Overview

overview

6

Static

static

3

7114e43c7b...d4.exe

windows7-x64

3

7114e43c7b...d4.exe

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

lineguide_...ll.exe

windows7-x64

3

lineguide_...ll.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

lineguide.dll

windows7-x64

6

lineguide.dll

windows10-2004-x64

6

lineguideup.exe

windows7-x64

1

lineguideup.exe

windows10-2004-x64

1

msvcm80.dll

windows7-x64

1

msvcm80.dll

windows10-2004-x64

1

msvcp80.dll

windows7-x64

1

msvcp80.dll

windows10-2004-x64

1

msvcr80.dll

windows7-x64

1

msvcr80.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    7114e43c7b4b7e74d83f4729b2173ad4

  • Size

    1.2MB

  • Sample

    240124-bv22gafbd2

  • MD5

    7114e43c7b4b7e74d83f4729b2173ad4

  • SHA1

    01914b19ab84e7c17bc434beec2599fdb6b911a0

  • SHA256

    332bfd0847514e8f4f9f943bad7d3b35b3915faf662ef11feb7db82fb322e11c

  • SHA512

    3cb21908fb47f23dd4cc4a6f9bfa0b7e324165a400db13b50bfa92a96183b7db007bcb9be1e46e64ba7b4401778458801ca229ae804b23acf03f627f603b1973

  • SSDEEP

    24576:naxL2G41mVI8Pt9UuvsKk/g+aSWjatdbVPQsFrbh87jaRV:nreZUucgRSSMTq7k

Score
6/10
adwarestealer

Malware Config

Targets

    • Target

      7114e43c7b4b7e74d83f4729b2173ad4

    • Size

      1.2MB

    • MD5

      7114e43c7b4b7e74d83f4729b2173ad4

    • SHA1

      01914b19ab84e7c17bc434beec2599fdb6b911a0

    • SHA256

      332bfd0847514e8f4f9f943bad7d3b35b3915faf662ef11feb7db82fb322e11c

    • SHA512

      3cb21908fb47f23dd4cc4a6f9bfa0b7e324165a400db13b50bfa92a96183b7db007bcb9be1e46e64ba7b4401778458801ca229ae804b23acf03f627f603b1973

    • SSDEEP

      24576:naxL2G41mVI8Pt9UuvsKk/g+aSWjatdbVPQsFrbh87jaRV:nreZUucgRSSMTq7k

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/FRNDelete.dll

    • Size

      24KB

    • MD5

      8d4f8e9e897247e7bf1a1963e24d070b

    • SHA1

      c1feaa4db159a478c99fe8cc109c7a10fb014130

    • SHA256

      3a07e930d76f9d3f06749461dc13f781af6db0290561d27e9cc3c24a516e417d

    • SHA512

      33ea7ce9aa342d64c1c182e423cb0d2e19b44fc1769bbb5e70a478028cae28e3a3557470fb827d90dcb253ae04b75fda82bf70fd1183db210f83f90e2d1280cf

    • SSDEEP

      96:XknWmdJvpymFY0oPEGFPiizXZWvqZhjzL/XzLvIT+dyU9LRulYjbEz:0hdJBymq06h6iDZbLvL/DLQyvdRxjYz

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      13KB

    • MD5

      d765c492c21689e3d9d61634371fd861

    • SHA1

      ac200933671ae52c9d5544d0e2e8e9144d286c83

    • SHA256

      551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc

    • SHA512

      9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f

    • SSDEEP

      192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/SelfDelete.dll

    • Size

      24KB

    • MD5

      7bf1bd7661385621c7908e36958f582e

    • SHA1

      43242d7731c097e95fb96753c8262609ff929410

    • SHA256

      c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e

    • SHA512

      8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f

    • SSDEEP

      96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr

    Score
    1/10
    behavioral7behavioral8

    • Target

      lineguide_20080630_install.exe

    • Size

      738KB

    • MD5

      a1e3d8cda20fc739924b094dd102bba1

    • SHA1

      b1d048ee309f98a16dac0142fb204d926c4fcb69

    • SHA256

      feb631c8233dc4ab30f8157a3efe0124400a944491e68dc11823be0b979c33ac

    • SHA512

      7421e5645f5163a8c2f805b3cba2a3e14f4fc2a40800009839d1518915c32cf17cd8893126ee2686cea71a0f27c38629db8343e6e97794c1a47f05a4dbd446f4

    • SSDEEP

      12288:5n4eMrnMxohs7PZfBqgtQ74iY9bmFXANHhpHLhEf7xIy+GyuZvGAxh9JnoLoeK8:mzKQs7PZfB3GUi1hANHTHdEH+Gyu0ChC

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/DLLWebCount.dll

    • Size

      28KB

    • MD5

      3d320f250297fe1dd1ddc350fa154b3b

    • SHA1

      9236e354d2fe2b9f25a36f1ba686f1f2785e0b26

    • SHA256

      f1ed5586759eaa6e5edf92bc589b0812620a3d48db3724c833b1fd9ea6c837bb

    • SHA512

      8e259f6025080180fedcf13b1493910c20242d02c1776a84a79c8ff1aba00ca64873b251578000867bbcd129c46503470e364817afa267bb631e0d47ef31366a

    • SSDEEP

      96:j4pe13nQHmwy5PFlufG/cg6TGkB4iuGBudGax+suQHV:j4I1XZwy5NbgB5NYdbX1

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/ExistFiles.dll

    • Size

      180KB

    • MD5

      1495e531ee4eb190e4ff6098ae018a9f

    • SHA1

      624ce8e543ada633bfef377f873fdf1bc78b43a7

    • SHA256

      c7532fe91f33a081717c853aa7fac3136320db84fd276e110c6db34c27350bf5

    • SHA512

      fefe41b4fda79f9d063e52af63ab45ebe538e308faa8def15663c2361861b015af6c3e64c1308bf2e6eb2e9d6d7c0289d74a5b68604d4dd5d1f4a56830ecbf9a

    • SSDEEP

      3072:c3YVNR99bZUhevWCxv7+xutbZAjuBrYt/YeL6twvVox:JvZUhe+CxvSUtbZAFYcj

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      32KB

    • MD5

      849abe37c3b8a6dd48089b769ee789c5

    • SHA1

      81d5d6c4d6328059a07ae59878c717211a726512

    • SHA256

      0ac175b28d2a156e71bda214d4a35321c85d434e325624564f0a5eee23c718be

    • SHA512

      fa1f60aa1e26dffe6a0b2ee8cba6490cc2d1f94613777466ce434a71431bd88f8c3964718f3ea1dd2c8ca41847cc259999bb293ea2591f4f0a0add286229f76f

    • SSDEEP

      384:kZgOCgkqzx8Cu8d1VKZA9dHC8rotc8dfa3FvCyj72y4hUqAbso4AH:kZhCgkqzCsd1AoaWUgSJORbsopH

    Score
    3/10
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      f62d03fcb1473110e920a9bb2c701006

    • SHA1

      c48444ef2daa60dcdf91f1645cd4ecd8e66545f7

    • SHA256

      17e2f205af12d5a86638dc83c95fc69199c41af2fa6daeb1e91ec330f68c5372

    • SHA512

      701d531d405d08054d53298141d5bbd56e74df7b22bcea5f9f0e5c4407421ea0ca9617aa84e740dc1dc44e6d14e58852c1ca2087213cc2319f2da44eaed0bc05

    • SSDEEP

      192:g6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTxK72dwF7dBdcQOz:g6JaVh4I5rpPbTx+BdhO

    Score
    3/10
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      32KB

    • MD5

      83142eac84475f4ca889c73f10d9c179

    • SHA1

      dbe43c0de8ef881466bd74861b2e5b17598b5ce8

    • SHA256

      ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729

    • SHA512

      1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1

    • SSDEEP

      384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+

    Score
    3/10
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/SelfDelete.dll

    • Size

      24KB

    • MD5

      7bf1bd7661385621c7908e36958f582e

    • SHA1

      43242d7731c097e95fb96753c8262609ff929410

    • SHA256

      c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e

    • SHA512

      8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f

    • SSDEEP

      96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr

    Score
    1/10
    behavioral21behavioral22

    • Target

      lineguide.dll

    • Size

      184KB

    • MD5

      b87e79712ca06f56b1fc5b9866371a27

    • SHA1

      a739d9a31a064cc7334743657e4761d68a5a8a49

    • SHA256

      e41fc43c109392a278a46924e6ae8e6a09bae3c4d940c4621ae6a2ed1d7f3364

    • SHA512

      eb5952ff65129a6f4c572128868ab6b53b34628907dcd005f4fefac951dc668496876c45e0916dd0a89d2ba374458035ba913551165a4546749b451edcdd6635

    • SSDEEP

      3072:au5r5vtUVMcyKc0dLH0muRNuce2WMRozUfwnG4fBJBRTOADo:rt6JB0TEce25pg/TOADo

    Score
    6/10
    adwarestealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral23behavioral24

    • Target

      lineguideup.exe

    • Size

      332KB

    • MD5

      526e04135e13c30f80ae70dfea9d7a4c

    • SHA1

      aca4d846c985f273918723396017af83dc1c65a6

    • SHA256

      a0b84b30f1d111602b9d985288465ea39493f9c35745c75862821d94a501af7c

    • SHA512

      a791fa91d78b848b3f7ff8a94dcb55add31197443cb3a2a63ff99a77981f8072013033793b6fc608e0a1c2b76e82224150655f754e0eddf8bef8b5978f5f4cde

    • SSDEEP

      6144:RhfAIM5jaHQC1eKICvFjwhh3ELQdfdJC90joiNGEPV:RrQCpICvF8hhDfE96mEPV

    Score
    1/10
    behavioral25behavioral26

    • Target

      msvcm80.dll

    • Size

      468KB

    • MD5

      cae6861b19a2a7e5d42fefc4dfdf5ccf

    • SHA1

      609b81fbd3acda8c56e2663eda80bfafc9480991

    • SHA256

      c4c8c2d251b90d77d1ac75cbd39c3f0b18fc170d5a95d1c13a0266f7260b479d

    • SHA512

      c01d27f5a295b684c44105fcb62fb5f540a69d70a653ac9d14f2e5ef01295ef1df136ae936273101739eb32eff35185098a15f11d6c3293bbdcd9fcb98cb00a9

    • SSDEEP

      6144:9Rj8Tfo4zrcq2FXOth6wsjb2fPzatjLhQeRW86ODl1KWOjPQeH:9So4zATQsjyWRhQ+W83D/6QO

    Score
    1/10
    behavioral27behavioral28

    • Target

      msvcp80.dll

    • Size

      536KB

    • MD5

      4c8a880eabc0b4d462cc4b2472116ea1

    • SHA1

      d0a27f553c0fe0e507c7df079485b601d5b592e6

    • SHA256

      2026f3c4f830dff6883b88e2647272a52a132f25eb42c0d423e36b3f65a94d08

    • SHA512

      6a6cce8c232f46dab9b02d29be5e0675cc1e968e9c2d64d0abc008d20c0a7baeb103a5b1d9b348fa1c4b3af9797dbcb6e168b14b545fb15c2ccd926c3098c31c

    • SSDEEP

      12288:Q1HyurvZ0JPjuTtSu86th1n/hUgiW6QR7t5j3Ooc8NHkC2eo:Q1HyurvZ0liTwuhtjnj3Ooc8NHkC2eo

    Score
    1/10
    behavioral29behavioral30

    • Target

      msvcr80.dll

    • Size

      612KB

    • MD5

      e4fece18310e23b1d8fee993e35e7a6f

    • SHA1

      9fd3a7f0522d36c2bf0e64fc510c6eea3603b564

    • SHA256

      02bdde38e4c6bd795a092d496b8d6060cdbe71e22ef4d7a204e3050c1be44fa9

    • SHA512

      2fb5f8d63a39ba5e93505df3a643d14e286fe34b11984cbed4b88e8a07517c03efb3a7bf9d61cf1ec73b0a20d83f9e6068e61950a61d649b8d36082bb034ddfc

    • SSDEEP

      12288:6Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeC:6Ui2C1JdoiEdmGyYu

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

adwarestealer
Score
6/10

behavioral24

adwarestealer
Score
6/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10