78cba9c191b2dc98650ef52bd4827ea96f834d5d345ee9ae71127146328207be | Triage

Sharing

General

Target

FREE_PoeSmoother_v3.23.0_1.7z
Size

3.2MB
Sample

240219-yytwlacc4w
MD5

0d0d7ebb2015fc0f8bd39044c7f4f2c5
SHA1

7e71167323135daf9ff61cb512c362602fabb072
SHA256

78cba9c191b2dc98650ef52bd4827ea96f834d5d345ee9ae71127146328207be
SHA512

887af897745bb03c238003b37cd75b6daa6397e11d291dfb72d6a4e65b10d7c51b50171e658cf1d01716a1f408f21d341315c63e3ae12c502a6ce43e2ee00991
SSDEEP

49152:Xd8NyOB/rgUQeiDszQOMaYAnY+WsGTaFzNtN5PqLxBWLTldXrnwi3Lq/HTadGGaY:NxEru0Y+rvXiqb7wiHIaImKYDMnrT0

Score

7^/10

Malware Config

Targets

- Target
  
  FluentIcons.Common.dll
- Size
  
  116KB
- MD5
  
  f7d27af73d2bafcbe27607956fd0f398
- SHA1
  
  f583f8bae81f282dd5a5d0d65f718314b7668f5b
- SHA256
  
  e8f26a6c886c03103a8102eaa3dc1ccf2be829c0a359ba44b50228fc036f11ce
- SHA512
  
  8279f0f8023f51cf654a6c32296835a2c73ce3e6274064cdad48262d9e4736f575fea141e58142b88b952a804be0a9a312465460197ce29e4ba4414c755eaf01
- SSDEEP
  
  1536:zKpf036zYvtYyfuVicqNZBjmpyYAuesAUFZfHPcPSPIXkdIlCiFdzeCSjgJYqCy:zXoYFYyWVWLDrsmaPIXkSlPftnR
Score

1^/10
behavioral1 behavioral2
- Target
  
  FluentIcons.WPF.dll
- Size
  
  1.3MB
- MD5
  
  b38bbadf2bdd6cd99a27f7765b556922
- SHA1
  
  090eb7424fdca50dbc523b742567ca4f13a53703
- SHA256
  
  f3db6e7effc2df9464fb014f34fff90200cf0e1562b5ae3060caff5af90c61b1
- SHA512
  
  3af6543ec32df9447f1be651204e623b2462a6b1682e157f98cfa01896a19fbce4f25f9d36359644e8801c8ecb1380d03a166871e64a3cdfc755f516239be7b9
- SSDEEP
  
  24576:kadFF4OmgG8IS8UkKkikhkF6N1M3mRkP8c4RKYGvdWtu2qMB2Qa/pk5MkVE01Bdd:kQFBmxSnpuKYGvYtpI/jERgpOVVT33R7
Score

1^/10
behavioral3 behavioral4
- Target
  
  Wpf.Ui.dll
- Size
  
  4.7MB
- MD5
  
  2cd77d9a4a6ebf1276573273c8618f92
- SHA1
  
  8d7eaf8c9c3c1e45d86648a135bb9d56671631cf
- SHA256
  
  77f5ece2ec563bd7b4c2ec503e860eb4c8f7db224b1a9218b117fcc155483a52
- SHA512
  
  5896bac0b7023ee0908ae12e6335b6e2bd046b637f753f1fa906b4c766fbc88f89681cbff0f77591b6c03913671268ac569e83c68d57008d6bb935bf7d8e42e7
- SSDEEP
  
  98304:MRdtd/KGCvSmaRZ+nceNhD94j0AHDfyJrel:UdtMvNhD9
Score

1^/10
behavioral5 behavioral6
- Target
  
  fPoeSmoother.exe
- Size
  
  1.8MB
- MD5
  
  e7bc4056ca01c223875c40eab01cb9d1
- SHA1
  
  72b08a05e49a61d43165d72cd7ab072b5b7a99fd
- SHA256
  
  0c932b2c67c0b3a5816fab7b66f622367caa33eddf110a4d6317a906aa5a8bd3
- SHA512
  
  9878802b7edc04b7cbb12b3ce0cea12f75a57edca3b5b35ac8528a421e376028517c691be6cd903d44c2342e258a42a501270880af9d09e9252ae51c9d0ff3ad
- SSDEEP
  
  49152:ahQONPdzpDMjY91n+Zs4ZLJzODe4keLPq/VCi1QOoTdRus:xUN+ei0f2fVkdks
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8