c7c7227a636b4c612cdf3f3d803be3ef1cf8f9aedad1c5d6620e0b9f6e0931a8

General

Target

WOMicClientSetup5_2.exe
Size

1.4MB
Sample

240211-qk9e5age2y
MD5

d8c68825b8a2cd1f00736b617240684c
SHA1

7b68a0832785021e8883cec41606e60fa4a887e6
SHA256

c7c7227a636b4c612cdf3f3d803be3ef1cf8f9aedad1c5d6620e0b9f6e0931a8
SHA512

15f79655b8cfefa402aca135e900881b266f6de3f6f2ada63b59303c0a9efac0175fb253ed640a4cfc2888c5e6954ab24c7c54d4532ca56c3b0a90107af02b05
SSDEEP

24576:Y12rpcEd5xQyaYXnCTZh5GYP7INP4w6ZtwZdsIAljoXHNAi7JYYDd+7PJms:QkzSy/nClDzBaZfuo3HYnPJd

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  WOMicClientSetup5_2.exe
- Size
  
  1.4MB
- MD5
  
  d8c68825b8a2cd1f00736b617240684c
- SHA1
  
  7b68a0832785021e8883cec41606e60fa4a887e6
- SHA256
  
  c7c7227a636b4c612cdf3f3d803be3ef1cf8f9aedad1c5d6620e0b9f6e0931a8
- SHA512
  
  15f79655b8cfefa402aca135e900881b266f6de3f6f2ada63b59303c0a9efac0175fb253ed640a4cfc2888c5e6954ab24c7c54d4532ca56c3b0a90107af02b05
- SSDEEP
  
  24576:Y12rpcEd5xQyaYXnCTZh5GYP7INP4w6ZtwZdsIAljoXHNAi7JYYDd+7PJms:QkzSy/nClDzBaZfuo3HYnPJd
Score

8^/10

discovery evasion
- Drops file in Drivers directory
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  174708997758321cf926b69318c6c3f5
- SHA1
  
  645488089bf320f6864e0d0bc284c85216e56fbd
- SHA256
  
  f577b66492e97c7b8bf515398d8deb745abafd74f56fc03e67fce248ebbeb873
- SHA512
  
  214433597e04ca1ff9b4fe092d5d2997707a7c56f0f82c85d586088a200e4455028f3b9427d87b4f06f9252557d5be4b7a9138ea6a8d045df6209421fd8ca054
- SSDEEP
  
  48:S46+/ZTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mCofjLl:zDuPbOBtWZBV8jAWiAJCdv2CmpL
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  0ff2d70cfdc8095ea99ca2dabbec3cd7
- SHA1
  
  10c51496d37cecd0e8a503a5a9bb2329d9b38116
- SHA256
  
  982c5fb7ada7d8c9bc3e419d1c35da6f05bc5dd845940c179af3a33d00a36a8b
- SHA512
  
  cb5fc0b3194f469b833c2c9abf493fcec5251e8609881b7f5e095b9bd09ed468168e95dda0ba415a7d8d6b7f0dee735467c0ed8e52b223eb5359986891ba6e2e
- SSDEEP
  
  192:eK24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlASl:u8QIl975eXqlWBrz7YLOlA
Score

3^/10
behavioral3
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  d6c3dd680c6467d07d730255d0ee5d87
- SHA1
  
  57e7a1d142032652256291b8ed2703b3dc1dfa9b
- SHA256
  
  aedb5122c12037bcf5c79c2197d1474e759cf47c67c37cdb21cf27428854a55b
- SHA512
  
  c28613d6d91c1f1f7951116f114da1c49e5f4994c855e522930bb4a8bdd73f12cadf1c6dcb84fc8d9f983ec60a40ac39522d3f86695e17ec88da4bd91c7b6a51
- SSDEEP
  
  192:oWa8cSzvTyl4tgi8pPjQM0PuAg0YNyZIFtSP:DaBSzm+t18pZ0WAg0RZIFg
Score

3^/10
behavioral4
- Target
  
  driver/devcon.exe
- Size
  
  80KB
- MD5
  
  b9808a5cc368bd10a3a83af244285ac2
- SHA1
  
  ad3c0e42478a0d726b74925eb2a3c1d604bdcf3d
- SHA256
  
  7b76bac391c62c5884332bd606b6026aecba8ce57c919cc1f142ef2a052dbc08
- SHA512
  
  828e258a597b68e4a89a568a96beed71da32a0feb60dd6713ca2b1a25c2e534a83d93e6a29b7e4cb5e47658e14a1c23efab1f05d27c8e95af37d182428d863b7
- SSDEEP
  
  1536:E+EDgNvx61NPpEJSIaXnRkneWTH0tFc5VojFFMqO7WE:E/5REBinRkeW703cAjnM3W
Score

1^/10
behavioral5