005cc5fcee47af9761a6d41b5789683ad454ffa416a7bd7a9d3472ddf9fc230e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

005cc5fcee47af9761a6d41b5789683ad454ffa416a7bd7a9d3472ddf9fc230e.exe
Size

18.7MB
Sample

240213-c9zqbsdg32
MD5

b1bbf11894fda5852dcd1a624d5a6349
SHA1

b8e22e502260cb8c720429b762d0908cec38f8a0
SHA256

005cc5fcee47af9761a6d41b5789683ad454ffa416a7bd7a9d3472ddf9fc230e
SHA512

6dc7ceb9f5c3372ee4a0de9354336ec73cda64e935dcb4b9a79c72a74419eb034eba5ad87126f4157ae3ea13680e6e41dc406827683c6ee4701e8ed83f89abce
SSDEEP

393216:dJg2m+fD6Qk9ah0I7ZkwdJ609cHqhjC0BF8LGUKdT:M2myw9mbZkwLL9cHQC0BF8LG3T

Score

10^/10

discovery

Malware Config

Targets

- Target
  
  005cc5fcee47af9761a6d41b5789683ad454ffa416a7bd7a9d3472ddf9fc230e.exe
- Size
  
  18.7MB
- MD5
  
  b1bbf11894fda5852dcd1a624d5a6349
- SHA1
  
  b8e22e502260cb8c720429b762d0908cec38f8a0
- SHA256
  
  005cc5fcee47af9761a6d41b5789683ad454ffa416a7bd7a9d3472ddf9fc230e
- SHA512
  
  6dc7ceb9f5c3372ee4a0de9354336ec73cda64e935dcb4b9a79c72a74419eb034eba5ad87126f4157ae3ea13680e6e41dc406827683c6ee4701e8ed83f89abce
- SSDEEP
  
  393216:dJg2m+fD6Qk9ah0I7ZkwdJ609cHqhjC0BF8LGUKdT:M2myw9mbZkwLL9cHQC0BF8LG3T
Score

9^/10

discovery
- Detects Windows executables referencing non-Windows User-Agents
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FileInfo.dll
- Size
  
  589KB
- MD5
  
  96db521a774244bbab1de9d93d2b0a64
- SHA1
  
  27c8304e4b17a5a59d414de8ef77b056609c21bc
- SHA256
  
  f79eaaa02157d6f4cd44d3282ae039ced8ac9fac964ea4d7ed7c12ca92f5833c
- SHA512
  
  b0bc0e858e0a98c9c7e3f5479249fb4f9f6a92f7680fc437950e94499fe0dff3f778a8c2f8f0dd6d5d61fd9a209817bb59d3166d1f19d9adf1ee2153e00859c3
- SSDEEP
  
  12288:v1M3EgrfsgXqaW2SLHuOjcqUEETcw7/MvLhaQ1THqJe6A8UFNNP:v8EhGS3Q70vLY4TH+ej8UFfP
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/RCWidgetPlugin.dll
- Size
  
  2.7MB
- MD5
  
  c8f4719f57485ede91c05335df4cc1b2
- SHA1
  
  895b4e75ee2e9f302351acb74c3c7936d32585a0
- SHA256
  
  72c2bd73e2915db5f490498f9cd4ece2f5fe2070b06d3fc7abcfce5a2fd9a101
- SHA512
  
  f8a37a969961a8299604a930f2b1834502b07baee042597d6a005ee1885a69c71e5cbc9d029209b20e8200b2e40eb4bc5b6ce865139d5ef702e2559d3bca3d09
- SSDEEP
  
  49152:L4W12DeELdPYW+1Upj3Oi+8PDwcX7LWifBLhhnXdFs9n20inrT3V/ul/hw0R25P:zwgwwcX7vBLhhnXdFs9EURhw0
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  27KB
- MD5
  
  a568feaa357f44dd50c5e447fa8ee1b2
- SHA1
  
  5c765fad342b756d5ea522087c6f7567b5f3ed57
- SHA256
  
  57947a15ad3215185c7e15a5f0da393570845a13ab7b184a07fcefbf97537e48
- SHA512
  
  7c8c36c0123de839e677beeba65c1af56c5e85d8f1ff2c94950aed33e026dff3fbda8c49859012862110117977c928b814c0d91c477583a2b8f83d73f3cdf174
- SSDEEP
  
  384:ixoXlBT3SaMINWf52+4kb1VunYPLb2O1MnnDGaO5C8JN77hh+uA:iypSvIWb3Jko/MnDGxP3hoF
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/libcurl_x86.dll
- Size
  
  2.1MB
- MD5
  
  a26e75c0407c87786eea42febdb32532
- SHA1
  
  27e52fdca023cb8f031cd55ac37965d93f7f7da7
- SHA256
  
  635f988beb849c6510f54f681387bf810c2266bd27834c5a9c160cbfe6df44d4
- SHA512
  
  fdd9760442579ad2a3df4f31464f9e66bc19a4390fa1c81afb516cce817097b5324024f712d9c1bf1a11ad30324f5a8aa83c72a732e1197e8804ab806d3859e6
- SSDEEP
  
  49152:nGUR9r6hl8IXBPZ68L20v/SU8Y7NriOPquwgtJIpT:nGUR9r6b8IbBLjv/SUp7NriSg
Score

3^/10
behavioral10 behavioral9
- Target
  
  KeanPdfMain.exe
- Size
  
  232KB
- MD5
  
  2d717eeb2b789be6c7cb7a761cfa7131
- SHA1
  
  e79a2fd9faf1cddce80ca675a82d6741c4d7d82c
- SHA256
  
  c6e997bb0bd36c945d6b7e27f14f9ed4a70d00ca9488b28b49ef89fae460933d
- SHA512
  
  0f408b63bfad73af215df11b7c129a1b4120002e2032c3427a37dc61fa43c41309a53dd47912d54b57a9a7a9b771e3fcdc22d7d5248460a2115d1add53857559
- SSDEEP
  
  3072:KNl388mlpH6TYwotEvdg3w0xdpF2V/IsOxVxZ86jX887dMBIcfxVchdcbxk:UJ2psfvdgpF2NIPzZ8qsydvnw2
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12