General

  • Target

    e55a88e3912ddc2ff9d019b31067c9a4

  • Size

    30.0MB

  • Sample

    231220-tsvtgsccd5

  • MD5

    e55a88e3912ddc2ff9d019b31067c9a4

  • SHA1

    7fe305127284786365c1dac8a0c745617e58aa55

  • SHA256

    8672b7df4c0acc1b75dcd966588e97f33f64a866b410a3aa2becb615715ea70a

  • SHA512

    abe47fdf4a507a41264bf72b7747a1226b6b8ecf3621d7b9101ca661dbc0807673c1f25a67dd1c342dd6973c7cafe7c104f3f8991d7e9038e04e494f60d300b2

  • SSDEEP

    786432:QwKEQ29fzSKZ4PVEcSMQwHmSojmH8Pc7OCqwX6rZsqLDTd:9KEQ297ZtWt7OCtX6nTd

Malware Config

Targets

    • Target

      client/Accounting.ocx

    • Size

      1.0MB

    • MD5

      3cd835d82a1c077b72db9fa53d5a75ca

    • SHA1

      2e19e245acfa9faba96d13bf17f76c61664f77c5

    • SHA256

      fffe476e1ad10e19e3607311f152f48d80f2c08127470e0b1b6530e40061040c

    • SHA512

      56a2ddc27bcebdbfbd53842f10ec3e3c686d4fb4366ad1afc1029f1df240ad662377106999cc380abfffff7d556892ec3039932286752589fec995a361976eda

    • SSDEEP

      12288:BEqwmkzGaEEqbKCdIbLlK8Zu4Ba4HJT4RO+GTOQPMSfNz5kWkiTB3gxZ/YJlpU:G/T6GTTlkQ+xZ/

    Score
    3/10
    • Target

      client/Analysis.ocx

    • Size

      816KB

    • MD5

      6b70ef51e1599b6e2daa4148d256824e

    • SHA1

      ffa3bf1f4c77ef07c8e18dad57f2a49f73e0708b

    • SHA256

      d0b51ae95259c5d5424f2fe27f8c3ada06ad0889de46846c3f7379615c8a010c

    • SHA512

      246f652abd7b67a303c2a1603fd94a869f691ed50a0d5c36a83df5ce5c634456b74cd480b3095e522da0446773c735619c78ee7636817c60c1b9bb65290b813f

    • SSDEEP

      12288:sxpbxVekfW8BzFG32XyB2EvZGhrTsp5xfilKjZqg54FeOjRF8t2lxQQMSfTQx9:4ekfWQod6lO

    Score
    3/10
    • Target

      client/AnalysisPack.bpl

    • Size

      101KB

    • MD5

      2cc81d8945cb64a0784ead2638f6dd52

    • SHA1

      df0c36f69e841028ac0258c0d7619b22f0f210d5

    • SHA256

      a3affa4511069814d57657fa77d7cea38b4c2762e12c3dda417adc1c05c01c55

    • SHA512

      baf1e34b70b12446f754b62c582f7d07bf45d03be509d1b1579d37af12cb020c473c0dbd05008857d9c80d91f2d65fc799ff020865701bb6fc0f4817417efedf

    • SSDEEP

      1536:9DDa2mAzv5UrKFAZjS3gPLIkYxYVJ+IbR+8ktQSMkc8fG5VJ9:5W2BpAYZ3GVJ+IbReQSM+fK

    Score
    1/10
    • Target

      client/Asset.ocx

    • Size

      410KB

    • MD5

      5d55f90c9d008c0f4f693072733ee90d

    • SHA1

      3a3a809a001206dad3f7581984e8b94b250a069e

    • SHA256

      cedada0320e396722b88bbcf5d5025b968e5adc710bc2fef6f22d1de4a105392

    • SHA512

      1e4a49f4019847bed42f78eed940e1e6574f8266f3be3d7ea13267045a3a4dda086d5645845519b9b5509b0884d3d2d61618dc115ba21046688f6c04b6fbd9d8

    • SSDEEP

      12288:/wp72GUjM0Y348zfxXJVs5QSMefw6BEyIG1gBaB59dIRiceXnlvW8PX:/xGZZM

    Score
    3/10
    • Target

      client/Azk2ClientPack.bpl

    • Size

      1.7MB

    • MD5

      a3f0c049dd8abf37b9020e1bb0c8b876

    • SHA1

      6df7c029029cc060ab9f296ba4b62c290040072e

    • SHA256

      f850659989aeaee4c6a3217618ca721af6ebec6e98544e9fd693704ae53066b8

    • SHA512

      bed2ab365fb8389c9f3f75e7aa0c40639ba6dd4b1a48df11df4499efdf2c40364e2f9d440a50487ccff5b53a62d134d1e5b3fba104d929c59ad2d65c95303ef2

    • SSDEEP

      12288:vKq40UZFzrh6J8zK5uDZlLTtzrhK8S4z9sGiBBEkx5MQ+M6fup4O6HkF+x9D9K:SUU0+zK54lTH4Gib3AkQx9Q

    Score
    1/10
    • Target

      client/Azk2DocFlow.ocx

    • Size

      211KB

    • MD5

      124c54d15df650fa96d24148a0b446a4

    • SHA1

      afe70145a5130a9232cdea7bec6711e7bda922ff

    • SHA256

      0181c04ed9dc5716d371a90e1946b06875ee0551f2a74343c5c7ae84596f039b

    • SHA512

      0cb7270295bda0069249e8e4ea52657df5e63e06075e520945a319dabf279d93c6f4f90ab2ab2b02c009d11ef86b0528136c15e225673a234fcfd9a8cdb13f1f

    • SSDEEP

      3072:WuogVkRHZvB9Dzb4zBD2Od9dD+RTQSM2faUXb:WckRHZvB9DzbGD2fRTQSM2fV

    Score
    3/10
    • Target

      client/Azk2ExpensePack.bpl

    • Size

      1.1MB

    • MD5

      80a64f0a18143a11a28145fa9a51de23

    • SHA1

      acf4d7c47a69ebea241c72c8effbee33ce1922af

    • SHA256

      c79ab2162d1e86707f63bb118b26a21b51d0a6d0483c4670423d2958a564f489

    • SHA512

      b64c3b5dc329f0ba1bf2ea2a1660337975c655d5de82e83f95e6271994ab7e3dcffc76c221f92cf52bbfd653806cd9640fae24a4ed25ad2b2d591180933d4c5b

    • SSDEEP

      12288:N/du/w98chFt4/LOwvi3nW+uuPcUcWax/YOHqz9pr6/N3jDYB/qLYijQSvGfcxk1:O+uuPcsW/FjDUkYVm

    Score
    1/10
    • Target

      client/Azk2Kernel.ocx

    • Size

      1.4MB

    • MD5

      3b9bf30f51aa014288b52b94e78d01ef

    • SHA1

      b61cf3a491de618d74c29dd3a07add5ab90d7639

    • SHA256

      e98845edf60884eb1df691cf786c4d653b6c612201b068f77053202145c6d647

    • SHA512

      2632d3cf9feaa1fb6d0f6df756d9004ded5b31c66a2f367964455e22498eaa7a94f5accab53e709160e14c7e614f7110b2cc959476fb2166c6e829f24411f8ec

    • SSDEEP

      24576:qM2qBzwXU1nDdynOXWBgUODVWcCRj/EehNK8LQpHuIyssC3ztC9SN76B1nDe2aPQ:qM2qBzwXUryNcCh/EehNK8LQoIbsC3zO

    Score
    3/10
    • Target

      client/BFTLib.ocx

    • Size

      443KB

    • MD5

      d10450063be56967d0b1c61381563795

    • SHA1

      e1ffb86d4ec2910d57c676962479bfc12e8d7856

    • SHA256

      26af35bbb0c6fd5132cab5452288bf8f7f8f38bf0eb5b9c6f2cf07b41071bdc5

    • SHA512

      827fe03bdc5668523503a1b3eaf27300f9ac871b14f67e69919f464fe43b42449ed836da9e28e37ca1958d705d5927f26cfad70eafbd7470141b13882f84b0c5

    • SSDEEP

      12288:kPch7TXSPvSOJYZ7eeK+jQSMTfJ1ZHrrn2:Gch7Ti3eK+YX7

    Score
    1/10
    • Target

      client/BftCryptoApiAdapter32.dll

    • Size

      242KB

    • MD5

      a3b3b0f3470bbdaa94ad9b251ebfc42b

    • SHA1

      08e49780efd9e8b433bba4ec7ff81eb40523e357

    • SHA256

      928b3c1617f43a0d12319645cf7d102f467fc1a97c7e9565db213a6bcbdf10dc

    • SHA512

      79e73aa06c271d0431b93e0149a7fece08842fdf9d4ae9bbabab52810491190432c14dcb9154db4951ef46b7757843319080fed9dc520d9b95d46e0f1759731e

    • SSDEEP

      6144:IS1fT/R+sE46Ts7DVecjjL2NttMtGdYLmxwKOTL:IwPb6TsvV/LwtutGdvxwnL

    Score
    3/10
    • Target

      client/CapInvest.ocx

    • Size

      445KB

    • MD5

      db35b9c8f60eb0edb50107b74425613b

    • SHA1

      0f03fdf50fed59342b5ab36c76093e45952ad253

    • SHA256

      92821797b406af13a745224cfa5c905c03257d0d6b12e193437f7a6a4a9e8f4f

    • SHA512

      8cd4efc4b7174373f8b4bf006396b535e8a73ff306ba7d4810419105f549239fd93f80e5135e7fffb9cf11b2f6126e3d76f41d55f38a61b8e72929897d67fc84

    • SSDEEP

      3072:u0B5GfkVhz0MZQZsa+3QkZH9jxVSSRsQQMUfnirunXR/2Vt76dGJ+7+qZeLuvA3F:31VtQZsa+39ZH9ZRsQQMUfnEVjOj

    Score
    3/10
    • Target

      client/ClientPack.bpl

    • Size

      3.4MB

    • MD5

      6077103e077fba27a09c0884af9fbd53

    • SHA1

      b93d53e8d753f4b4e2301a5103feea2ce759d8a1

    • SHA256

      1233cff7022cb8d4975cf25c9815c5b19c30eaac455eb2906d109b8a466435e8

    • SHA512

      c950fa28628084eb203f14d50734de1a1fa5dd2ceb6b523366fc457726af7eee5ccfe0f017c54ab5d64e9841c8b29be17e806e09a02f89b485c5b8ab4d2559a7

    • SSDEEP

      24576:/ca5n9YCNDTtJPTU/VYVUfzmmuV6C9Gr3PFWJxOUt6T:DACNDrTUtYy7mrVvsgx

    Score
    1/10
    • Target

      client/Credits.ocx

    • Size

      1.2MB

    • MD5

      cf760da6b635830666e3110ab04c3a9b

    • SHA1

      e021b698f917283b3edcbef12fa7922290e45112

    • SHA256

      8f3daacfd9792b258c74afdcfb6179e5e2349b0fc0f4380fc4ca88092893e4fd

    • SHA512

      7ba1ae1263188a79578836ba2c39dd2f69b503faa88e6cf1cdd031af60246fdfa2d5bfeadcc756c4b37a629cb805fc1b30dcb23bfb9cb43b5a4bcb625ca4f82f

    • SSDEEP

      24576:1TavkhqTg2LzpalasWhrv4NjiqfXb24bT7nEhp:AvkhqTg23GWhkgqZDk

    Score
    3/10
    • Target

      client/DocFlow.ocx

    • Size

      842KB

    • MD5

      6602ca14251c15f4db3cdf803cb9d39f

    • SHA1

      7336f342bf44386781805b69d7876adfc18f57e7

    • SHA256

      00f4a1258edcd8c9be5e99dc23d2a964692b00a5f82d7bf03f54f31b8e11966c

    • SHA512

      ea737393a0eda90a1814d3fbda45485eb86581e0ca463f29c225486034c0d05ecf68ec1d1043482e3a44d052597a6847fc74af0177b71b99f9bd5c963f63011c

    • SSDEEP

      12288:S/NPo7UvEn+nDMs6cyTVoy6/U82zkZfjRnT08nn+GO9bsM7fWNIWBsCfz:47LRTRO8ITG

    Score
    3/10
    • Target

      client/Ehlib.bpl

    • Size

      2.8MB

    • MD5

      eb33b73a42eb01388989832c6891395b

    • SHA1

      410560b43b2dc5b12031f5935e1f26e85d041212

    • SHA256

      467bd4ecf37f7e6626faab9abf441acf7b897c25fef3b9820c92a1c18582f034

    • SHA512

      0b45b36a1cf8c83ee55dcbecc34d3c50e31087f40289b01668438e679abe05bdc836455e25135745300368b1ea7ecf1f5bdb6a3347dfed9a9a4250781a0dacb6

    • SSDEEP

      24576:hJfaw4KVfF5/D21Z/IqC90I4C7eyH5cj7QashKhgs/kBFvNSN1BfKcFsM:pG/XC3/7nZW7QasehaaBfUM

    Score
    1/10
    • Target

      client/Expense.ocx

    • Size

      11.1MB

    • MD5

      4ec976b3cd890f20bf7617e2f8b06dc6

    • SHA1

      7571be58496a49af76df77887efff5f5d9c2a7cd

    • SHA256

      252b50a88b3f25b809fbed66f99d997cdf5837c2d6210b6b5d6b5ce8d28029bd

    • SHA512

      cef8f25f9311c92615fe31ec5ceebb6b3a737f8103bd50a62f4caa84b0354b5baa2ed4c238c096fc88807fe8833089219e89a5b7b9147222a3df92db1a82a941

    • SSDEEP

      98304:dHqKsZp4mU6WZm6PszeaBtkds6+81dWAYlsZWHlyNUNJ6oaUVzzY9xNUKwJNQ+J1:docZXaBWdF1dWL8U

    Score
    3/10

MITRE ATT&CK Matrix

Tasks

static1

macromacro_on_actionxlm
Score
8/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
3/10

behavioral32

Score
3/10