customerloader | c15427a19da1db7b3f9e9544db6eceae3fc30c42d570fa8d56728db6cd6c5c22

Sharing

Copy URL

Twitter E-mail

General

Target

Bread-and-Fred.zip
Size

552.2MB
Sample

231027-kner2aeh37
MD5

925ee0c53254a692dc58def5bbd7aca9
SHA1

37e8de5d0d72e0e0a49f7adc05ae2817f1e81a9f
SHA256

c15427a19da1db7b3f9e9544db6eceae3fc30c42d570fa8d56728db6cd6c5c22
SHA512

8a9cc3486ec8fe2a4fdbe42df2ec8a2a01bf55eeb921998033af0e8921a8455c180a7109f13a241979e5b4ee9ab62b5f94c1c563818ad456ddc4adad5992bc76
SSDEEP

6291456:zK8i3j09b2exgLz8mvoV+cSqXzfwMLdiKkNwmpJrm+7Ts7AAs57RUDJeZW71fdQk:PZXjzuVz0A1JK/Wu

Score

10^/10

customerloader xworm

Malware Config

Targets

- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/UnityEngine.VirtualTexturingModule.dll
- Size
  
  34KB
- MD5
  
  97a1de1b65bf35d09ca22e1b0bd5d0c4
- SHA1
  
  3048c6666663d7140e14077595c0ac3aded0a934
- SHA256
  
  a854e27a65f8a6324dab8601ecca61f280982252575edcdd8f4ae85cf5a2c059
- SHA512
  
  9f8d5593be92b743579e1f6659d0a83086c02743aecdaee998c59c43d7d9c25853f61092641ece493a00a3e5111b494a44e6e17e4080049c525e2b2262ae7f3f
- SSDEEP
  
  768:X8Vfc/lXl9l9lQl7l7lhl7l7lnHp8pC1Gb8btRlnUAEl8thjMXehR2EpYiTPx3kL:X8Nvo0bRUAEl8thjMXehR37TPx3kL
Score

1^/10
behavioral1 behavioral2
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/UnityEngine.WindModule.dll
- Size
  
  20KB
- MD5
  
  c36d8fa511e9348b0569a640c2894163
- SHA1
  
  0a86fb00f3036687415b0006be541d0ef96d6315
- SHA256
  
  780424b1b5ba66d854522d8d6688955c572cfaee3bcd2ca4281469b5bb89ea43
- SHA512
  
  9ce24fde1a2089cc1b6cbaebd4dba57807b64be140fa51d8e2366f099725861ce546c0ac90f3e08ac993d8520d3124fc564a9db101834aec3eb9cd634a985b4c
- SSDEEP
  
  384:aWjgAQkHBUAEl8taz2hjMXecjOBJNyb8E9VF6IYiTPx3nkvQlZil:aJAXhUAEl8thjMXehBNEpYiTPx3kB
Score

1^/10
behavioral3 behavioral4
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/UnityEngine.XRModule.dll
- Size
  
  68KB
- MD5
  
  1c340afd1e011bddf0809f2356addc05
- SHA1
  
  878c4958430d5a4cd37e7b4725cd5a4c248b6f5f
- SHA256
  
  4b0718b42e255e3ab79c68e54cc08f1bc4093f126e526b94a0ce8ca1f39151b4
- SHA512
  
  b861ce9193dc0a8fd5fa834e6f6fb96f55e2f1b085a719a471bd127f51f801a87c7de8f90b4e611d906703e757cf986f30355fcf9c0e6826c920a65d2b61c26d
- SSDEEP
  
  1536:Pq8YNJFlh3Pa2t5luISh54n0WUAEl8thjMXehlG7TPx3k65:PzYNXPa8QIhUAZGfxL5
Score

1^/10
behavioral5 behavioral6
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/UnityEngine.dll
- Size
  
  108KB
- MD5
  
  6ecb88097e81916c155785e332bd9b1d
- SHA1
  
  57efc772c14f97a92a18f70bb165d185868b707e
- SHA256
  
  d5c996c5927a0ed597ba3bf4947812883a1de203fff892bda7120477b1780a51
- SHA512
  
  3ec7bcf30c42a1814e3e3077a7d34828a608e5874c6c1de648896611bfebf4c4b6ba872cf31742ae23798969455e15d21c235c0d3973b18f3a768b88bd9783e1
- SSDEEP
  
  1536:Nze2E6oc05ga0JX4R6/Sz2GsUqLdxBSst+MNUhyvJvZxP5SQInBdselkvxcFp6kg:MZKGLzE/SaGU3+ovaveOfxA3
Score

1^/10
behavioral7 behavioral8
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/mscorlib.dll
- Size
  
  4.4MB
- MD5
  
  2881216b2adf8067e51fa534b1b99f6b
- SHA1
  
  888874c3858a162ad51ad4ec45cb5959dc1aef47
- SHA256
  
  c07cd9d301efa05c2c6eec11bb0d6cc3a1c704adc9c49770206e02882a635987
- SHA512
  
  61c50a4d379bd2960b44bd92d907eded8c047296a662345199ba2d0253464120eaddac30170d167def890a170907b959686c30af047c6630340d34d5185fb792
- SSDEEP
  
  98304:bTk3IbGkR1s5UndZBlKj4Xl59xWIKWBCFzXjg1WUqSB21v2:b6/E
Score

1^/10
behavioral10 behavioral9
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Managed/netstandard.dll
- Size
  
  88KB
- MD5
  
  c61967ebe7f07f6a5a1b3f91842bbc3c
- SHA1
  
  c2db6e7376977c5c7f17d816406ca70f95d8e1ef
- SHA256
  
  6ae62e082dc494a2433984177f60ca4db5fae69b1f360a8b33754172b310b8c5
- SHA512
  
  5e63289f67a2b5d436d192a6354444327c4939e854cdae82614950885265fcc76739219138f22c55171362b735169ed77e0699958b4960a909f6ec919ce3aa49
- SSDEEP
  
  1536:zsYKt7WAMU9UYk5f4bJUHGPdghpuSX5qUE7cLh9z+:3K4AMaUYm4bJUiIBh1+
Score

1^/10
behavioral11 behavioral12
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/Rewired_DirectInput.dll
- Size
  
  11KB
- MD5
  
  df2d34b16ceb8b76544c1e1446424337
- SHA1
  
  a076a9d6d1e61b4b3b688e672d14a654a9a05d86
- SHA256
  
  ffdfcb31d713ab4b6d196e598d2112e8abe39499491ab1fda2a172a6c42efdb9
- SHA512
  
  e2b4410f3613862084551dff971b75d5a5cecee4ecf139b6efc2ade6d20c8ffc395f650b71d707b065a25c9a519a03155c7ae79b26de2352a858702f1827c046
- SSDEEP
  
  96:DAPG3jk/eYe6Qv7tw+iUg3CehJA63b2KAcY0D1LzEvNdp/Es3QQe9pjx7:DAPGTkRzGS+XgyyJlxgEzGrp/EtH9ph
Score

3^/10
behavioral13 behavioral14
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/fmodstudio.dll
- Size
  
  2.4MB
- MD5
  
  c1e76f99ee91dbcf47fa37fc788fac2c
- SHA1
  
  db5bc676d9aa68747d10d6c56628a9588212f58e
- SHA256
  
  dd85e1766b7ab93f75bee535a83bd5ad966caeaa9d1c17265d0d10045848a7e2
- SHA512
  
  d0982bc02d9e7640cac8901eee9b8af6eebba7d1b6f82f05cf17f2473ea55ce0256018d2dacbb5088862c57aea373eff528e83dea796c66c34d1d7b403d7b016
- SSDEEP
  
  49152:rzjam+ewAbALTUYPYy4VJKw8mmoKpm/zuXWox46S0n:rzZ+eTbALTUYPYjGw8MKrWox46S0
Score

1^/10
behavioral15 behavioral16
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/fmodstudioL.dll
- Size
  
  3.2MB
- MD5
  
  2979de99309fe3a52d6f24e13abd4880
- SHA1
  
  5e65ec17c5c209020d65b6560ac1ccd8bd897684
- SHA256
  
  f4953603f4d1440717e9f0b8cb0fd6f75c8d83a60189e9a70c1f69dd3c85fc6e
- SHA512
  
  b0a2681fb744abc511b25c38c421965d4bb7d7e471c56fbc6dc0df0746b81ccc9a6bbd31a44671ed455771c9a38480cd2dc22a242cdfac9a78f54c53246572b1
- SSDEEP
  
  49152:Zn8ML7r2/niYNJO0eDQv5VRndJGbVsjSNE3CgVxnQxs+gqFz3hGinpb0:Zn8MD2/iYNJOpPxNE3vx/HAz3hGiF
Score

1^/10
behavioral17 behavioral18
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/lib_burst_generated.dll
- Size
  
  139KB
- MD5
  
  ffd1903fccfcfa804324f47935dd3176
- SHA1
  
  d297a264a67817ebe34ab1341a46b83bd0d94705
- SHA256
  
  f1d79bc8f0e4543029fce611e6ec0927d086e8d7c1959563fa5296ed54271786
- SHA512
  
  e6fc69a8bead7575ed7fa418cc2c49dffc924f15aa6b9efc97cb5b17d341ed4eaacfa9c0b5eb02ea380d114f9e7ab5586a50786fc840487a718f22641c603bd1
- SSDEEP
  
  3072:TQuiPMG5JzMYxbs9RXX6I0X/Y7tqnS4/QJzxxvhPU1xHWis:Va42s9RXXogZqmxxvhQts
Score

3^/10
behavioral19 behavioral20
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/resonanceaudio.dll
- Size
  
  678KB
- MD5
  
  695bcfd3dc9522461338e945a9749e07
- SHA1
  
  12c8c4ff33f89933f2413b5b12bee941391eaf7e
- SHA256
  
  f6588e24d03237ee37e90cbcf8a8311daef3151b4db02d82ed9596ef4b11a84b
- SHA512
  
  14a1e3cd40f18d6c4bad56450d8ef4ddbbb766dd577159b33d82221209dc2a6ec166b94031d3418b230dd984731bbc43ba4809d2012546b30130e42a3bcfee86
- SSDEEP
  
  12288:mw8AjRs+VwHmFw/v04a3O63JL8Wr3UEyJqzOz1Tc8NBiWSkDKQ7IWH9E1:X8AtDVwHmFw/c2WbUVqzOz1A7FIn7IWS
Score

1^/10
behavioral21 behavioral22
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/steam_api.dll
- Size
  
  2.4MB
- MD5
  
  756f6835644233d033226b9741b917a3
- SHA1
  
  963cd1369004d903a3033696d8a6e20bbac497bc
- SHA256
  
  60fad76860e13f20c6874edf6a24c62cff08d9a94f90a7998dafc093c22e052e
- SHA512
  
  7a05e0baeacc4e44398a18154fca730b34bf287d4c2e73fc0e7791fb118a7f37e9f3e0ac657c8d9d5045497994524f18e7373e05753ddfd68234364cca567062
- SSDEEP
  
  49152:J3zBPBp4jAs9HvAbzHg68lHcEmO+RObh5Fjrl6S10caNq8KCA3zXufCIpHV+z2b2:J3zBPBp4jAs9HIbLqlHcEmbRObh5Fjrf
Score

1^/10
behavioral23 behavioral24
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86/steam_api.dll.bak
- Size
  
  234KB
- MD5
  
  9084e3645f0601810362084da53203db
- SHA1
  
  b453c5a8e8cd839d3c5ed2ec4ed05805179ea3c2
- SHA256
  
  ce6f48938493b90ffa175fc93f2b8ee5189e5db81f1274d5b57c9841d6fe4179
- SHA512
  
  049561b2b7fad8362ce8eb1269637f999d1722cd26f19b47fc7154d41ddf63590c9d0e8194a1c76f8c4885414f38f47539c634d40c989b34a27f84878e6f5bbd
- SSDEEP
  
  3072:7RJaosHSxAP9QdUQC2mCGqc9tqqg7NTswFd7QgOWUXkZFBTbCIdmtrrpSCX+Nwyb:7RJ9PAFGNGtqt7NgcEr+NwyEBCcHHO2u
Score

1^/10
behavioral25 behavioral26
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86_64/Rewired_DirectInput.dll
- Size
  
  12KB
- MD5
  
  0afaa40682693c887a168878a20848f7
- SHA1
  
  8145451c75c6264aaa58a6d89f01d734a96ea879
- SHA256
  
  9989b282d43621259160954f3c2191afc3e3a13adb0091c3f60be228831858ad
- SHA512
  
  6896f54b289249683e2c6471dfabb6c3437e2ac17a9bc848cebc0d1696701755007a7f306cb34eceff49ac51493e4387464ecc05acd21836dd65fb37899dfd51
- SSDEEP
  
  192:TH0LEDv1KAaMBah/F0BJWId1w0jBheChQlgJnd8:TUgDoAaZkJWIHN1BhQlgP
Score

1^/10
behavioral27 behavioral28
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86_64/fmodstudio.dll
- Size
  
  3.0MB
- MD5
  
  8509f06442b56d40ae919d6369b4f7e3
- SHA1
  
  ccae8de6638e5e97f9cebea4c2c863227fee6059
- SHA256
  
  fa9c1325db3bf67cee5a59d2c052030468504bcce879403e5c0bfbbf411ed699
- SHA512
  
  80a50287a2abc6a8d94b07235deb05bc3fd23d45a7db6e4feb0f3928f9a019ecf3e942a240f441dbb9da0909fd14b546208e66d7ef79258f84e16f3ca1e8550d
- SSDEEP
  
  49152:S0YhaaJ/rZ3n9Vl2i8iWUhjMt7ss9Oj4MrPxC51vKQ8y/S4:+t5cGQ85
Score

1^/10
behavioral29 behavioral30
- Target
  
  Bread.and.Fred-GoldBerg/Bread&Fred_Data/Plugins/x86_64/lib_burst_generated.dll
- Size
  
  441KB
- MD5
  
  ccc124674b4fa598786be7dab9239585
- SHA1
  
  dadd01d17dc6d3947af91602977b31ef948b87cb
- SHA256
  
  2aedd1114ed7e6a3716763ff4062f1890d373843bf95fee2cf443e29fe376cf9
- SHA512
  
  b8f3a04c9651417479ca2c4249e2599a13618d43ba751225abfb34b4832b542cecda4fe020545e9f85677c3cedf305667349d8f16c2d89c64b0f27e4a6ea6554
- SSDEEP
  
  6144:brh+ll9rGI8s57PLYrTCjbnNgnzGOnwkTpS9Ue8MPvhEBD7qDP:wg6LLYrubnS7Tj4CR+D
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32