Resubmissions

15/02/2024, 20:41

240215-zgk3ssgf58 10

15/02/2024, 15:00

240215-sdbavshf7v 6

General

  • Target

    4_npp.8.6.portable.x64.zip

  • Size

    8.1MB

  • Sample

    240215-sdbavshf7v

  • MD5

    f02194a9b940dc9dcbae68ea86e5b766

  • SHA1

    73f6102d53637c3cfafb3262133684c9369fef7c

  • SHA256

    e4ac8bb0302535061a238b09e6e3a7ca14300439bfa72608a580987702ee8552

  • SHA512

    8eb323d56dda5bb240a61bc833bff7103f5abfb45cbf0ec67a185aa1d1d293cb84bb9228b44e1bf4492460a6449b1155df93d444d7256eff9925ea9318d55bdb

  • SSDEEP

    196608:7TkWKqkGTSOwUD4LDqIwOnburMbf/PHU7rafMsax9WRO:7Tkb9OwLqlOpf3Uyf2x9WRO

Score
6/10

Malware Config

Targets

    • Target

      npp.8.6.portable.x64/contextModel.html

    • Size

      2.6MB

    • MD5

      8f28087d8d0e716368314c2f1a159280

    • SHA1

      7e383ae0f632c02ef98168b6c1a33fd449d6c393

    • SHA256

      0b3731c524e6ba716f15087d85eae7e6225b6b51d4ae2fa6c142ff1523f57046

    • SHA512

      aa21ab18a12a69ff25b24b1c255b0bdc7961985150b07a7f3f4b0909e212295bd781548cd8ea817f3144dfad845aff93df40a513bdb637db7b89bb08fff01eab

    • SSDEEP

      49152:C+sGc1TASKVbmYIBotpg0TunuNeeigv0XIMw4h2pk4PxKS5VinRfepLm7j5:WTAfVbwotpgruNeW0VHhL3S5VicLaj5

    Score
    1/10
    • Target

      npp.8.6.portable.x64/notepad.exe

    • Size

      6.8MB

    • MD5

      ae07a5be89978600f3094c66ac719eb2

    • SHA1

      a281e662b6d1cca0d54cab01a0064b62e7f1f103

    • SHA256

      746bbdd8c754b0ac18a226d2a1cc68792c948033932f5723981a2b5f5684d310

    • SHA512

      d90f42fb42cf2f5f3ca8d25603666a5b73f11fcc3404597b1c023768cf21083abe0d2b19f3ae2499fba469474e818200ca9937b48ee5406f15bd6f9ea3996151

    • SSDEEP

      49152:MuX8nT7KkzbaJ/I1ER5S/qlC1VQHqpyhdRoMSoAMMho/WVEK7yToMoK2w74CS5hg:5/ICR5wPy+elgIXoGJUR6eP4mTr/moG

    Score
    1/10
    • Target

      npp.8.6.portable.x64/plugins/Config/nppPluginList.dll

    • Size

      202KB

    • MD5

      e95608fe5d8a93ff8eb9a5df985dab14

    • SHA1

      b640e7276bc071521b5975b4aeb82f7f962dfd3a

    • SHA256

      c166b13fd40ac3168a0e4cd15fb5bec6ff0cc78956b86135d4ed9079de58cc2d

    • SHA512

      fccb8d687c355b63d7073699705f4f7e9481defcd31269834b5c62717dfe9fd1ca148ecad756724c66eee78180612509214049d29f233f48d983042a70d2fdcf

    • SSDEEP

      3072:guQtUEW4pggQikeV29r97Fo/rg4aSuhJFAKT13faj7pFKaXQH5FV0s5cB:ItUr4/Dkq2FHj1vkKFbi

    Score
    1/10
    • Target

      npp.8.6.portable.x64/plugins/NppConverter/NppConverter.dll

    • Size

      199KB

    • MD5

      eb17b9ad0edd5d2e3dd8ed768b7e715a

    • SHA1

      e80afe0e9f7bbbaf280c76f620a9992b92fa4970

    • SHA256

      ea870b9714c6f03c3da4ca179a7c8c25854080ac65e00363514b0ca0f66c26b0

    • SHA512

      781fad8cd4d2191c50fd1058de7b291ed7a26986388ff7df4e5580f887b549e5e55a66f2d9bc9b515089f4a73174147d4d3e322edd96e9d0d23b37d9e3fcee43

    • SSDEEP

      3072:fVub4QxSy09L3pCQRUKobM56CjX6cr1+5tq4GtBXdj6oSOE6qgv:9XE09MQRMbkNKZ4799E6L

    Score
    1/10
    • Target

      npp.8.6.portable.x64/plugins/NppExport/NppExport.dll

    • Size

      153KB

    • MD5

      f9b9e4b059a7cf3aeddaa4038539e9a1

    • SHA1

      06dbc4dc4d2d0687f47fcebddbdddc0c47a19587

    • SHA256

      f43204a9dd233db4d9042cb9fd36a6fe1f26f50cac88389a12af255886660a7c

    • SHA512

      b279cb8b57220e325ed7a892ebee5715712801aed8422377e81e658cc20dfe69f06575eb6b350934997adf938f234d09c15023c340a1c97115c9e0d64bf9a88f

    • SSDEEP

      3072:OHWvf4whXRxCtyAKfbn52zwjMdsI54tWfdHak6yS:IWYwtRxCYAKfb5uwodsIjd6k6

    Score
    1/10
    • Target

      npp.8.6.portable.x64/plugins/mimeTools/mimeTools.dll

    • Size

      142KB

    • MD5

      3124031b3512e0931495373d246150ab

    • SHA1

      fa22a1db3388e4fa570f5b2ec656b49bdb53e6ac

    • SHA256

      1c1d739f0282bfd9367e29ca81c61ed4a731e5150a836d0371e5e9d0121c9dfd

    • SHA512

      245600b3cddc4f362f4b269447bf0cab173d1a56e0551c63d2643dfb1c1928fc535bc847c29cfdf1b2378abf3bdb25efbfb0f99e10e277367394dfdc66a11738

    • SSDEEP

      3072:XoY4sCmgqSJGfzOpBBvxWTgA0fmTSeHmF6ffBaJ0r65GaENNC71:XZp0fmTSyBffBKo

    Score
    1/10
    • Target

      npp.8.6.portable.x64/updater/GUP.exe

    • Size

      818KB

    • MD5

      e9be0bc06725c372140838245805dc66

    • SHA1

      6eafbbefe6d2b5b6c8fc39dac54881b5f2e61735

    • SHA256

      8038960c66ec29e9ee0f027491c8349a158025faee39d069219b5a3297134197

    • SHA512

      14831f538f5afd80689db24f7536ef725b75ce235a1ccb7f6795440819461d038cede5beeebd28ffbf9618ae984a0f347a9ffe4c0c10da7b914022174a1688e2

    • SSDEEP

      12288:KySK0M5qRxaBr5wFNbgpA0WUVzOR63AczZXBS3CNmBDIOh68ADKbp34zZZ6dNNoq:7qMo2aWqT2KbpIFZ6PNeTw

    Score
    6/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      npp.8.6.portable.x64/updater/libcurl.dll

    • Size

      728KB

    • MD5

      9f879b6c494bfba4b865ef1dea1bb1f6

    • SHA1

      40b1d446e0eb4c5e9f0d0265eea00f0550c402eb

    • SHA256

      c355961db2470b60629919ccffa0d1b57eea19cfd9fd3209b1165a4eedaa9bf9

    • SHA512

      d2bfe23b5ac56096488f9c5d7978a5908c3f0868fe965083e455f5c639acad47582b8ebdab9caa9f4abb75415558bf4121d32122c443ebf0ebe20940feb7e6a6

    • SSDEEP

      12288:dvnFnd1uk7byyzwn5l2rsc2QwEBhdoqyTvl0cWmlqhKyMv:dVekCoa5l2P2B6hdQvl03msMy

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks