eb40f8017e4e96c12878d2fa338f63c8ede67a98d0cb06e359beef7adeef9315

Sharing

Copy URL

Twitter E-mail

General

Target

58be3c3de75205fc472182b3252d82c4
Size

1.6MB
Sample

240113-m1zzvaghck
MD5

58be3c3de75205fc472182b3252d82c4
SHA1

24863ffcb5959536ffe36ddad3f3054418767c25
SHA256

eb40f8017e4e96c12878d2fa338f63c8ede67a98d0cb06e359beef7adeef9315
SHA512

4fc4190f820419f30c997902428027ca88103a298aa612b93862ad38db12b84b1215674d13f2d3e31a89e83d14d593623b87d0bc572308163409c0f1a8bb8904
SSDEEP

49152:IGAHmdMt4/9F4RS8xK2Hw05Yg/prkbb1zweG:lkQ04/fLO5HwUIlS

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  CloudBox_setup.exe
- Size
  
  1.7MB
- MD5
  
  90534c072fac2c2fe2c73daf4cd5327a
- SHA1
  
  aca82a681237999daf6ebccf86cfd3976f4447d6
- SHA256
  
  5d91394df472216454a5331edffb199ddb64257bd4907f074061714ec58cfeb6
- SHA512
  
  6e9f792df1f92abf8e9d9cf2f64332ca416339e2a0477660c9f0ba048a5ec43e1e9c093592a922fb7986ba3252e2389c6ddeb9a1a7207de56fc23e95dd93d3c2
- SSDEEP
  
  49152:D1xA+afF9/b2cHnVGekHsWa/zlbYeXWZUMeT7rhn4X1:0+WP1GRMW2mUMeTH5i1
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/processwork.dll
- Size
  
  231KB
- MD5
  
  0a4fa7a9ba969a805eb0603c7cfe3378
- SHA1
  
  0f018a8d5b42c6ce8bf34b4a6422861c327af88c
- SHA256
  
  27329ea7002d9ce81c8e28e97a5c761922097b33cedeada4db30d2b9d505007c
- SHA512
  
  e13e29712457d5e6351bfd69cba6320795d8b2fd1a047923814f8699f7188ec730ec7f0d946fdff66c8b430fef011415ed045b6ea56e4cc0b1d010171ab88178
- SSDEEP
  
  3072:n/93Fm9hfGIGjk1qc55CDoGowH6Fb/CcXwuCoty1IKYOlIa+zUk9sfqQAPfujRzS:/94yj9c55CDorNqot43ndqQpzjIKW
Score

1^/10
behavioral7 behavioral8
- Target
  
  CloudBox.exe
- Size
  
  1.9MB
- MD5
  
  0314cc8503efb27723abe00748a5437f
- SHA1
  
  134b4ec5b70d38c0953c87f8ccd91f30f39f0fd0
- SHA256
  
  9d54272e3b83340d31ebcec7ff3a7203cef11c482834d568edc026c79c3ca657
- SHA512
  
  fa6ff1b51e1a878700a6194ba4c943d8429f3106f4891b11a423eaf6c97c1b8b9c272acdb4618bf3957ab9356bfcc6f3e711023e134e8499b9dadb45e780fb44
- SSDEEP
  
  24576:JCtARV+6ml1CjeYfOJ6HNwWQfcXOKUeVbQQ9wNYfiyZTaAZ:JEYy+jn2E3XOKhbQQ9wKfNTaAZ
Score

1^/10
behavioral10 behavioral9
- Target
  
  CloudBoxShellExt.dll
- Size
  
  286KB
- MD5
  
  c5e4c731e3624e964e82beb1922aed76
- SHA1
  
  0d4205a902fedbd4458f04bc34229f08f1fbaec7
- SHA256
  
  f3858b44c8bd69bf5e06d6a58f918947b477afcadb9d977b845b83cfa6e5e672
- SHA512
  
  511aeeb807f1f2655fb77b72aac578d135ef6085b34af602a45b5b51d42cbaede3bb3d4ee46af2652e4fc15022c5a627b016cc0ea01b4c1d716017fc8501e7a9
- SSDEEP
  
  3072:qaPZXPoUu1T9hqJidF7AhWIqWh5I36hHkrJ9GRl9n5WVhQHyCJgNcLQd9ZVpE:lXPy1T9hF7AoIqc5AE09KWhsQbC
Score

1^/10
behavioral11 behavioral12
- Target
  
  CloudBoxShellExt_64.dll
- Size
  
  341KB
- MD5
  
  7e696766bf057266501a4ec0838bf7f1
- SHA1
  
  8d63e50e3a13a513857c18176ee71b93c22986af
- SHA256
  
  40826b0244f999459b8ffa6a5aa6ab0aeca49429ccdff812f880c2c5620f2fea
- SHA512
  
  ad5d91e1eb6a8072c898e90c9ba7008f56621dbb0a11316dcb1ff44d5622204117b6e805c901b55bfccb5e27a2a008a88b534fe6798f636f016603cbc27ff8be
- SSDEEP
  
  6144:IceiboHEOKGV8lwErOdtAfvjdOrXfxQA2dspVa1QX:IjiZnGV8Om2MdOTm5iAQX
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral13 behavioral14
- Target
  
  DTXmlParser.dll
- Size
  
  1.9MB
- MD5
  
  9f3cc094b508658507d086797371e078
- SHA1
  
  12219dadeaea1598339761636016648ffefd83e3
- SHA256
  
  1f97e64127333a6670fef5081455b4e0cd9a4ce5d3e5ab9894cf56e8857d4279
- SHA512
  
  50aef9ee4b09660914107a25ec4d4da29fdba9f4348465eb79f928cacd682bd091af984a99455a4db41222da8e3dfc739778095c7789602d7bc8484360fd69e7
- SSDEEP
  
  24576:D4cpmjav17w8k6xBonq1vVVrYiqPG5rE9IyfbTYI89:bpfv17w8k6wq1x/nYbTx89
Score

3^/10
behavioral15 behavioral16
- Target
  
  Helper.dll
- Size
  
  273KB
- MD5
  
  aa6cd4b49f73d5dcd30b4cd44cd7f24f
- SHA1
  
  9454ba799888a8fb80894e37e4d0d5af78fd95c1
- SHA256
  
  a7439d5c54c862f21498c054fb38069766c618baa16736875fc546a1e901c4bb
- SHA512
  
  11576615bf7c0e8721908af9e01e8acedb89d91b060dd5d53c3e7b39f27630aa8490ebd2fcaac5eabf7c59f322dbd2e65266cc149b1445f7f8169e1fef703e0c
- SSDEEP
  
  3072:StcKQnMCEgeoQEs9ssGkSbiN5Hvd2YmMIU6swjfNi59mNi2Rw8DH0d:Stk5eoQEs9zGkSWfVDmxswjwmN1C
Score

1^/10
behavioral17 behavioral18
- Target
  
  MthreadLib71.dll
- Size
  
  64KB
- MD5
  
  32820e129a262bb45cc38e14a0b5d692
- SHA1
  
  ff6178c8acf552977831e9f514f613ec51918ead
- SHA256
  
  e2316030fb73df26ccb8b4a685197dd3c36090a4f1f714056c2d868a53c3dc2b
- SHA512
  
  979b9d28bbfb86b008696c2c194c4e650d0cd323fbd9e90d9be76034385ccc8e7faeb3f12949a83d703a01ed241e95ea910ca66fc7db17ea0ce1396802ba268e
- SSDEEP
  
  768:W8NH+ZxpugnXfeSqgdvR4VM5PqMmPpX48sE7NR6ltO8GhLNbI:W8QZjJnPrF1mPS0R63O8gBI
Score

3^/10
behavioral19 behavioral20
- Target
  
  SetupTo.exe
- Size
  
  65KB
- MD5
  
  a96f49ccc904fe0d369886b627fdc0e0
- SHA1
  
  77533dde83dd8155992827459ad9b7597125cc38
- SHA256
  
  4b22eb37861e1d0ed8e4a5abbfea2a971ea180bdadceac2a375aeb24933bffd3
- SHA512
  
  61b542150ad362ee2d05f5c05ccbfd765e68ce2447fd8983eb77411ba7ece66b62f674bad1cbbef3869cf48b958413cec957f7b70f5e16ebcc06e1aca56f7928
- SSDEEP
  
  1536:HUnr5vhMLpOPFd2VBonyM4fWpl9R4BWWWWWWWW7:0nr5iLyiJlfWL9R4BWWWWWWWW7
Score

1^/10
behavioral21 behavioral22
- Target
  
  UnSetupTo.exe
- Size
  
  49KB
- MD5
  
  e3b3fa986c796a04bca26d03493706d9
- SHA1
  
  8c0e1629d728a5c8aa0470b21b63122a21f62b35
- SHA256
  
  2e3de9bdc8dce8a4e51ae9b3a3b143b0ae9f0ea77b55d10c2b0c9c351c6a4600
- SHA512
  
  df37c776fd75028af398f767c0147672d00d9da51dc0894b498c78ebbddaf8ab9221a9f3328dd80f2240483443d51873a728cd391093369735b2d1932b34b280
- SSDEEP
  
  768:OFXox4bV/O2B969Xa8PRdp//qkxL/6/nZqZ5YTxQtuLNb5:OBVjB4PBakgg5YTzB5
Score

1^/10
behavioral23 behavioral24
- Target
  
  Updater.exe
- Size
  
  417KB
- MD5
  
  983481291f689b411efad5df12ae1f16
- SHA1
  
  065eaa1c8793a16214c36378a3328e4b35223217
- SHA256
  
  c0065c50853b014f2ae873d96dd41ca76e44d1d727452d4be1ed7a10fdada449
- SHA512
  
  fe69b6d1b905a4aa0d66febaecea6cb768325b43063a9f05fa62af1ebee8b0d3d1907dbdbd58f215389749eadc87cf9af27518c4982dfafb90c4b208740be7c1
- SSDEEP
  
  6144:6/VAe9s61kZMP5ThMnj0dbGu45zrlqHmFTWBCALFpz31OuXGh0TTSuYQ1:6Ns6lPdbGzgGZWBCAppz30kGh0TT0Q1
Score

1^/10
behavioral25 behavioral26
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Registers COM server for autorun

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28