2eea6ce78a42a5c07091a313cfdf13a083e46b493b6c2fb44bacf8626bf5d097

Resubmissions

18-01-2024 10:46

240118-mt9wgaadd2 7

18-01-2024 09:27

240118-le4v8shch2 7

18-01-2024 09:17

240118-k9c6bshbh2 6

Sharing

Copy URL

Twitter E-mail

General

Target

ccsetup620.exe
Size

75.1MB
Sample

240118-le4v8shch2
MD5

2252f06e55902cc69216d7ca4ced72f1
SHA1

217c9c78833299d89a4b133328290987955552e6
SHA256

2eea6ce78a42a5c07091a313cfdf13a083e46b493b6c2fb44bacf8626bf5d097
SHA512

e77d8d17cd0a1cf44ed0e49f3d6f275849e9545ae20778958dce6b6c67d8278a46f4f63c4f8d315af64bec0259b61aa0919d63620d4e877f95bea801fc0fa8fd
SSDEEP

1572864:D/rhQ11XtcajK3jlUZyAWAAqpModeSmyeiRCH5IdBTrtZfeKeA5Mics:DUc+6JoyArAEModdmyen5IdprtBeKe92

Score

7^/10

Malware Config

Targets

- Target
  
  ccsetup620.exe
- Size
  
  75.1MB
- MD5
  
  2252f06e55902cc69216d7ca4ced72f1
- SHA1
  
  217c9c78833299d89a4b133328290987955552e6
- SHA256
  
  2eea6ce78a42a5c07091a313cfdf13a083e46b493b6c2fb44bacf8626bf5d097
- SHA512
  
  e77d8d17cd0a1cf44ed0e49f3d6f275849e9545ae20778958dce6b6c67d8278a46f4f63c4f8d315af64bec0259b61aa0919d63620d4e877f95bea801fc0fa8fd
- SSDEEP
  
  1572864:D/rhQ11XtcajK3jlUZyAWAAqpModeSmyeiRCH5IdBTrtZfeKeA5Mics:DUc+6JoyArAEModdmyen5IdprtBeKe92
Score

7^/10

bootkit discovery persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  23KB
- MD5
  
  7760daf1b6a7f13f06b25b5a09137ca1
- SHA1
  
  cc5a98ea3aa582de5428c819731e1faeccfcf33a
- SHA256
  
  5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079
- SHA512
  
  d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5
- SSDEEP
  
  384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  f0438a894f3a7e01a4aae8d1b5dd0289
- SHA1
  
  b058e3fcfb7b550041da16bf10d8837024c38bf6
- SHA256
  
  30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
- SHA512
  
  f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
- SSDEEP
  
  48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score

3^/10
behavioral11 behavioral12
- Target
  
  $_131_/lang-1025.dll
- Size
  
  242KB
- MD5
  
  1743b2010c18c644cac9bc7f4d555b8e
- SHA1
  
  5b8c7f25b833489c149ac3e1744bb679901e29bf
- SHA256
  
  019b27c4e8d8a5b23578bb4e8fe6706273e0bea3ee7804e9650f87a2652b6b7a
- SHA512
  
  0f76bc329fc54ef358a9a9fefb875ef7f1ebb25a61e4b92d050b79e1ef9306470530fc23f8061446b2d63a108ac39a3b76237184f4c5a9d8fe5cfb0cf19db239
- SSDEEP
  
  3072:rIjpwJ5WckrG4m4xyOfF3FForEjl34/s2O8sl10sO62nVvxX0n+TOq3MK5zeDxdf:GLHEsVtIA
Score

1^/10
behavioral13 behavioral14
- Target
  
  $_131_/lang-1026.dll
- Size
  
  288KB
- MD5
  
  6b2f4cb4490e6f6dbeffaa08fc695c66
- SHA1
  
  90e82dee10e84ae9f892045ca280d207e9fdf565
- SHA256
  
  211dc74341c48d488fa827e68ce53c30ed7163501dabff6e31c394248746d380
- SHA512
  
  9ddb7f4b28b444c3ca175087b8d96e9309b628d000ddea86fa75fd2a2ec255d6b63d64aa9890d5a1d84b110cc1fb83e965940094639d19a7dacb401b5d58b88c
- SSDEEP
  
  1536:KXDZiAYLSKbowy3HxDeUvZtSffDd6v40oD9h9U1UJph4PWRD7Jxz:AlPYLFowy3HxyURtmd6yTmUJph4SDX
Score

1^/10
behavioral15 behavioral16
- Target
  
  $_131_/lang-1027.dll
- Size
  
  291KB
- MD5
  
  646812f97f7c32911b6cc056d26663d2
- SHA1
  
  25ed847af0226b501d63807a3667988eace050de
- SHA256
  
  fc3badc993aa678d33bd9dbb177ccb2ab4a00e73eafc9c7c98220349006fba17
- SHA512
  
  54371d2b71f2a3660b2231e5b813da9cee44fbbfc5a302660db9343ad3632d742b860329d78c362fbafec10cdc534120f2ce639f29582e926720ed99b2fdae19
- SSDEEP
  
  3072:8yrr3phz4msC0MUmq3nFvQ2iZHzNbUSl1QRPM36qWFnZY2WZDRRqKHpxzPC:7b4s0MUmqGNbUSlKqWEDNxzK
Score

1^/10
behavioral17 behavioral18
- Target
  
  $_131_/lang-1028.dll
- Size
  
  113KB
- MD5
  
  a81c14a7c298425f0177d1ce632f2466
- SHA1
  
  923fdafb76c31892a38a4b61fba8f377450fc269
- SHA256
  
  43e0be682b819a8e7e50704681736f6a3efc9d974baf3b7a9be79157ac33f24a
- SHA512
  
  8cf1d3afb39dfbca9075680cf40521fb1e9ed3855d68cac0b6526bf79b27a875ba49efeaac7973185df9a11f42273257354a57b2fc6221fda10e6278097d7e6f
- SSDEEP
  
  1536:2XC/b/on4ysGSVTRLdYIMY4JUjAs/0zEwjHh2Ex74x0l:8CzoHVIMY4JzlLHHx1
Score

1^/10
behavioral19 behavioral20
- Target
  
  $_131_/lang-1029.dll
- Size
  
  256KB
- MD5
  
  dfbb5f917ac5bf8a08615505897c12c8
- SHA1
  
  9d6c8cf0d78a74f52b7c8db8cecebf80f1c9720d
- SHA256
  
  bc669217358c2059c40f6a7fab0816afc5b9a9b4cee880bd8c9837e623718767
- SHA512
  
  910ec9fc7f94886936f9b04e1b35bf5d5d8948362463cfe81b1bd8253dc948ee8e6508ce654942cdab60d84ec1679808586b0ebfbadc590c3dd3fdb868df3e88
- SSDEEP
  
  3072:yu9yV0ws1yxbxqTjEuq+m64l0V13hcIYq80sJ0wonymZq1Mb2gzYt:1oJ413rYF
Score

1^/10
behavioral21 behavioral22
- Target
  
  $_131_/lang-1030.dll
- Size
  
  252KB
- MD5
  
  e3231d06b67b94d2321c9f8445054000
- SHA1
  
  e78c6c2f3aa928a5cf0dffa72453cfa3b2df29ec
- SHA256
  
  dca4cf1ddb581d61b3964ca849743bf94829bffd3784ac3b1167158d4db58e61
- SHA512
  
  4db99fa149f10547b13e109bfe5196cb0087bafa6b7f3cf382a2ec1904ffb5896f083e520713d77c8b8c5665296b40b82d66a5a8295b3c0aad0d4e8eddd4ad8b
- SSDEEP
  
  3072:AVPMUPjdHlJsCPH02R/CCzuo8JqT1oS748mSAtlFgCIcgSnQEiGk4:8nhlJhPmFpg4iGt
Score

1^/10
behavioral23 behavioral24
- Target
  
  $_131_/lang-1031.dll
- Size
  
  285KB
- MD5
  
  9c0270dbad21279f2ac5b4f686a841a0
- SHA1
  
  2815192bf6339f2c61f4cf66b9b75a5f341e4fb7
- SHA256
  
  49496d4bbd3db3e7446749cb7d986cd0c99405c50c5a88bf55606cc87d25cfde
- SHA512
  
  25c69520f9175e29821608ecdb60159bf2a8124b98fe59edef39dbfecad2e1602e0f4e0cb55d8a70cede9169ed09f5ec0e946a48dbc8cbcb12266f24b39be2b2
- SSDEEP
  
  3072:MCJRKPgjvypvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXu9dIEhpg8XVLZkwwlPaO:3ypvCEFzda9Yhou
Score

1^/10
behavioral25 behavioral26
- Target
  
  $_131_/lang-1032.dll
- Size
  
  298KB
- MD5
  
  0928726ec9cb240a9fd47637cc607569
- SHA1
  
  d127882edf824130616f2ff2349d49ccb70aefdb
- SHA256
  
  e3887258218c7093c19df880eab38ce2492613d1f469d11b31231289f0cffa67
- SHA512
  
  e7f553fff5258f1f5432a8ea8121a3c3bd78272713463937c470cdc3e7b9ef97694317ca4ac9c9a0385faee558eacbb143cee9b12b2b67505c0471292161d7d0
- SSDEEP
  
  3072:Wa6kCHTgkU7ZlvMQmOnMGopX6YQ5dWORIqC4adqLDBBlKLSUG8+wi9rvxVJzAkHx:TvM9y6Vyx
Score

1^/10
behavioral27 behavioral28
- Target
  
  $_131_/lang-1034.dll
- Size
  
  284KB
- MD5
  
  71d2c6f28c6e52ee8477c68003b6808b
- SHA1
  
  2a770035ad3ba4cb61ea7a84c2b25f6b0124d420
- SHA256
  
  61ee9689f30722191cd8c1673d9600430dc604fc50f137c21a5581f89b4dc266
- SHA512
  
  e09d2fc6ed91cf3c86ec3a4d65ad9f5b506592f10fc9f5abc31ca8e0b0ad4b7c907343601e192ebf37844633b271cae588056c64cb26ea81678a8a68bb2bca6d
- SSDEEP
  
  3072:tFhWXaxuncqz57vDc+JqL/wDFyIsDFPxxeiWaC7kkhTrldUuUfHu6KFWhadMvn:vhNxucqo+JqLY4RDFPOivkhQHlha+f
Score

1^/10
behavioral29 behavioral30
- Target
  
  $_131_/lang-1035.dll
- Size
  
  264KB
- MD5
  
  7b0c40f747f65220248d35ec3b0f87aa
- SHA1
  
  1c77fd7d8a8df4d2bed91471dd1c96b8da4359ba
- SHA256
  
  4200722f1c8942a4f530cd21a66bf41f66cd595852dbc939d23f509c5e44dada
- SHA512
  
  06330f336932a62cce7c5d62ac37e03593d81fbb4d79fe1160780d9bf7f83f41f7fbc093a26a0b8039ddc80a29e7214544ff9bb391aee149f3e2de1e381c1bff
- SSDEEP
  
  3072:9l70AYKzLFQiBRLAEmW6WiM8LHxaMNv0HhZ/m2lLi2/eqLyJ801IEaI88RTr+vUU:NLFJ8zx/ZxWVxziBZpKY/sJ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Downloads MZ/PE file

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32