4b42090469b5052a7e5e4a27d248abe6f5f18488e8f54259893ea556861e82a4

Sharing

Copy URL

Twitter E-mail

General

Target

BlendyBeta.exe
Size

66.4MB
Sample

240128-nckqpabcbm
MD5

3b504be57daf0791454ab9db6a572a3e
SHA1

c3c0b1313c3b71551d7fe9216f57409cb4912291
SHA256

4b42090469b5052a7e5e4a27d248abe6f5f18488e8f54259893ea556861e82a4
SHA512

7b6d9b85ca913810c6a375f10a919c4b555583f212d9c83c044af6757dec9314a4586c51cea3f70c863a0622190408a927c95dae8da683385564f3782f657ed9
SSDEEP

1572864:OyXoONw5lejnbOrDTEJzJcu6m/rQ9qcGx5wYweCmvUSRtYh7:TXk5eUDYJzJHXrIF9Yx/O7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  BlendyBeta.exe
- Size
  
  66.4MB
- MD5
  
  3b504be57daf0791454ab9db6a572a3e
- SHA1
  
  c3c0b1313c3b71551d7fe9216f57409cb4912291
- SHA256
  
  4b42090469b5052a7e5e4a27d248abe6f5f18488e8f54259893ea556861e82a4
- SHA512
  
  7b6d9b85ca913810c6a375f10a919c4b555583f212d9c83c044af6757dec9314a4586c51cea3f70c863a0622190408a927c95dae8da683385564f3782f657ed9
- SSDEEP
  
  1572864:OyXoONw5lejnbOrDTEJzJcu6m/rQ9qcGx5wYweCmvUSRtYh7:TXk5eUDYJzJHXrIF9Yx/O7
Score

7^/10

spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  BlendyBeta.exe
- Size
  
  147.0MB
- MD5
  
  0b1df56af6cbe1b5cff8586a09569005
- SHA1
  
  c7adecf3b969588c378e68ef4283eb1d9724f0a7
- SHA256
  
  eff7c4cb69355cc447ed5d20a470a06d0d038e309edb3b1c005092452f73ea68
- SHA512
  
  aab15b7ffcc6a75f9ebb13e6fcf08b9ffd0e39e7f5c7db78dbe3be311f404046742dba11b28d7d59d67e2fdf171f9153d0b71196e42187b23424fa3ff8c23edb
- SSDEEP
  
  1572864:QroLm1cZ4K5MvHwpkeg9duXYFPEiFWITK886rc028B+yJwG5xmR:FCjwAI8xO
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral7 behavioral8
- Target
  
  LICENSES.chromium.html
- Size
  
  6.3MB
- MD5
  
  34999967f735b07e9cbcf6c397cea4db
- SHA1
  
  8001fcdd6ce0c6e5a3d91fd45e4c9726fa67f3e4
- SHA256
  
  c5a05048505c00af46c75fb5ca22057f09dce001eada3a756c3839d59011758f
- SHA512
  
  b6c2f722b6551231801e453bba8f9593d9f1a82edb305869ee07ef77f286968eb6ad5db1abbe750e88c8af973c362ee161aa5c591ea04ff39e4f4b34e6fa4baf
- SSDEEP
  
  24576:/PV05W5WS9YzHIlGMmfu626s6W6a6q5AHWeQFpD:F9n
Score

1^/10
behavioral10 behavioral9
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  cb9807f6cf55ad799e920b7e0f97df99
- SHA1
  
  bb76012ded5acd103adad49436612d073d159b29
- SHA256
  
  5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a
- SHA512
  
  f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62
- SSDEEP
  
  49152:IuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8cc:oy904wYbZCoOI85oyI
Score

1^/10
behavioral11 behavioral12
- Target
  
  ffmpeg.dll
- Size
  
  2.6MB
- MD5
  
  ed8f4c34e43f20c78fcb2f8a1592ab51
- SHA1
  
  8494ac5b85991ab0217676249f894bcd7eff11b5
- SHA256
  
  24a896a9b63d116c2da72928cbbffff4934bf0ce1ec3e99d53493cd776e3a07b
- SHA512
  
  db677c21ba9c70e08b76a5eeefbc452565301fe0722e5320f5f3f17662e5f33ae92cb79d701270d2fe0b20b1478c4b057f1e9e3b2e4301912bd846caf8c37ec2
- SSDEEP
  
  49152:9YuqVaqc35GHXVNtcZ44yODvSEbO/1o/GRRpYN4MJ8eIknusyUUjkU+jLtyTzQVD:9YLVl54yODvH/ySJUiLtyTzQVkU5qkJx
Score

1^/10
behavioral13 behavioral14
- Target
  
  libEGL.dll
- Size
  
  464KB
- MD5
  
  439861fc5d1dc9aa1deb42bfe7c97bb7
- SHA1
  
  58a79d22e8a8d152a456114c844f6f7e4a82c134
- SHA256
  
  c813ee6b4e4f81f32f4fed86497cd751fdb4c19b0b718c61aed06f0760f511db
- SHA512
  
  31c11364c8174fe289c99d8a467b1e03e92cb3b2557beb94da6359df5c9c366b30b50350d1b5a321c6a4048641720c3756fad0c1625c7fc1adde4dbde312e727
- SSDEEP
  
  6144:l3rGS+e87yDqHfFetvM/jvtGgJ53B6Zj8s1al2zl0ovk1SA7e:dGS+e87A6eZM/jvtGgJZB6ZirS
Score

1^/10
behavioral15 behavioral16
- Target
  
  libGLESv2.dll
- Size
  
  7.0MB
- MD5
  
  81d090c7823b55120df7b74325ab6ff7
- SHA1
  
  d7a870b2e43d5f15a72267f05ea2b52ac0f8b3bc
- SHA256
  
  5b9cbbf9797d8281ac01dbe49372160040b86be1d5906ee2e4ee87ce17de5eb9
- SHA512
  
  9812c0736afff9283a34ac796b83a91367b768e1f359dbf4390b2f4339535e26ec426f7bae2d2bfa0c29e547ab060bc95199fd4b9c1e01a079ca5b5acd7ef729
- SSDEEP
  
  49152:hcRs1/VOY14IRwMqs5Jbkqd0bRh7yWXSnYUIV2Wi5zi1lJf3Lnn6cB7/h2Hmbs2F:eG2Ipp9eR+UDGRSoGetN4/n1
Score

1^/10
behavioral17 behavioral18
- Target
  
  locales/de.pak
- Size
  
  367KB
- MD5
  
  cfc9d90273c31ccf66d81739aa76306a
- SHA1
  
  ecab570041654b147b3dd118829e2f7ae668f840
- SHA256
  
  8bd127d689be65e45bb8d2a2ff66698200da97835809c6b56ec9e2929b70618a
- SHA512
  
  c9a5058b34c4045ff1b7ae25f1f47bff14d06b3a97b7b1f30da65618ca7aeb0638d79f4e1cea4773cd92d9dfa7f9d2203e5734d0cfe11ee2d2a460d6cec18380
- SSDEEP
  
  6144:F+QNkAjzYyqSFaPjON3Be0mzBWCj0Xs5HgIxBI0gql:cQLjMyvFaCN3mzBd5xy0gql
Score

1^/10
behavioral19 behavioral20
- Target
  
  locales/nb.pak
- Size
  
  332KB
- MD5
  
  f15c568a9ed8b2ca497571453ce6bce2
- SHA1
  
  957ffec56ce14f33fa75f493936552751e966d16
- SHA256
  
  18512064afcc3fb5a0e1f36400e592ff34e8c6c9a7ed0bbe3432255c4759ad8c
- SHA512
  
  3bd27f9612b39836e5e7654e6f07c2fd5a31f2c338db36daa51e2c1462986cf4b651d555245ee2e97acd044e44a5beffb8cc9d56c1af11f52fedf9f7fbf7da97
- SSDEEP
  
  6144:I9HHvGNQkyLirVh6EQFewqOp7fyyVgLmy07E6SRw5PX4RXODcF:6npqrOEQFewqOp7fyy3ELG5PX4IDcF
Score

1^/10
behavioral21 behavioral22
- Target
  
  locales/ur.pak
- Size
  
  532KB
- MD5
  
  6310a289e55b1022f12b4f3cc29fe831
- SHA1
  
  150d81ec8db4d9aec6c0e83e5577dcb7f1956b38
- SHA256
  
  06a0c18d978b54dd163c7f77b7ee0f2ecf3607c5dc14032326f21b4a1f304d81
- SHA512
  
  acb538fce25486e6a01401aa0e9204a6f519cd1dfbca48663d6142e1fb6280bab271dfd2b4c5ddc858de6920805e539b791c48eddcad124d0aae298d479dcf48
- SSDEEP
  
  12288:K6Du8PzOYzXPyn+jAcMR5RQEA2WzRbQYrkuvco/9NjjFpvUu:cYiD59WZ
Score

1^/10
behavioral23 behavioral24
- Target
  
  resources/elevate.exe
- Size
  
  105KB
- MD5
  
  792b92c8ad13c46f27c7ced0810694df
- SHA1
  
  d8d449b92de20a57df722df46435ba4553ecc802
- SHA256
  
  9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
- SHA512
  
  6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40
- SSDEEP
  
  3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l
Score

1^/10
behavioral25 behavioral26
- Target
  
  vk_swiftshader.dll
- Size
  
  4.8MB
- MD5
  
  472154d0979b4739e41aa8466614d64b
- SHA1
  
  e9d3add13719e8ba50d43b12106f5c3379b639ed
- SHA256
  
  603d9d976f4cd88779bdf1ddc2d9e4501594ae4d5f0af2604dad3b5548a0d0b4
- SHA512
  
  11e6912184b9bf3fb24f6a794cb3a477032e61ab8dd007a157957dc4f9cde433c1a1d4e07b95407bd8e31e4a71b2f9d33f3d6b2a5432bf0e8cd7f506e99a1dd8
- SSDEEP
  
  49152:VveyoM/h2BPSjPJEvoSNxxJanAf9dX2kcngUkomWPG2pu6n9MT5F9AZCeqx7l1ZF:JQM/agZaHt7A4P/
Score

1^/10
behavioral27 behavioral28
- Target
  
  vulkan-1.dll
- Size
  
  858KB
- MD5
  
  76ad266333e1c7f6ba11818fab5196ba
- SHA1
  
  fea39f5ac85b4067074f9cee8e4638480d04708e
- SHA256
  
  21ea31d7d8e035f60a529d53c9eb11ae2eff0ae7d2f5cad7169fac73b54d5951
- SHA512
  
  217f48142b87311d573fb7457bb12a637c099ef99a281a27dcb9d5d2b7cd385737b204d421e1f94ea1ee7f4a24a1fe39d8d4393531ac1bb8b0456a46b94d59c8
- SSDEEP
  
  12288:WefVW1lX8MvG9E0wsYox2Nmp6yWEaAT6bJUQzH3To+4AEir1iS:WOcTX8p20wsYHmXaATmXjvF
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  424KB
- MD5
  
  80e44ce4895304c6a3a831310fbf8cd0
- SHA1
  
  36bd49ae21c460be5753a904b4501f1abca53508
- SHA256
  
  b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
- SHA512
  
  c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
- SSDEEP
  
  6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Process Discovery

T1057

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops startup file

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Drops startup file

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32