9f874d738291a1eb1e519f68a999d0e6b59dc57acc57d652447fbb3f695a222a

Resubmissions

31-10-2023 11:21

231031-ngcwmsff6w 7

Sharing

Copy URL

Twitter E-mail

General

Target

LOADER.rar
Size

9.9MB
Sample

231031-ngcwmsff6w
MD5

53647cd383eccea76f4dc800fb51c722
SHA1

3ae7d6f2401da7addfc11dc479dc412ed83bc8b5
SHA256

9f874d738291a1eb1e519f68a999d0e6b59dc57acc57d652447fbb3f695a222a
SHA512

7176fb1299f26300e352807ae9b578868b2637616c401f0fdc849c78d753c2784c81a38d855b8122d6290ee4b4f4ee8ae7945a787193a3149b48494cb92c36c2
SSDEEP

196608:mzZzIuUK31VFpqi4q1t4R9Gsux765h9+eRXUfMHaGWsdgBbFMf3Nu:mzZzIuT3HFpj51o9nMuXTlBWBbFMf38

Score

7^/10

Malware Config

Targets

- Target
  
  LOADER.rar
- Size
  
  9.9MB
- MD5
  
  53647cd383eccea76f4dc800fb51c722
- SHA1
  
  3ae7d6f2401da7addfc11dc479dc412ed83bc8b5
- SHA256
  
  9f874d738291a1eb1e519f68a999d0e6b59dc57acc57d652447fbb3f695a222a
- SHA512
  
  7176fb1299f26300e352807ae9b578868b2637616c401f0fdc849c78d753c2784c81a38d855b8122d6290ee4b4f4ee8ae7945a787193a3149b48494cb92c36c2
- SSDEEP
  
  196608:mzZzIuUK31VFpqi4q1t4R9Gsux765h9+eRXUfMHaGWsdgBbFMf3Nu:mzZzIuT3HFpj51o9nMuXTlBWBbFMf38
Score

3^/10
behavioral1
- Target
  
  LOADER/AlphaFS.dll
- Size
  
  359KB
- MD5
  
  f2f6f6798d306d6d7df4267434b5c5f9
- SHA1
  
  23be62c4f33fc89563defa20e43453b7cdfc9d28
- SHA256
  
  837f2ceab6bbd9bc4bf076f1cb90b3158191888c3055dd2b78a1e23f1c3aafdd
- SHA512
  
  1f0c52e1d6e27382599c91ebd5e58df387c6f759d755533e36688b402417101c0eb1d6812e523d23048e0d03548fd0985a3fd7f96c66625c6299b1537c872211
- SSDEEP
  
  6144:QDyJst+jyCnzLp9hvHsPvPvPvS2JQvlojidPp:QDyJsvCnzZf4U1d
Score

1^/10
behavioral2
- Target
  
  LOADER/Loader.exe
- Size
  
  680KB
- MD5
  
  5d2ea1be827408b10f7f3dd00050216e
- SHA1
  
  0fb5593bcfb19b67dbaff3c5127d61acac7e0a0c
- SHA256
  
  691b62e6f9ecb659d8c0edb494a510d2065d31adb4cfb25cba9529201071ccef
- SHA512
  
  36719717af5fc0f0b7bb7e936672a80be4b44d53e50ef7d7b4e7128882ab4726d24ca215881d475f582234dcf58a398aad0554de106e7ba8fb19e6bbace2ff96
- SSDEEP
  
  12288:MusMdxnricL0xzonhWwnW56viEUrvPiKaTicl80cwenIS93p3qVj4FTL:rnWcLIzMWFjvDPiKaTiclDcwi93MVj8X
Score

7^/10

discovery spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral3
- Target
  
  LOADER/libEGL.dll
- Size
  
  431KB
- MD5
  
  1ed91477a02e0e2a64e5e9f26bcea438
- SHA1
  
  8058c2bd3342d8d882768188b1e5c45567a8dde9
- SHA256
  
  a1267343e2ff9f9603627c0520e6cdd8e4a67fba041146e8def6a43e334a4e03
- SHA512
  
  c80ace4df62ccde9699cafaffae290cb9ab83dc5db5fed6483aadea0f6389eaab8cc44f8cfde43aa980307a6f357d51c406fa267293135def1eee5378d0960a5
- SSDEEP
  
  6144:gbSSlxpHPDSDwFRSHXEU4alu73cwp1MmJw7r2qVmTsR6Lbg3y:q9lxdPewF43EDaG+0TP3g3
Score

1^/10
behavioral4
- Target
  
  LOADER/modules/x64/d3d/d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  62a89e7867d853fee9ad07b7c9d64379
- SHA1
  
  944a53602492187308352103d80ff27af1093abf
- SHA256
  
  d412909f1b597045b856caecedfc677eb4708af00e5b70788a01fa6af49c09d9
- SHA512
  
  7f66bf278222bf1079a3695ad55086ccc7d8b05d7db4f9a5bcbfe4ac8d82bc1a618b1c6dc675da61d47f48fce2b0670ce6f66db63e79e232604304cfc629d6d0
- SSDEEP
  
  49152:FuupyuXyH+UquCXNNS5xUwZIe4GskWuyovqUfjyheLfRT5qSxvcZwfYYT3w4teA0:+RIovuTSxk8YeRvqak8Y
Score

1^/10
behavioral5
- Target
  
  LOADER/swiftshader/libEGL.dll
- Size
  
  445KB
- MD5
  
  e7c8cd0bc5305a7c3c2a2c1f689744e2
- SHA1
  
  de20c6420bd838e13867bb37256e1b25bf365942
- SHA256
  
  48bfd2776bc58f386acddcdcad5161b1d7e3dc71a077cda5232b989da9081ae9
- SHA512
  
  2d4436470c0c4c8127717fbfd863cf61af5be4575dad8241d8062dbf7fb84e2ae517eaa11c2a59f1ad2bad49dbc05b15acea62765379643ca51acf96f48b79c0
- SSDEEP
  
  6144:RD5bSb+dOqrMEv3lKyEeWZJ+vAFpnLt53h30kjuhwZq0V:Sb+8qQEv3nInLt8CZtV
Score

1^/10
behavioral6
- Target
  
  LOADER/swiftshader/libGLESv2.dll
- Size
  
  3.0MB
- MD5
  
  d9a5609d8da5bd558facf2617619ad2b
- SHA1
  
  9debb66a376549ee795e9c049b3a685245e0a4b8
- SHA256
  
  da9fc78eea721b8e51599a72053c569a6ba1cce64808544c428bd295f3ef3216
- SHA512
  
  b461fa396bf58ac4989c61057502bd00493e920bfbc1c092a763699d660aef2b5e1aa9659000cc4fd0af0831043c18e01489c94733af06659d49fcfaac82e42d
- SSDEEP
  
  49152:X+H0cC+Ib0QRnvfENDNA+3eOAPf6dLO7MacKYTA+OV38dgnU4nWQ+qJmMsFLufbE:uH0ttRipIsBGM
Score

1^/10
behavioral7
- Target
  
  LOADER/vulkan-1.dll
- Size
  
  715KB
- MD5
  
  9663210f63cbf7a8d6b36a95d93dd119
- SHA1
  
  0fc5c50984b2c9677b8ebce4d4518c1322ce4145
- SHA256
  
  de7d4c0e859be24c5ae60b5dad2bbac62cb3b3812ab747ee73f4483c7a10dc88
- SHA512
  
  a161dfbb6e40aebec9f33bda4c81f52f456731d76bd48edc1425a2593c75591d969d3a3394a105eae386902ec822de3f9099cd07964f96d4e204f3f0ff48e631
- SSDEEP
  
  12288:x+Ru04Y7t/DlHZkyHQiKy99o1d+aXbF9r8PIoICdWG:xf1YZ/fkywby9m1IaXj8Ao
Score

1^/10
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Reads user/profile data of local email clients

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8