General

  • Target

    5874bb1804c8f9d1f3225eebc849f8ca

  • Size

    5.0MB

  • Sample

    240113-kc4xsafadm

  • MD5

    5874bb1804c8f9d1f3225eebc849f8ca

  • SHA1

    5712ee89188a6a2d65890ee5534b773b135726b9

  • SHA256

    e79c3dbd9b7db02103c4701f56ed7eb3cad228f266249c72d012509aaf06e5a3

  • SHA512

    5765dea7169ca4d378a2814a3d97920ccd63518cb5e739a20fc186e1564d4f2facb30c06e67505844f04c1a0ef10b13be28266a6f24423fc0ba5dba9fa460685

  • SSDEEP

    98304:QiSozLi7ouNoPOGeNp/AwtaoXhoMEnmnJSxvkYytkMvmZFZLcZyKHrh:QiSovigLeNp/A14hoMVM9cvmLmXLh

Score
10/10

Malware Config

Targets

    • Target

      5874bb1804c8f9d1f3225eebc849f8ca

    • Size

      5.0MB

    • MD5

      5874bb1804c8f9d1f3225eebc849f8ca

    • SHA1

      5712ee89188a6a2d65890ee5534b773b135726b9

    • SHA256

      e79c3dbd9b7db02103c4701f56ed7eb3cad228f266249c72d012509aaf06e5a3

    • SHA512

      5765dea7169ca4d378a2814a3d97920ccd63518cb5e739a20fc186e1564d4f2facb30c06e67505844f04c1a0ef10b13be28266a6f24423fc0ba5dba9fa460685

    • SSDEEP

      98304:QiSozLi7ouNoPOGeNp/AwtaoXhoMEnmnJSxvkYytkMvmZFZLcZyKHrh:QiSovigLeNp/A14hoMVM9cvmLmXLh

    Score
    7/10
    • Loads dropped DLL

    • Target

      $COMMONFILES/Synacast/SynaLive/FWUpnp.dll

    • Size

      64KB

    • MD5

      f7f69e99c27658a94eb7b9b5a82c1899

    • SHA1

      6632c428a843074b49a147df77b1ba5570d7b935

    • SHA256

      999398a5998318e7e1ef52761f71aebd04f2ef727a4af5187aecfbfa23ffb8de

    • SHA512

      443fb90ae725b1c20719453db8c03c723398d9242fc5b43617e79730e4db703a0b5004b0a12aae837402a32dcc13360bc603693c21594164fc84535c95b6b37e

    • SSDEEP

      1536:xtAOOk9WTrUe+twT1C5hBUv4tQlHbRF2t7y9o9L:xKOOuW3cw85hBUjHbH2tBL

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/Har.dll

    • Size

      109KB

    • MD5

      13da16948dbbf00dc090a05a49a0d4b0

    • SHA1

      4a99cb48ca42e3cb2e9f17b90721f862a49f77c9

    • SHA256

      5345553125238e89ea5cf43a82262fbdc45cbeaa04bd3da9fb10db6c52b96467

    • SHA512

      0a5f4a2849f16cb6e062cf62daa8e6d8e31454041c05838bdd7cf41cce9193240faa4fef383308a568b20a02aab3ec5695113b5e84af7ab0d905e820852dda78

    • SSDEEP

      3072:foQ6rxK1dj88Ez1p1WdRmwGN9aZfooEI4L:foQ6K/jW/AmwG6NoJ

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/Live.dll

    • Size

      133KB

    • MD5

      9ec48447183aa4d02c0bfbebbef346dd

    • SHA1

      5f44520d7753b36363e07c94df8a51ef99b1757d

    • SHA256

      1cffce9568a3c7e9a451df3e6c3f24ba0d32e028c994c473be8a34f194e5db1f

    • SHA512

      df9242480e98f77d83c31761dfb7e604963b4ef7443a937254886bd5e7e8b1ce9a437505a67692e46ad7ea30c07ffc720536bc37a5497210173fa98d9793266f

    • SSDEEP

      3072:+DmhB/xH/f2muydfvaqOlAQ6NRl/PUUEzemCoI:+4TH/bSq9BUXyj

    Score
    5/10
    • Drops file in System32 directory

    • Target

      $COMMONFILES/Synacast/SynaLive/MngModule.dll

    • Size

      69KB

    • MD5

      ccc19d44cdbe684169c565cff72cb491

    • SHA1

      67c18bb2b03862375d4f78ee58d352c112204287

    • SHA256

      2f4525d6aa37ee36c19ec66d0cea91d42d79f51b5f05b54af47d40ec12545aae

    • SHA512

      fe540ea904c1181cadb8e08286f19a92ca3557043a59113870beb4defe7d409a1afa6a30d6fb718bc7f8541b5d4cf915a0ff037657c649556d0bafbfe0e2c273

    • SSDEEP

      1536:Tkxj38sgTwksQ/FJpqIO4TA1S1K0dFuidXZiJoKikH:+38jwksK5qP1S1K0dFuWXZtM

    Score
    5/10
    • Drops file in System32 directory

    • Target

      $COMMONFILES/Synacast/SynaLive/NetTools.dll

    • Size

      297KB

    • MD5

      116dfe706c3fe1cf8e8f7aace37e92a3

    • SHA1

      74a0d51e52b962d8395adc23812375bd4d2dcf1d

    • SHA256

      5fea8ac3330964f71f4232ca2e3273377fc56d91f0eba9b9cae321131e129a4a

    • SHA512

      8556e5b12ae60f5747b99f340de7e906a687ce94c61b64ef37c6c995bdbfcff7a87fe242195abdc661008a2a0c2a459c1721e3dde0b5dc93bd0a1e4e802e314f

    • SSDEEP

      6144:58hb6KvuYFRrEHdbVwv7zvUbjwdrBntjoYmLdsbVwuUJRhx:5eWKHuq7zv8UdrBnWZx

    Score
    1/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/1012/KOM.dll

    • Size

      205KB

    • MD5

      efa9f88c418d04463881e5e787769f71

    • SHA1

      a267b3e6a67b37cc52d9b9448ea4dddd28747b5c

    • SHA256

      3e507b1a79d3c32f32b82f5d574ac631b517581570ff80a8975a0be6b1458b0b

    • SHA512

      5651a6ae995e3aa6f44784aa6b8ee023e7772ce31c3fb9af7efe80d1dc77a37c57f4fd10026c76d03fdb7eb324a07d24de46a6b6ebbb926d431aec82396b462b

    • SSDEEP

      3072:OcBs8O8utIukTT+Y8aZLiqEKwr3Di07CEmq0it4Et11r:Ock8utKTL8awnDP1r

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/1012/TEN.dll

    • Size

      525KB

    • MD5

      affbe57aa9bed7034cb997977627cda2

    • SHA1

      4466f63531ec040c6b95e4659c8b7987ccd49026

    • SHA256

      f0a1df76cc19da95207750a4786f56e59f21c112b5c524b812bee21c88e30b27

    • SHA512

      9b8576b60b172176f11f60fc83d4e3ea4115a0a37f136cfd65219538522a73ec1337a0ad034dd45d9ba287d3532a6ca5234b61c4d9ba2120356e2192ee58b3aa

    • SSDEEP

      12288:wfGNZ+jZRnhbpSZajjy70A60re9tatW2xT2o+DO:wfGNZ+jLnhbp9a70AzT2o+i

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/1012/eroc.dll

    • Size

      221KB

    • MD5

      47976002446635d3d68d2fc49fd5dc20

    • SHA1

      e5832d4d4423b328a498e230b10131ab7a68f054

    • SHA256

      96fe06993bf482aa2d86351e95c330b8e70f30960c8e5ba86774726a7759410b

    • SHA512

      c14e6f28768232507f7850139451cdcf0ecb033099b16549335a61d7dfe725fa77b82e7be33824b0862ce4e3ca028007cb2fd963f65a526647408122e028359c

    • SSDEEP

      3072:cOU517ygevan9TuIwINKWcXFz1SXyl5yZHLiJnfeyQG02NNyJTtd6EUdpe:EneC9fcXFBSgyZUfeY0KNW66

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/1012/mir.dll

    • Size

      565KB

    • MD5

      b2dfa86bc0ba950d5281015ffe43cf69

    • SHA1

      a0cf6287c3e8d4f3cb3c3b7865055aa141076547

    • SHA256

      02effb4c6ca174b7b13b784f7b8adbe7a9e16ad7dab2bf0f892c67156e05b00b

    • SHA512

      b73dc11d44cb07019aa4fc599d779cb4bde2a9edd1ec598f2366a87117e37f47f56558c68b8e270af9dda69b498956b27390e19228badcc5975be81b866c4241

    • SSDEEP

      12288:E6X32odMXAhEsselpz1SnOCC46IvTBu2OB7I0Jpm0zhK1k8cF+K/eo7yi/VKRfvC:psC4rOB7I0Jpm0zhK1k8cF+K/eo7yi/5

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/1012/tpi.dll

    • Size

      885KB

    • MD5

      5e158d7278bc7b0cba2376317cb2fbec

    • SHA1

      eead8a15ddbeaaed662dd4d62f6746b143fd9828

    • SHA256

      d690f9f5da11cbbd981eecb2e95d6e6c23054b4300f92d5ef7da854aa0b768b6

    • SHA512

      6d410e0aa600ece05025704610c6596fa9a7c86bc3e165d19f9107927a3209b8266865272e9ba48affe3f7adef0ce2ae3ce8e683cab5638adc25e7775b7ac021

    • SSDEEP

      12288:JSUJV+dsIQUp2hiTTAct6cu6OruCPeRWcYPN2euhYqNga:JSUT+uIQUpSA8w6cuLruPRo2e8v

    Score
    1/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/GAL.dll

    • Size

      93KB

    • MD5

      6cd9ecf9f7a901a39017067a2b2b804a

    • SHA1

      ce3297d05620ff3b7b5c8fd7af0c0bee6cf9f5dc

    • SHA256

      a1d6892da2396261242eeaa1a0405a417d924a8ad9b49b4771da00e8747c326e

    • SHA512

      c831e84bc691848167cd853590b6e72eea091644e97b81637305b890d8de0b13507dd8b68ecbcf370a54b3037614649b19bd2f4052754fd912b16b1dbb9ee721

    • SSDEEP

      1536:sBEN0JSGfD/GUTrG91mkLKGJp6+o7+lvlCCdCdae:gbEaZAd07+lvlCu6

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/KOM.dll

    • Size

      201KB

    • MD5

      c613d0bb57209a65f7b955f8718bf7b4

    • SHA1

      1f39afbd5ae1ecf667069dd15d6ae14091e7ac86

    • SHA256

      d3fe126429f508cbe51a572fc70cfcb7d8609e3b3c9297c649b672c6f6c159f5

    • SHA512

      e28e8b239debe756a0851c570626812af5aaeeacae2cd8b3e54a3334b33683167cf378ebccc5c810c1c1fa4f6def3936c7b99ff21de3cd860a9d5b0aa8ca1e3f

    • SSDEEP

      1536:B7E6nfKKVKr+Huv+6LJuQUwWFExz3jCmKLB0gxK8lDjK/1NhnFvrICtmVMTAMHgS:p/v/HuWoJro3YBFlLio7PVio24ZptHp

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/MUL.DLL

    • Size

      57KB

    • MD5

      4400a8f3add3c7b6b9f106717798c19d

    • SHA1

      5996b325735d49935d6cc5cb391c404caef307a3

    • SHA256

      835796a28589b5d9ff08694b6ca6553e368031c7016e4ae8af067cdb8d99b5f3

    • SHA512

      ecc06def4a80c05045270a5dbdf22f97d13176cfcb5211eb5d8a248f8a35336b963be04c0955d51c7e2340c5591adeb2c1fdfb28aa98d796cf31794dfe6f1b2f

    • SSDEEP

      768:+0FhwtVyFOD+GrJnoyGNTB6GuqTyhOfL02DJiIDAU0vq4dlpCe3sdL32qbX:HFhMyFjG+NTBpyhOD021jERlpCe32dX

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/PCP.dll

    • Size

      85KB

    • MD5

      d89deb0e4892580dadf3a3ead65a40a6

    • SHA1

      1aa903e561c61bbbe335eab77b9f7bee0f1ba2e5

    • SHA256

      c7c3881f88a3247f6f1aee836faa2a600d31d75080d940a7447f2e63169dcb1f

    • SHA512

      1618aa9c4c94ac5c70044e9bab093d7d5a7989f6abc532945c281ec0909826326ade5095c85ee2f656e8328fe81b8fba86ea4e9df02b9aafb262e23708f3d270

    • SSDEEP

      1536:vR2nUePLlQ94uqci1lQ8qITHUHNIlWTzQgBGNSg/jwa0KwvCJEYNTgbe9:MfxQ9ni1lQ8qITHUHN+y1MvjLuCJEYB9

    Score
    3/10
    • Target

      $COMMONFILES/Synacast/SynaLive/PP/PPF.dll

    • Size

      181KB

    • MD5

      6dba8b8f197ecf2f48ed54ca5c67478a

    • SHA1

      00e7ce777a3e7c42795ce097762c09be8246aabc

    • SHA256

      961484a74d95ce41063efe5ddf0f0def95ee495aefc42cbe0911afa7c28f198d

    • SHA512

      fd878fc624ed1a43deba285160ad595efde334805edee51c13764c5eab65ecb404c38c2b19bba4dcf15ecf49edc015b4b4b141b47f3b610f5b32e58b37bb41c8

    • SSDEEP

      3072:spRMf4CvNptUwojzjpnC36Vp3zdoF7w+WxsAvD84TcWNk8rPYWKtal:spYNDU5nCqVt+WxrNk8rgTsl

    Score
    8/10
    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks