9ae8bfab28b83b003ef8c80001ed7f00f8916668e1d4420e9c7d4d2e07d727ba

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher.rar
Size

14.5MB
Sample

240103-zlndqaaddq
MD5

b4797faaa811af5d82758d087efdc244
SHA1

baccffbf2fd884f521f2aae6525b9656035c19aa
SHA256

9ae8bfab28b83b003ef8c80001ed7f00f8916668e1d4420e9c7d4d2e07d727ba
SHA512

af5458c908ec386b48d4470b4aedbbb6713ea9164ed5f1c00c4121c2f75bceb5f4f660f298a21d3ea7917ab4e905a73b009d5976a49f89108c7da848978bcb34
SSDEEP

393216:hehByu8AQxcfgCgKtksRrnuARm0kh/ZIAwYTm:heryXDcfgpKtk0nuARm0q+Az6

Score

7^/10

Malware Config

Targets

- Target
  
  PrismLauncher.rar
- Size
  
  14.5MB
- MD5
  
  b4797faaa811af5d82758d087efdc244
- SHA1
  
  baccffbf2fd884f521f2aae6525b9656035c19aa
- SHA256
  
  9ae8bfab28b83b003ef8c80001ed7f00f8916668e1d4420e9c7d4d2e07d727ba
- SHA512
  
  af5458c908ec386b48d4470b4aedbbb6713ea9164ed5f1c00c4121c2f75bceb5f4f660f298a21d3ea7917ab4e905a73b009d5976a49f89108c7da848978bcb34
- SSDEEP
  
  393216:hehByu8AQxcfgCgKtksRrnuARm0kh/ZIAwYTm:heryXDcfgpKtk0nuARm0q+Az6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  PrismLauncher/Qt6Core.dll
- Size
  
  6.0MB
- MD5
  
  46c0a1684b64081f45070d7c41b501c4
- SHA1
  
  7fe0ddde9b30c01641515126a16b6d06988aa144
- SHA256
  
  a230faeeb2bcff6e80b7a8fcfb19350a076cc2ed0fa190e16865bfa0c7e9214f
- SHA512
  
  8d29f0b15955c73e9bbb026b5b96d196a219bdd33f9579fc3d5ebc50f6757621477000b0908fe3a191ac830d7c76750db55e2d871284c5060b7e626addd340bb
- SSDEEP
  
  98304:3t7KQI1hPYyEeKFdu9CwJsv6t+1j/3WVF:3sQIkoKFdu9CwJsv6t+5/3Wb
Score

1^/10
behavioral3 behavioral4
- Target
  
  PrismLauncher/Qt6Core5Compat.dll
- Size
  
  851KB
- MD5
  
  8437fabf510fb31e319500774f55ce10
- SHA1
  
  677d2926708f3cf691aa523ccdac0ee6f0900d9f
- SHA256
  
  bf920ef0eaa78e7f7cb4b9d1499ada88a4180ee0df2477a39ebfde2cd14f2b56
- SHA512
  
  824e737785a6ef5e5a66be4f55f8e304e0ad41330117bb4d22d89732ba6b8e038ee993a6a6dd1aa160f02a056b83b528c47a9f4fe37b79f437c9101972eafaf9
- SSDEEP
  
  12288:PBwoIi67UbEUKxnNdTqQ7qFlICNPGE/4717VKITBDPzHkSUGGIffbfJIp1bEL:or7UbEUKxHpqQCNG7VbDPTRnfJIHbM
Score

1^/10
behavioral5 behavioral6
- Target
  
  PrismLauncher/Qt6Gui.dll
- Size
  
  8.5MB
- MD5
  
  3b76150f68eee497f84f3cec0c1fbd82
- SHA1
  
  73488761aad3104f1f2ff7d67318f3d70c783c5a
- SHA256
  
  42dfcd4c5fea70cd7cac2442529ab57ae09d5ad6da38cdd2cefd932f6eb5c66d
- SHA512
  
  2b4915ad7edd83360d1071794e9cd503d59da810fcc6cab0652e799c989f8965aa4bd1bf96ac12307582eacb83b3c1641e8d9ce97ed1b8f3da741b2453f1ae1e
- SSDEEP
  
  98304:6aX/98BvOx0NRo91updLKZJ/nZcYBUfQCiOR5Q0:6aulNRM1upduZJ/ZcYsQCbR5p
Score

1^/10
behavioral7 behavioral8
- Target
  
  PrismLauncher/Qt6Network.dll
- Size
  
  1.4MB
- MD5
  
  7859ab5090780d2d8a3bd67d9594d9d6
- SHA1
  
  908dcb1c397d6172866d040d14e28bdcda99df30
- SHA256
  
  b7839d313a86d413c67c3f57d3adc0d277345d6c9d04b3364e3771a7bd1c8c55
- SHA512
  
  4456c2f780f8d080963855f8775e81fd3de12c17e6d8cc928381be75e8e7b32f152484f5893cbaeaaf2995b671c99fddcb03af2f09a68e5ec4eb0fcf9b5509c1
- SSDEEP
  
  24576:ByPs85QwVlgkdHWhxHLwpHdgc53a50SKGcCVYY1:BaR5tVLMhkHHS7cWl
Score

1^/10
behavioral10 behavioral9
- Target
  
  PrismLauncher/Qt6Svg.dll
- Size
  
  374KB
- MD5
  
  365ae83f71887535ab064674277e04e3
- SHA1
  
  9d50aba7d490425d7e5507d47175de3ce354af85
- SHA256
  
  4de1a81c070c33a3e48772d7003e3a9454d69951fc4f5da8132ed7a03c84597d
- SHA512
  
  d544bb66a9426e7a6577a8041c844d19ee6aeb9bce11a073e7bd693d68a3e12fc8e24978cfc6cd5f3ffdf30265b62397f42265f71853a2f23d593cfb5829bf7c
- SSDEEP
  
  6144:C0tc98PpG5czgcVjDA4dqBbS0uJuKTZJiXI10+fTnmwk4s/Eo:C0Xn9VHbA+0SuK7vs/Eo
Score

1^/10
behavioral11 behavioral12
- Target
  
  PrismLauncher/Qt6Widgets.dll
- Size
  
  6.2MB
- MD5
  
  373e8fc6044b19fe2857b71ebf83a3a4
- SHA1
  
  af15b5da48d07c0883170a6089976a29b1d427a9
- SHA256
  
  0f040d7f14e1a6cec10b80d9e90065c2e3b5f8f4aab7a45244dd7327a1bf1c20
- SHA512
  
  9f4a93b946d26118c313719e753a0bdc78bf075a072b74d221dcdf31163f60b92521a8bcd4f5287deea885f7cbfbfb06ae52c60fcf1e7a61ab0f2e00c2a793d3
- SSDEEP
  
  98304:kMh8shJ/KQWlIfwiaptySLjwY4qTxSEuGnEcE:nh8shJ/KQCIoXptySLjwqTcBGA
Score

1^/10
behavioral13 behavioral14
- Target
  
  PrismLauncher/Qt6Xml.dll
- Size
  
  152KB
- MD5
  
  6a20c7e176d042d849f8a8420e56dd1e
- SHA1
  
  569be8e19bd54c10846ade6f1a3e1c00bc033aad
- SHA256
  
  805c5c0bbcd384428c77719b756c90f901832c45769ee1cd6f39964baace86ad
- SHA512
  
  b0c0b73069ea4b14e4d43548b0ce4d0fff6092a96fa405f83b09ea3f0eecca372f57a4b523dc39b01e12e1815cb35f1d1216ecba7c6d441da76d3460e341bc0c
- SSDEEP
  
  3072:aJNQflr/dqTiGoFTMI3SUkazKvt8AtK4E/:6uDGsFTMlaOvE4E/
Score

1^/10
behavioral15 behavioral16
- Target
  
  PrismLauncher/iconengines/qsvgicon.dll
- Size
  
  69KB
- MD5
  
  88b03988ca27c2e3cea7d33d699eb17a
- SHA1
  
  f4c71b9e6543ef9a7b183fdec888d7b8a11fc7e7
- SHA256
  
  35e9c2f0e54aed7493e85c8a10e0a620585d04821c6dbe82b9fe48be19ff28a1
- SHA512
  
  2fd59ff2161e68351e59ce80b53c54b525981738c8d80e4af047ad3c5acd9ecf1e281ae812abcf9999ffb2c750c7f09dd98c0b5dd343905ec3af615337e1fb41
- SSDEEP
  
  1536:UzibTbDQn6wcma+mHKT6IQubV5awBeBx3IPIT2k/6JRT9WvsgKxngeLEHo:UObTzq6IQubV5awBeBx3IPITF6JRklKH
Score

1^/10
behavioral17 behavioral18
- Target
  
  PrismLauncher/imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  57e51ea5072660adb8874e8cafc62a37
- SHA1
  
  97cc9eaac24ff74c9bf2cd83ef9bec75184578f6
- SHA256
  
  b0d133e6ff9b8c14fd5857189d63abc8b75d291c56d56becc50b43591e4867a8
- SHA512
  
  74c3fbe094da578830a524c669edc7edab0bc15cf7e352f819bd35b0a47cf873d714daeaf505c0b1b45e926d85837a0129da131535140f6f8cff9f6faa4e3b13
- SSDEEP
  
  768:BONXrIbWKNNy/Qq0rvEx2eVGabeUYisZXiRS/8QgKxnVbGYJlBN0EHdFH:gJrIb9KQOVGnFisZyRS0QgKxnge8EHdB
Score

1^/10
behavioral19 behavioral20
- Target
  
  PrismLauncher/imageformats/qicns.dll
- Size
  
  55KB
- MD5
  
  44dd92a8f16ad189bb44ce8c392e04a2
- SHA1
  
  4846fb107d58c62294891d45ecaa1630aa587545
- SHA256
  
  b8b59ed0443548a45925375699e5d1726bed0c49b5a007d902be7d0f10b20e15
- SHA512
  
  5991487d2d566456ef1316df3f74653406fef7a8f9fa740f3cee11f5612ea59c2313b56c12da21d891088a8cb702af1bda62f0bf055e5b42ba722949d4513649
- SSDEEP
  
  1536:gjQEXCukdHgnHhuSOJCXGXH8snEvTHFgKxnge7EH3SpK:gsEqgPOJAsnEvTHSKXEcK
Score

1^/10
behavioral21 behavioral22
- Target
  
  PrismLauncher/imageformats/qico.dll
- Size
  
  46KB
- MD5
  
  5c455c348e79fce7d4f1100a5c9e180b
- SHA1
  
  f76fa09b8b6d3c0847181f8a89a89164c2c79ad4
- SHA256
  
  b656af82f086310502673cff15a67400f806acdb820248d19e08d3e4919d90f9
- SHA512
  
  15833c5a119ff84dd0a5447bc29c8a5a9973464ba456d50392a4c79ffe420e857c6ec65aa1b15df07c412aeb47967653adb54fdb3341de076cc9dd31811c8be4
- SSDEEP
  
  768:0qehXuIBpyp7dJ/P891tUtAeuNwJDPgKxnVbGYJlkN0EHV:0LDBp87dJHw1tUt7uNwJDPgKxngeNEHV
Score

1^/10
behavioral23 behavioral24
- Target
  
  PrismLauncher/imageformats/qjpeg.dll
- Size
  
  616KB
- MD5
  
  dbad209058a24a26b4e539d65b0f2388
- SHA1
  
  51d939dfa0b22581acb502c9d523c5d646ee4044
- SHA256
  
  e98fa286c08ac33b5b1a55367bf99cef820859e2aaaa009d30d83c727defdbc8
- SHA512
  
  8c9c18504d768881b25fc1cf6b76661124986cb282b7bf056b85c1178294b0b95ab830928b713f460ff53bd2f1ef95d1af2c2fdbbdc2774ed6c0fe48c8897a34
- SSDEEP
  
  6144:6fm8PgD/WV6AGx3bEHXmBBc9TS8zCVwwty/cnHh6ZQU7kTSibKP1//0a9YaA11Ch:U/Glb2OuQU0SVWPDNXzxRER
Score

1^/10
behavioral25 behavioral26
- Target
  
  PrismLauncher/imageformats/qsvg.dll
- Size
  
  39KB
- MD5
  
  d12ed3e7a46b9c2e881c0bd210d2fb1e
- SHA1
  
  6f1ed179e4c3578c8c363a62ecda5e53485850f3
- SHA256
  
  4d309228eeb7de155df1508fff39b9d4f360fa27152dcd8482280a64e397e618
- SHA512
  
  7a459de7b686f351b33b84bc6e7f1ef3bb983140d9734233914fe9ff9dfac64cee659959601712fcfa564648112f0e0364d3c8c7ab5f126a7eccae04a715bbb3
- SSDEEP
  
  768:+Ez05YLHnGWRoB3zKv35wAU7kQgKxnVbGYJlJrN0EHMl:kYLHnGWWtKvJwAUQQgKxngeAEHMl
Score

1^/10
behavioral27 behavioral28
- Target
  
  PrismLauncher/imageformats/qwbmp.dll
- Size
  
  37KB
- MD5
  
  f0aa1d8ad1b50c89ec5c5f1d7ca8d720
- SHA1
  
  f441bd65a1a02031830a85cb8822b4c9cdef7777
- SHA256
  
  d768b8d0cc22b8182c2f24406ff6b0bc5d4ee5dc5b9edfe16d2f1e8bd3fabb70
- SHA512
  
  2893597cd5299073f8da108f345423bc75de3299d70fa12485073523f2f759e166c9181405d5c90fd8fe7290012965b06c851d5452db37aa1e25f3a167536318
- SSDEEP
  
  768:vtuZOmR3PYhX2AE7P8KsOrH3vgKxnVbGYJlyN0EHDHm3:KOGPUX2AE7P8KsOrH3vgKxnge3EHDHm3
Score

1^/10
behavioral29 behavioral30
- Target
  
  PrismLauncher/imageformats/qwebp.dll
- Size
  
  527KB
- MD5
  
  b1afb6165e135551b7494e704bbb60d3
- SHA1
  
  7c97798a5b91cb8b3c7af8cefbce9fb86f25baf0
- SHA256
  
  e112b3c259ce143831a3ea9c21bbb7634ce46fa64f923801f4387c88fb3cc70c
- SHA512
  
  d2b04b80f71b5d3132cd7c34643734b12f8a45791bae17f40cd7f0052bab69cd724fb2c53c634e9057d01c14a52c6c8e32628acdd4e47b1d8b80e876442229a9
- SSDEEP
  
  12288:6zaweeWDsi1cALrLrLrLwc/EMOTmUZxx2EhQoDR3YEI:SaZpqALrLrLrLwc/EMOTmex2E7Y5
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32