bb8c908c4276347e457f93277f23b335aad163256cbbbbd250c26056c2ee965b | Triage

Sharing

General

Target

Mango Clicker.exe
Size

1.3MB
Sample

240127-a249qshga6
MD5

eef04da2a7842b1d45938aaa9238c9f8
SHA1

1d0b01171736113a662ab84ea639581a8b2464f4
SHA256

bb8c908c4276347e457f93277f23b335aad163256cbbbbd250c26056c2ee965b
SHA512

888ea7682e5567982c5959a4768e364e441f46c49d140e9222f4bd1b6c965d85e2bd9cf42c20e8ab26fcd7918329024fcc2f7c90530e3da06340c2cdd29f7a25
SSDEEP

24576:6BbOpLrSLnm7tjpfaRds33u+QfTt37+DK8V4I1uMqaZ4XOHbW5MPJC3OVgnyX:JaLnoJpfWzrJ7M4I1uM3FK5+C3ryX

Score

8^/10

discovery upx

Malware Config

Targets

- Target
  
  Mango Clicker.exe
- Size
  
  1.3MB
- MD5
  
  eef04da2a7842b1d45938aaa9238c9f8
- SHA1
  
  1d0b01171736113a662ab84ea639581a8b2464f4
- SHA256
  
  bb8c908c4276347e457f93277f23b335aad163256cbbbbd250c26056c2ee965b
- SHA512
  
  888ea7682e5567982c5959a4768e364e441f46c49d140e9222f4bd1b6c965d85e2bd9cf42c20e8ab26fcd7918329024fcc2f7c90530e3da06340c2cdd29f7a25
- SSDEEP
  
  24576:6BbOpLrSLnm7tjpfaRds33u+QfTt37+DK8V4I1uMqaZ4XOHbW5MPJC3OVgnyX:JaLnoJpfWzrJ7M4I1uM3FK5+C3ryX
Score

8^/10

discovery upx
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  22KB
- MD5
  
  cab75d596adf6bac4ba6a8374dd71de9
- SHA1
  
  fb90d4f13331d0c9275fa815937a4ff22ead6fa3
- SHA256
  
  89e24e4124b607f3f98e4df508c4ddd2701d8f7fcf1dc6e2aba11d56c97c0c5a
- SHA512
  
  510786599289c8793526969cfe0a96e049436d40809c1c351642b2c67d5fb2394cb20887010727a5da35c52a20c5557ad940967053b1b59ad91ca1307208c391
- SSDEEP
  
  384:PWc7V9H6MVsnCPFN4DC5/kdhdj/ouVj19L0d10Ac9khYLMkIX0+GbyeEaI2sJ:PWqTH/V7tHSWutp
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral7 behavioral8
- Target
  
  mathdllr.dll
- Size
  
  4.3MB
- MD5
  
  40b883bdb579966107506aca883bc2f4
- SHA1
  
  5450f510c0cc55b2f5a6e234c7dedf3e8c268f7a
- SHA256
  
  8f2ddbe545e9e9faedf929816e6319e077d63311a28dd17ecfb9b32786fadac6
- SHA512
  
  9b3566cf122068122e3ff86bc4172bf4a2f94fcd9919f9a0f2c1681aebe0aefbc72a5d3adff62ca5e38a3e6a25bd0fe2229ad608204330debe52aa0b3e9f5400
- SSDEEP
  
  98304:X77V5GLxM/8S2wjRyzpTdFGUQTl150pxOPDZVJ:XfmLxttvIUSv5IcPlV
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10