8257389d6264742d414404beaaaac869336c91f9f9af1e31ee081aa6e7857f3c

Resubmissions

19/01/2024, 19:16

240119-xyyzwacagn 7

19/01/2024, 14:16

240119-rlgbeagbd6 7

Sharing

Copy URL Twitter E-mail

General

Target

dia-setup-0.97.2-2-unsigned.exe
Size

18.7MB
Sample

240119-xyyzwacagn
MD5

6a2472af5b3df9506e5ec3d822edaf3c
SHA1

bf774bf6902e390d2a4ade45dde41f905c60ceeb
SHA256

8257389d6264742d414404beaaaac869336c91f9f9af1e31ee081aa6e7857f3c
SHA512

e7004bf677d25ebef2dc95de9d571b901e4ee678edf0b5ed65217f554e3a844099db112584a4128b89bace21a517c4958a6aa4ffb73be8fca0e66c5466e1309b
SSDEEP

393216:P+xc0G6JizMOOmWw+gyT0JPnKXHjdVABdO008NdOS:Qc2iJ/+JTcfqt8NV

Score

7^/10

Malware Config

Targets

- Target
  
  dia-setup-0.97.2-2-unsigned.exe
- Size
  
  18.7MB
- MD5
  
  6a2472af5b3df9506e5ec3d822edaf3c
- SHA1
  
  bf774bf6902e390d2a4ade45dde41f905c60ceeb
- SHA256
  
  8257389d6264742d414404beaaaac869336c91f9f9af1e31ee081aa6e7857f3c
- SHA512
  
  e7004bf677d25ebef2dc95de9d571b901e4ee678edf0b5ed65217f554e3a844099db112584a4128b89bace21a517c4958a6aa4ffb73be8fca0e66c5466e1309b
- SSDEEP
  
  393216:P+xc0G6JizMOOmWw+gyT0JPnKXHjdVABdO008NdOS:Qc2iJ/+JTcfqt8NV
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  help/eu/dia-manual.chm
- Size
  
  75KB
- MD5
  
  bc5f53990f1dd6ec66af7bb161e6b0b8
- SHA1
  
  75f688638c9446c2f574bbb945417dc2ed9148ab
- SHA256
  
  ef37d6c26c6df245d8a8f24c6f2184edb0a52103c610c6f80c38b9498c1e8bc7
- SHA512
  
  c1052b81b536125ea37f9704fe7cb71a1175296f0d1fcbf4b1fd93872a86a5a1908c0f8b854ae6346648d5164753f21ad1ab17df0c5f8243729989784423b6cd
- SSDEEP
  
  1536:500kQltE+OrgLdrXfbTyoigcTiB7F/Du8rpdXlEkB6qHW8kZRvwIInXyC:iQc/rgLdrXfbTdbdF/Du8rHXl7RW82R4
Score

1^/10
behavioral3 behavioral4
- Target
  
  help/eu/dia-manual.pdf
- Size
  
  142KB
- MD5
  
  6f1ae072adefae213e6a472361c76cec
- SHA1
  
  6461bc535cb0d0607add9a144367b9e3ef6ecbd8
- SHA256
  
  247e9b9809b83f7119a2c58a414dfd1430add44966cf96eb5e0f3401ca9ac093
- SHA512
  
  753f0e07b5c5c332269c0a613551be38eef6005c31a3c73aad23c8618575e96df019fe2ee84a95d48a5c37501ace31b7a4fada2d6f708cbeec44c0d72021d971
- SSDEEP
  
  1536:OTVpBL9MQnFz4bdxt0z9vxxB6p+Ai8WFbITqnaWyslmwkL3pb34yxcxtn7lzyDZ9:OfnnubdxtqNxxpA3Oagm3LxczlzA9
Score

1^/10
behavioral5 behavioral6
- Target
  
  help/fr/dia-manual.chm
- Size
  
  201KB
- MD5
  
  a83229d50d8079fc7022ed6d1e25e7c9
- SHA1
  
  0b89af665d591f024ce27e0152200be571f8fd45
- SHA256
  
  58533c56a272c6189faa853befb2c919be45f696534e6818cdd9e55d216db45f
- SHA512
  
  0ea26f543ca06a4fd6cbe5b9cf59384dfca74e8497bc9e085826753a2206779f10b1250a7d46782ed81359150cb88a97610a089bf38ea80ec30c76af26e4a4fe
- SSDEEP
  
  6144:SW6iakSvkMusPXywlgpCnexkoRK6/x1r4:8lTkUPXzexEEbs
Score

1^/10
behavioral7 behavioral8
- Target
  
  help/fr/dia-manual.pdf
- Size
  
  306KB
- MD5
  
  7cf3ed9ac1ce725b04a4864b829efad9
- SHA1
  
  6e343a5bef486583480cabe82bfb3dc172db3a67
- SHA256
  
  9424841cb6ce1d67e3d30b70b6910f0c993338403cc5f2c1d9e890a9cc1bc1eb
- SHA512
  
  3ee232f0dfc94dc4eee5c4a97d95eca633f2d5bb775ccdcc19f8c25293b895937404643acc004de25ea567ab05c01921f248925e69990169d51f9503f7eefb12
- SSDEEP
  
  6144:OnOn5preVk4FmQNhilcfi4wzdvUD3YZRiu9oF:OOn5prUX86c+
Score

1^/10
behavioral10 behavioral9
- Target
  
  help/pl/dia-manual.chm
- Size
  
  78KB
- MD5
  
  57a27e003c72ca01af363897040254e6
- SHA1
  
  eaf19505669c1d863ff7d9f840c70a5008651ff0
- SHA256
  
  60c1187cc1913aa3aa1778ddcb206b407f7b39909258dbc941d7ecd3cc50baf1
- SHA512
  
  a79961ee1ae057c256696e5233ee7179dcec35ced6c6fcbc7c533bcdf498fd1019f815da5ee0b25bf9894ca5b12c9f233786bceb803f0bd5f17e8bd8115825b0
- SSDEEP
  
  1536:Mrj9wi7utRP+TpkZJcjIjxa5NpncgHg20jf7xCaphBiN9pUTwTMdte:gCiytRcpkZJcjEk/CpwNmSYe
Score

1^/10
behavioral11 behavioral12
- Target
  
  help/pl/dia-manual.pdf
- Size
  
  131KB
- MD5
  
  48e1911049d4211d09ebcc430975c2dd
- SHA1
  
  e37b3f811be5c4b3530dd8b6f9b424fb285f4c74
- SHA256
  
  b3f5aa44047c4b10bb64294f4dc03f626a30ecf5f5ec1e55efda34d5f57c2bfb
- SHA512
  
  28f39ee7e5cf9c6967ddc51cd37412c1a85ce15cb151123d250455dd58c974eb738f5eed7cfba8d782819c04c9b4cf0349299175ea34a699b3d77c8d70684f1e
- SSDEEP
  
  3072:o6nnjmOV5zPYvwQCmKqyBdMW40sb+ah4XVb:o6nqG1QC6yBdYTb+ah4XVb
Score

1^/10
behavioral13 behavioral14
- Target
  
  imgmap.py
- Size
  
  2KB
- MD5
  
  20725a65c51028b8e8f130706ef15bed
- SHA1
  
  43fa0646a9d4fae027e8ec631cb4f7e6bbc5f725
- SHA256
  
  d8ade38cc76769eefca9c048c16f3b89dccc70cd1d1580172ba264aea44eb3ad
- SHA512
  
  1a6d3b7850d1a5d0316313bd04c9e5379899d8a248465e8785da086f0cba2dc30bfba7180741768dcab003b94ed070b9fc25a8d94fe41cb215395ac30044f62b
Score

3^/10
behavioral15 behavioral16
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-ani.dll
- Size
  
  30KB
- MD5
  
  ad674e2d99f06c4f81491b287d454400
- SHA1
  
  538b92c8850deb9c1a348f713671221daef58b47
- SHA256
  
  a0b7226efb9dfce34a7c90f0e91c8b31555c9bbd58c19ac8c761598233fd462e
- SHA512
  
  ddd902d5f5a57e6cde20f18645f4f8a81ca81ea7a3f76b51a98303b2415bdddbe37a5cb6cf21becff71d2f359a5de0804336b130be45b7b32ede0b7057737e88
- SSDEEP
  
  384:UXGvUCD9AYQ5MQHlvcoPakvyCI2sF+FIwBPClYwoNeJBZc:UyDlQ9FcoPhvyCIQB2B+
Score

1^/10
behavioral17 behavioral18
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-bmp.dll
- Size
  
  27KB
- MD5
  
  a6b653293267cc2a2c7137f6b1e82d85
- SHA1
  
  a86d19b1385fdd822dda8081fcfb511cc96b7871
- SHA256
  
  2240e5ca17355e2ccb3915f6ed905af4346e9a0cb5174f840faec1b5aa5ffa87
- SHA512
  
  85039b9f79eab0343067620dfe1a7581476e55a8a78ba9db656bbfc4f28d9bb69832180fcee44ff4918059dcf21db460386c2d2f131a29ecb1157a265e641f55
- SSDEEP
  
  384:ChS/xzHDH3nxlzK0GIb6sAYFI4q1WCHhVPpMACjsHY05e3ct:ChS/RrXnGI1FC1W6hVBhhSst
Score

1^/10
behavioral19 behavioral20
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-gif.dll
- Size
  
  41KB
- MD5
  
  a762b54e2fedd949efc9f0e73326ed97
- SHA1
  
  379d03aab3558b49c53de54eff46b41c4334cba5
- SHA256
  
  28d2dc3fe8a66f1937ce722766c8f5416d8b282bb3f53affeaa2b05fbdfd6c27
- SHA512
  
  78d865d762ed560670acaac9f7cbb760865335b3cad7fcbb9db23784cd3fc57051ec27c658f266d90257b166529bfea1deb7d8507c38a8c3cbfbf2792a9964df
- SSDEEP
  
  384:6VCTTrRpbcevDYoxwYiZOaTKRPlWM8Qht1Jxfjl/DbRDVbdLNdnQRZhHmwZ+oJH0:6QcxonpP8QjD95bd5rr
Score

1^/10
behavioral21 behavioral22
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-icns.dll
- Size
  
  22KB
- MD5
  
  0fa7b2f79527f58b40c6e6a773d8ad97
- SHA1
  
  8c4d24b466e86736bc325b5d096f6588060b85a3
- SHA256
  
  220e32d68f36fc09e73c8e0302541967ecd15976c62f472481a1fc24892f96d1
- SHA512
  
  d49f4870c59bb419c7033f50314a8b46f9e08d6fb6b72a63910fd8e5695b6233ea2a132940907d66bc5a98ebc14248d08be35d167139fedf72e902013a9dce07
- SSDEEP
  
  192:0+TyeVW7djUIT6JlFH5mB+UlQEP/ay3H4fpelRXbehx6UIEf98QK1DJPx1YQSODG:DmeVaO1e5lTPSy3HApeLbeLWXu
Score

1^/10
behavioral23 behavioral24
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-ico.dll
- Size
  
  28KB
- MD5
  
  b53255ccd3a0174b6f14fbdfe1b3b3c4
- SHA1
  
  5bf6460a14c61e89eb37361ba93f227074f5e4e0
- SHA256
  
  18e97911fbc619d31a95e58a2511a4b14d75c58cf0a22757e0f44f18f1b9248e
- SHA512
  
  29deb6d6ff70042b0a2a1d7552b037390c194a38d115d9bf4b1f8f7979ba393ab88c62fd47214d68646a749028173943082671a81b92ecafe1285c479d62982a
- SSDEEP
  
  384:CAE1Boj1OL7mqDC+9t8QYMWYuUTocqqwCxQWsTGi3:CAE/oxumcC+9oMzuUToJ2QyU
Score

1^/10
behavioral25 behavioral26
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-jpeg.dll
- Size
  
  33KB
- MD5
  
  f929d877d58fab871b63c7af9d3254f7
- SHA1
  
  c03e537fc36a81e2c689936be58bb766919a7c52
- SHA256
  
  524660f33653282a829fb0eea32f7a88b329f2db057a37abaf017c0e43f092f7
- SHA512
  
  9c53bf27c6a7e440d29220b23e3190ac104e213f23f14257e65dc9782bf3e451dba9365769918020c1336684567a2f57d7add0e084a328d9f5335734d00b2220
- SSDEEP
  
  768:ybfE0S8ELsltjNzAVZ22JI19C6TzbSrB9Lv:iPGQNzAS2JI19fTSj
Score

1^/10
behavioral27 behavioral28
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-pcx.dll
- Size
  
  21KB
- MD5
  
  958ab35a3f720c5875c536812816bf49
- SHA1
  
  fff1f7f543b9bb5f9b81979414fbdf758b856a9e
- SHA256
  
  6930e5439ba9191ac02419fbb64a6f09f17058c63d5de134eb6b4ccdb491ba0c
- SHA512
  
  296082d1dd892d8b96522c4bdb563a7b81746616c67722dc3195bebac9a3e64f0c5e36127eb75fbf80c5d6436f16bcdfa50b04415d7c78ff6df654763b6cc903
- SSDEEP
  
  384:NmQwu0J2Ui7FwmfsDYaxLVynS4WcgRPbLnQ:Nm0y5LVUSHPbLnQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.dll
- Size
  
  35KB
- MD5
  
  b461608371e68adbd23ee02792a384b5
- SHA1
  
  328953f7b0853fd79ee9bb5ad48a32599e9af768
- SHA256
  
  ee7815e7ca016d5a1d7796080f64dd5280793b2398f4477de085f75a2d82a441
- SHA512
  
  3a56c9b30654d9b000a2bfd2ecacbd636113584ef68b1e187b5bae3108b8789888dbc5c7af8587f69f6a19571ea91905d7370840fc7bca672cc71d1ce99c63d3
- SSDEEP
  
  384:iGdTsz3ycKA4nUHYLpl8IBU6amDFxxnZv4Wkj:iAAWUYpaGT7nZgWA
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32