d00136f53e9a79326ca0f0979bdcad1492efb6216daa07a14939503c82cc9e8b

Sharing

Copy URL Twitter E-mail

General

Target

70d9dca6e907ff1e8491beaf7db01403
Size

2.0MB
Sample

240123-3kzxxacgh4
MD5

70d9dca6e907ff1e8491beaf7db01403
SHA1

4699ee69e6e88140adaeb3c611ca982c4fa01584
SHA256

d00136f53e9a79326ca0f0979bdcad1492efb6216daa07a14939503c82cc9e8b
SHA512

708bac956b7f943e0bc88c2fc630405532fbd74d7cf9bd0f6d81f67376ecc5e2fe75e9a382e2b551743f7b7c6d7094ee9719a6a6b703aebb6369c86bfa475caa
SSDEEP

49152:L/nzhncue6nRd1dX9Rl28yMd87cJ86WoFAUFL5Z:zmue6z1ZffyMdgMOGAqtZ

Score

7^/10

Malware Config

Targets

- Target
  
  70d9dca6e907ff1e8491beaf7db01403
- Size
  
  2.0MB
- MD5
  
  70d9dca6e907ff1e8491beaf7db01403
- SHA1
  
  4699ee69e6e88140adaeb3c611ca982c4fa01584
- SHA256
  
  d00136f53e9a79326ca0f0979bdcad1492efb6216daa07a14939503c82cc9e8b
- SHA512
  
  708bac956b7f943e0bc88c2fc630405532fbd74d7cf9bd0f6d81f67376ecc5e2fe75e9a382e2b551743f7b7c6d7094ee9719a6a6b703aebb6369c86bfa475caa
- SSDEEP
  
  49152:L/nzhncue6nRd1dX9Rl28yMd87cJ86WoFAUFL5Z:zmue6z1ZffyMdgMOGAqtZ
Score

3^/10
behavioral1 behavioral2
- Target
  
  $APPDATA/fastwinutl/fastwinutl.exe
- Size
  
  251KB
- MD5
  
  e97796d9487db7cdc66b836704050fd4
- SHA1
  
  6e25bca3dfeeab155082e25816117ecb3c15915c
- SHA256
  
  879ae79db4c74b9e216ed8efc262e6630a5de2588fca547ac6406c6cd4ede24b
- SHA512
  
  720b33ff0a6228fe1541ffd5e7cf146333bd21a93af82453550aed7cd28d396d4074df922a1243dfb5ee9ec048fc916ca508fdffecfcf8dd616a01395dc793e7
- SSDEEP
  
  6144:vmrhOQl5FbpiROMWQt5bCeY9D7Nby2h81p6nBoPSoTM:vmrhLtSO7QtTYtNe266nBqSoTM
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  17KB
- MD5
  
  dfb63c8be09cc3ee878ae45ed1080ddd
- SHA1
  
  3e29a861ed54787c3e7419cdb296bd8472788a32
- SHA256
  
  ebe69bd40f33c8a7571a235984295afdadda2905b7a893e373c1da5d25d9f0b6
- SHA512
  
  a1f9e98a5d4a842bb29ab86362f5a42c88d87c2b905e3391038b7e12903858ced68b0bf350af70ba46f2800b7babf56ca646d0eeffb19320ed924b4b03690f75
- SSDEEP
  
  384:Nv26sCpKYobPUWeo42Nt++zCiSBTRRw3HbPhvaUM:NvYGKLPUBo42Kpr61ax
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/wuaclt.dll
- Size
  
  84KB
- MD5
  
  44ebd24bbf29059791add3a84f0276c3
- SHA1
  
  67f2fc1c01a36394167de6cb49d2a051c53cd63c
- SHA256
  
  debc53c733e90a0be6ab2b29b2b9afd80fff2d9a6ee8959b2223b568f5f4bd09
- SHA512
  
  d854705b271b41645a197d5801e545a824fc285f75f97a0d9ef0e0dea7d5a131dd9d98cd607b4ab753b0e95747f89c367f45b8b47bf4c4db3c703ea721b9bfde
- SSDEEP
  
  1536:O0Wo3+rZKZgAR7JZcpnfPiAsMaXv7tre:O0FmmJZcpnOjtr
Score

3^/10
behavioral7 behavioral8
- Target
  
  fbtoolbar.exe
- Size
  
  1.7MB
- MD5
  
  f9245e1a5c85ce98f563057d59ce8159
- SHA1
  
  30148f9b13cd24ef82c0674ce175ef01b6725bf1
- SHA256
  
  d7f0a3e4ad1a687f0c658f03d4e7e9c9131482b1ad340fd4e80612e89eb234da
- SHA512
  
  e87006b8823c7f031ae152cd57da74211f6deeef3a63d603f8101473adce50a0fb5797aa01bac07e2344e36882926addac425384c76f04cf4849ab8c56885a17
- SSDEEP
  
  49152:v2LlFsUAd1rIf2a2p5psDf/v867bFzZTNY:uLA51MO35psDXzhzt+
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  uninst.exe
- Size
  
  58KB
- MD5
  
  c3026e93f8c4839f246e2e32c280fa71
- SHA1
  
  9d629ea322b4767e8d2ed0b82336b3cecb1eccac
- SHA256
  
  9ad54013665c2651a721108bd33e8a6f9fb026025d9acf60b584ebbd342bd587
- SHA512
  
  9be43a196fbe4ac3a4e282dda7fcfea07d124827f54adf1c0303893b7aafb6e08e41522332a4a8c8d3f644148ae2a58208f89774a81536ef3b3f04f3c9cdf295
- SSDEEP
  
  1536:EMHxqNxd3xtdTfzHyl9X3BJDgdLeAyNNiF:9HxOdljyj3BJDceAB
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12