General

  • Target

    89dae327e569e26347025b32ae10d42d

  • Size

    1.8MB

  • Sample

    240202-sqqw3sbcgm

  • MD5

    89dae327e569e26347025b32ae10d42d

  • SHA1

    8844bfcafe4da288d3d35488dd79369f0e719aac

  • SHA256

    047e9525a32efc945cddb0e0578eaad7021a13492b404a4093ea0188a9335364

  • SHA512

    d597d41ceb53f236aa032c675d769e1f9fc39bb358c73809f804353d4452a64c1acb15469fbf0436a444317d3019839c61c060f1b19f2d2d2897d7c2e772dde7

  • SSDEEP

    49152:F8skgFFgM7WdOIEpoPytqhipYzxgvVBZCBT/XxjGxPsntOuU:FcgfK/vqymoxgv/ZsTZgknt5U

Malware Config

Targets

    • Target

      FlashFXP/FlashFXP.exe

    • Size

      1.2MB

    • MD5

      797fd2ce3865dc256add22ee35bfd6ba

    • SHA1

      29ad06f90583a6007d7e3358258a7b83e88d762a

    • SHA256

      91fdaaf4e8c0df055574664e68bd23eff99a6a677224dc5b3c4094e1f5bfe72f

    • SHA512

      c4001ad15081c1893224ec2cf7b68c42ba8f10f9b279d3ba04ca5061e0b5fb01bef920e33d6a537c167bb76905f660511ff0a974a7ebcda038c45754845f0c02

    • SSDEEP

      24576:nl5Go1R8XV9O+EgtuWHURfQNb8pPWOi3xa1iYzn/E8pUNmsTdzgfKDNG9lm:nBL8XFE4uqqfsb8px8iiYD/z9sRgSDsl

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      FlashFXP/FtpList.exe

    • Size

      224KB

    • MD5

      5a7131d8b8dac19b54915a91fd6bcbae

    • SHA1

      ba24e43fe764782d9a1a9b22a232b9facc08474f

    • SHA256

      0ed937b944d981b0d550a8db2f25ce0db340e6f1488f3015b450c6226a3d0a76

    • SHA512

      d4177e58ca00b0ff3a223f46e64bbf7178bb46f2de855264b05d1ab14e6960347fb7d7522d24e7140cc008eccdb2860a8b43f384cc2259e5656f3252669d1e79

    • SSDEEP

      3072:etCN7wrYfZVfmFdA8TVO8v7IkWzDjd6M7aAxtRWPaR3Xo5whlIQKwypa:/LfZVSd7OQ7IkSn7RiMPlIQKjp

    Score
    1/10
    • Target

      FlashFXP/IEFlash.dll

    • Size

      186KB

    • MD5

      3507aee207e68553606f17db01574e60

    • SHA1

      481afb7e7ca00daf53a5a8f8a436f4c1dcf4dd3f

    • SHA256

      037fbe671b67729ac7549324943e0de1c466baab8fe6c45281cc14e6cf859887

    • SHA512

      e452ecde49e6470491b3751607d719ccc635964dc96d1042274bb7074c7265ea7feb56f6a384cec03374dc8197d60ac0de90a10493dbdfe5180e91da2f53584b

    • SSDEEP

      3072:ERr9oLG/BoOwe3xfWcTA1Ng2hsjflR2fLya9H8e6Knq/VSMhRE558G3plD0Gk:a7XwyxrOfLyEQS4ioc8

    Score
    6/10
    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      FlashFXP/libeay32.dll

    • Size

      1.1MB

    • MD5

      c98bda4aa5100926772537b4e0048e89

    • SHA1

      f1a233f359e1dc367a4fdba83f5affb4347cd0e3

    • SHA256

      d14d4375ae9b2e465d7dc0207227322180babe0c117b89a5868e49dbbe1268fd

    • SHA512

      d1e0f2b7bc72f32cf45515b6c902bb7b938ec6fe856f5713bd086d477db9189053f47ac36ba897cfd25c8dce96069eb578aaabf416ea079db1fea0de45db9596

    • SSDEEP

      24576:4NLtM4YSDYKs7bv+LxB91pScbiuCAu/BF:iCw8XStpScbiuCAu/BF

    Score
    1/10
    • Target

      FlashFXP/ssleay32.dll

    • Size

      257KB

    • MD5

      7fa561ee2fa985a9c976317975c67184

    • SHA1

      42b810f2041eea968e9b2956adf29de3ed30bc45

    • SHA256

      ee05ece51b92008952d571ad1d3feaf45ab2a1625ea7a97e888eb7d7b3d8f71f

    • SHA512

      ed7658d721a2cbcb146717bdcecc73e6600eac86b3221a550acda88956fc38b717b19c98a84fc192662424482f1a47ef9c93fd37e1cc6fba64e671914a5f8d10

    • SSDEEP

      3072:WCdU6FuwpzHE1Ex8E9mGam4lj0FBzcnp9/ztl80Ae+cbgXMkIWsJRQX2lkLHYsAb:HZYX79gwbmmyLHsgrCCgjvz3mzC9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks