General

  • Target

    ausweichspiel.exe

  • Size

    16.6MB

  • Sample

    240222-2avprsgc46

  • MD5

    c9e580a34f98310722a475b37628fbfa

  • SHA1

    1603a0cc1c18d268dc7e633df1c39046a3be7cbd

  • SHA256

    756e9f397d503a182518366139f96f338b1e783d9faabca95a399c75eb257edc

  • SHA512

    f5a2aef83b75c8c2759043db86b3eb7041097c0083fe59860f3e15adce55e435955d32e4ee74e5018d44c99efea0578ecefbef9fb8bfc82d63a77421fe0247d7

  • SSDEEP

    393216:4Mm202e5O8LaAlQr4tP1LDba7AS7ITej9AWdNK/CjondDV421okvhhBd:JmVZd22j2tMT8mWDACjI421oyd

Score
7/10

Malware Config

Targets

    • Target

      ausweichspiel.exe

    • Size

      16.6MB

    • MD5

      c9e580a34f98310722a475b37628fbfa

    • SHA1

      1603a0cc1c18d268dc7e633df1c39046a3be7cbd

    • SHA256

      756e9f397d503a182518366139f96f338b1e783d9faabca95a399c75eb257edc

    • SHA512

      f5a2aef83b75c8c2759043db86b3eb7041097c0083fe59860f3e15adce55e435955d32e4ee74e5018d44c99efea0578ecefbef9fb8bfc82d63a77421fe0247d7

    • SSDEEP

      393216:4Mm202e5O8LaAlQr4tP1LDba7AS7ITej9AWdNK/CjondDV421okvhhBd:JmVZd22j2tMT8mWDACjI421oyd

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      6f3098fb5f3db26f3bb84f5481109e39

    • SHA1

      9270793e404cc42c6f5be1eb1eb4305f166c656d

    • SHA256

      f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd

    • SHA512

      0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1

    • SSDEEP

      384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      ea00e2678e4679ba28b0f560baec9776

    • SHA1

      f9b647b1ab50cc2de981757ac914a5787bccd95a

    • SHA256

      60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5

    • SHA512

      2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a

    • SSDEEP

      192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw

    Score
    3/10
    • Target

      $TEMP/vcredist_x86_2015.exe

    • Size

      13.1MB

    • MD5

      1a15e6606bac9647e7ad3caa543377cf

    • SHA1

      bfb74e498c44d3a103ca3aa2831763fb417134d1

    • SHA256

      fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14

    • SHA512

      e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd

    • SSDEEP

      393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      ${ausweichspiel}.exe

    • Size

      8.2MB

    • MD5

      26ce28eb1383c656431e95533d5f7b5d

    • SHA1

      2154cf2db3833dfcdbb083d18b865caafc05b2b4

    • SHA256

      92323b50c923433f4167a906dcfb6750a5e0b4250577423050473ed2b7752e37

    • SHA512

      de6319a0cc1a7604da0e39c9a5c0cdf1201777d8b9c1ae34263259b4b0744bf484e06f66e0411b78452cb9ed8050ff4854c26f5824fa8ab3be549720d7f8661c

    • SSDEEP

      98304:JyDn63AaZq6QmZAuFNtcsIrcAdrVjDdwzP:JA6waHQQAQDcPQAdZSzP

    Score
    1/10
    • Target

      Uninstall.exe

    • Size

      80KB

    • MD5

      920a5fea98024449c278745d07304627

    • SHA1

      ec695252ccd2906dfbb38ffbb584bac90575d6a9

    • SHA256

      646a5e0db19fc939e83abb7d9e1c23831b8fb942e8ef31dec25da77384303131

    • SHA512

      e1807568f0b77f44af213cb70a7bc5f3d8a2335d0799c7aa973042594948aa639ca98aa7c93f95f75914cdaa148a55f02e7c633164efa65142ad9775d927b5ed

    • SSDEEP

      1536:UcVxMtkyfWqPG1QIcVdWToWw2EgdLeAyNsdBt4ItRTGCIXZY:U4MrfWdbcDWToWNEceA9B2IrTUG

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      6f3098fb5f3db26f3bb84f5481109e39

    • SHA1

      9270793e404cc42c6f5be1eb1eb4305f166c656d

    • SHA256

      f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd

    • SHA512

      0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1

    • SSDEEP

      384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      ea00e2678e4679ba28b0f560baec9776

    • SHA1

      f9b647b1ab50cc2de981757ac914a5787bccd95a

    • SHA256

      60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5

    • SHA512

      2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a

    • SSDEEP

      192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks