb4dc3
- SHA512
  
  4a6661eaddd6685c7aff9926de0c96d7d54cb6fdf3c319a1f5ddd96d282f4dbd7772a637461aa37245122fffb39045834d41428634849e82618a2d392c5aee06
- SSDEEP
  
  768:yQO7kUIYCi54cTE4BnavXqE3Wr4JSDp2HDpat3g3:okUKiqBXi4J3C4
Score

1^/10
behavioral4
- Target
  
  Image Logger/RTFC.dll
- Size
  
  56KB
- MD5
  
  7f23187f60ed001523ff19a2c0b71245
- SHA1
  
  0984bf5d03f2477b8f9872cb955e58a0ec7c3427
- SHA256
  
  febbd8d4849b6411de8ead30414a760dde2e519cb4395b47608e6e49be6cee82
- SHA512
  
  3c300c33b64e73ed4228782da544a15c83809338de6dc80aa90d6ad0877826a279e084e730db47f9df90c1780fd1e3bfe6e2f5192da9549e1af30383856ae443
- SSDEEP
  
  1536:8dQYuf21toQdCv/7qsJ0uNDboDMO1dM1370:2tuYFy7PJtNvoDMO1w370
Score

3^/10
behavioral5
- Target
  
  Image Logger/RTHAL.dll
- Size
  
  653KB
- MD5
  
  8168295f8ccda92adb1c655545f50321
- SHA1
  
  442924e466ff2a776d7b412d3d8f087017d35d03
- SHA256
  
  ab4ada300ef3e0cfb40f34be440edc4b4b7ce2983caef5b463c92c93a53543b3
- SHA512
  
  97b93a3b63d80a2a3ca51ebc60d48a83fe43d45b0179bb462b305fb1699654cdfad5f32c2a00e4817378310a89f416088fb6903eaa1be8accb9ef890ab3fe4c2
- SSDEEP
  
  6144:fFLF2uIiNpmlJUAVAviz601DMAZ/FKOXNDLTF3HDMFO1PKM3CIS1i2f7iibXeYDQ:e7emlJNl+GT1FKOXNvZ3DM6jCIh
Score

3^/10
behavioral6
- Target
  
  Image Logger/RTMUI.dll
- Size
  
  72KB
- MD5
  
  60fa86c9e6b796986aba82a4d5d81894
- SHA1
  
  e672f702bdbe97c3b013540c5f8c6e577e6bcfc0
- SHA256
  
  d1433ea1a5cac5abb7f3fe79a5c20ed5648a4bdd78b9ff0524b229e93254013f
- SHA512
  
  330a4c415e6bd821dcb5b757d8fc648e03f3ce6c019d6a91c18cf586379117154355562bef60230cdc08b21ea544f7f224360a6e0e9b7bd6e90c2d6d66b7560f
- SSDEEP
  
  1536:mzJUd6WiUzse2ntfh8fNIrOKtfKnLASGD2+DwmN4aBkGEjyxkeEPr7XpqD+DZQxY:mz6d6WLzse2tfh8fNsOKZKnLASGD2+DI
Score

3^/10
behavioral7
- Target
  
  Image Logger/RTUI.dll
- Size
  
  363KB
- MD5
  
  4f490d1686dd159f2d260a917372dead
- SHA1
  
  ed5e88c5d2cfdee84a15afa14a5b2c259f4179e8
- SHA256
  
  7ad87cd882d7ce3ad3d28dcb09cb2dddd99825a40467f81dae490d5416c005fc
- SHA512
  
  4474839282828baf4abb97936b7bb28e4099af68598e91ccc19fa81ca2e39c0eb598ad090ee173a9e02596b863a9eda9d96393823e015b3900cb6bc8540af022
- SSDEEP
  
  6144:b9dlLVWY+Ps3HAgjk5N+qghCvxyyXtdX1IDq7fJTBqCSWOyRSU:bpoU3m9vxd9dX1nTsC
Score

3^/10
behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Process Discovery

T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8