Overview
overview
7Static
static
3tesseract-...27.exe
windows7-x64
7tesseract-...27.exe
windows10-2004-x64
7$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3ambiguous_...1.html
windows7-x64
1ambiguous_...1.html
windows10-2004-x64
1ambiguous_words.exe
windows7-x64
1ambiguous_words.exe
windows10-2004-x64
1classifier...1.html
windows7-x64
1classifier...1.html
windows10-2004-x64
1classifier_tester.exe
windows7-x64
1classifier_tester.exe
windows10-2004-x64
1cntraining.1.html
windows7-x64
1cntraining.1.html
windows10-2004-x64
1cntraining.exe
windows7-x64
1cntraining.exe
windows10-2004-x64
1combine_la...1.html
windows7-x64
1combine_la...1.html
windows10-2004-x64
1combine_la...el.exe
windows7-x64
1combine_la...el.exe
windows10-2004-x64
1combine_te...1.html
windows7-x64
1combine_te...1.html
windows10-2004-x64
1General
-
Target
tesseract-ocr-w64-setup-v5.0.0-alpha.20201127.exe
-
Size
42.0MB
-
Sample
240222-xfpngsdh3w
-
MD5
e3e83d9e59dc66f9328940640910a731
-
SHA1
aff9d47058b4b172c65db8f8d0d486a3e297a916
-
SHA256
459b0cb9830f52ace1106ac9a2d636423de893fe301743891e0a2879fb8cd8a7
-
SHA512
8c46106ffa2caf8ef03cea51b871c1b3cf756d2a3c9f2a34c3a0959abb8708fda7378dcd432c84104294c2e96ecbc3278a547a0ba0a21ff9e8b1cbc2c76705da
-
SSDEEP
786432:WtHoZOx0E52L17X274NtKP8ih/WahlNel6wBcImhSZ4+S/buMdMPDTbU0k0vJhHZ:WtDx0k2L1WMKP59WelNeltcdd+SDDWh7
Static task
static1
Behavioral task
behavioral1
Sample
tesseract-ocr-w64-setup-v5.0.0-alpha.20201127.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
tesseract-ocr-w64-setup-v5.0.0-alpha.20201127.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral15
Sample
ambiguous_words.1.html
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
ambiguous_words.1.html
Resource
win10v2004-20240221-en
Behavioral task
behavioral17
Sample
ambiguous_words.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
ambiguous_words.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral19
Sample
classifier_tester.1.html
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
classifier_tester.1.html
Resource
win10v2004-20240221-en
Behavioral task
behavioral21
Sample
classifier_tester.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
classifier_tester.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral23
Sample
cntraining.1.html
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
cntraining.1.html
Resource
win10v2004-20240221-en
Behavioral task
behavioral25
Sample
cntraining.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
cntraining.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral27
Sample
combine_lang_model.1.html
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
combine_lang_model.1.html
Resource
win10v2004-20240221-en
Behavioral task
behavioral29
Sample
combine_lang_model.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
combine_lang_model.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral31
Sample
combine_tessdata.1.html
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
combine_tessdata.1.html
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
tesseract-ocr-w64-setup-v5.0.0-alpha.20201127.exe
-
Size
42.0MB
-
MD5
e3e83d9e59dc66f9328940640910a731
-
SHA1
aff9d47058b4b172c65db8f8d0d486a3e297a916
-
SHA256
459b0cb9830f52ace1106ac9a2d636423de893fe301743891e0a2879fb8cd8a7
-
SHA512
8c46106ffa2caf8ef03cea51b871c1b3cf756d2a3c9f2a34c3a0959abb8708fda7378dcd432c84104294c2e96ecbc3278a547a0ba0a21ff9e8b1cbc2c76705da
-
SSDEEP
786432:WtHoZOx0E52L17X274NtKP8ih/WahlNel6wBcImhSZ4+S/buMdMPDTbU0k0vJhHZ:WtDx0k2L1WMKP59WelNeltcdd+SDDWh7
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
21KB
-
MD5
92ec4dd8c0ddd8c4305ae1684ab65fb0
-
SHA1
d850013d582a62e502942f0dd282cc0c29c4310e
-
SHA256
5520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
-
SHA512
581351aef694f2489e1a0977ebca55c4d7268ca167127cefb217ed0d2098136c7eb433058469449f75be82b8e5d484c9e7b6cf0b32535063709272d7810ec651
-
SSDEEP
384:VpOSdCjDyyvBwRlX+ODbswYM2s74NS0v0Ac9khYLMkIX0+Gzyekx:rdCjW/lX1PfYM2X1
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
7KB
-
MD5
bc11f58aa5fb1a877d5a236eecf105a2
-
SHA1
8a9fe378027ef83659872f80d75d90d65b44cf5e
-
SHA256
9a70dd9e812fb61f11c4bc9335461cd44f3076fb70c898aa42858047c2b1a93b
-
SHA512
2f1fdfd9ba5761e48b39850122f20adbb5ad3d3a5827fd2048d5679f1f298dc7859794c090fd44f254da065fcb41efabe5b4110a01dbbf9b591a843c355bda72
-
SSDEEP
96:arALxawleqBmFNVJS/BtMzoxTFsr7nxHC2QnSdjk66GNk/nzlzVTT:jdaUeqBGVMJqzoxTOPFC2ESdA6t4x
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
10KB
-
MD5
18e0d3949bd0d1a9f45dbee66ab2ebcf
-
SHA1
cb32adac5ffbd82dd550989bd7fe990f71cf9b99
-
SHA256
372dc5534980d79d4e20147fd8d7bb20e76d91cad3d086cc1ed7bd03bd581a78
-
SHA512
c41b35df327933f4ba9218b326dead3724049676df5cda0a0f7f57b28b92a7efde3832af262a96d545db5e1f7e01a1191f1b68b395c592d64fdbcae80273ae45
-
SSDEEP
192:tlIjtIHZt3q9LFWK/V/FX6H3ESdA6pcTYlQxb:DlLq9LI0RWUSVcTaQx
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
26KB
-
MD5
ebf5c733481e2f6ddaa04fab99553616
-
SHA1
7a979fa5609dd29315089c8640fabf3ca01be51d
-
SHA256
3b7ae06666fb4277974766409349d0f14d4358e15a20c6c078a29c6021b4a779
-
SHA512
37a61a13ca08bcd0c7bf84c0d1ec4c4d7320b57d60fa702a1c06f8e2a5a8a9c16b4b6756147357713ffafe26dea9ed42f45e5279c4999121a5589f1069760d8c
-
SSDEEP
384:O/h0rfwf/Dr+td/ED+hHzn0zHyPGi//iKSfVrdIgMHIvSeu4PIXzF:OumitBs+hT0z4By3V0HUvHPoF
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
6KB
-
MD5
468810235cebba9d311137e11ff0fa49
-
SHA1
72b1173f1ca6f3d1733e5487b04a89f7e7adf385
-
SHA256
48e8fe27774165eee31fc04266c80b553bc80799c103ba7a0e378d68dd023172
-
SHA512
deb5ffbf92e9668af544a88d329434fe271c8663517ec2d20609f015d447b254d17b44f3259db6d7d8b4fd9c22a645f0e1b4842dac1434eff892dbab28cdac76
-
SSDEEP
96:6qI0TH7yHo1pbbk9dvjjQnSdjk6uzWjnET5teR6znO:HQo1pb6jESdA6cWjET5te
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
12KB
-
MD5
87cdd064d650b3cf72f8a103bd73bace
-
SHA1
f8ea12681f5a5bb97ad9b525ef12e88fda832f8a
-
SHA256
a29754f0b21fbb92265f1fb924b3423a330704bbf56796da67aeca876dbd3326
-
SHA512
6ef757c6e8ad737a3755d0e387c60b596b2261ae10d02b293c1da2c1732901079a00d7f8a5fdb203f8cf984b2d8dfcaac99a43fb8ac011eaab85b56270223a88
-
SSDEEP
192:a3j3Iiz+SdfQxx/5UwJmaZ09H68cAGythSXESdA6EwX4shd:Mj3Is6xx/m609a8cfythS0SgwXPd
Score3/10 -
-
-
Target
ambiguous_words.1.html
-
Size
17KB
-
MD5
557029d8ab70281cff2bd22c04b57f29
-
SHA1
49c54598c9ff3b3aa98a3d88333935646c72926e
-
SHA256
514c9d496b2c8b6800348ddac0dd312563bdcd56c82b678ae06d359457964dd3
-
SHA512
d15c7dcd6820fc9d4346fc56995c1329bdc6c7234a744dcdd6cc7e0812e0117f88f2c47cd9aa6f15134dfb9bb662d36406cc13339c63190a5a3b7dabbf58f115
-
SSDEEP
192:j25icth7o14c2mgjzapG9hAKlg7Ce+xgrXQto8npJ+u3S1VwMKhMsY01EppM9a7z:Oic/7NlHRVXnP73SXoFn1EppMkm9mSjS
Score1/10 -
-
-
Target
ambiguous_words.exe
-
Size
736KB
-
MD5
512589bf39f52299e8cfb20cbcf06ee2
-
SHA1
5e5c037717f7c9c3f593b628a0b452f90a3be1b6
-
SHA256
c98b2c6b5e260f3b96dc92658c3fa26d97742cf68f71f7b56e1bb8e958e13625
-
SHA512
b183de2e68af618dc50c7c716285eb14eeead50b6e62ccbffd60487f77bad71d083fa32a0a04b8be5504744f30f7fb084e58e2dea46649dfc367003cd5f4a017
-
SSDEEP
12288:x8Diq9aRxNca5bdgiXywDdI5sMxuwtRxJtRxYRxzRxjRxhRxERRxhRxCRxARx9R0:x8Diq9aRxNS5sMxuwtRxJtRxYRxzRxjN
Score1/10 -
-
-
Target
classifier_tester.1.html
-
Size
19KB
-
MD5
0f474fb2b89d493f4b7249a99be7a0d4
-
SHA1
0822a29c226a326186d7102a45ad006a2a87da41
-
SHA256
6b5acc1371f817ca3345d6672d84a4c3c58db467ba6cd85e4355bef6417f6b11
-
SHA512
1d99776ecb718aed1ebe1b6af46dc83301fc9ab7a69e32b5895ea6d8ae704613541f98c1823d06db482d3800efff70d23e023887f522d6cb20c5fb1628bb5456
-
SSDEEP
384:Bic/7NlHRVXnP73SXoFn1EppMkm9HOKTUn2Qg:oc/7/HR1D3nippMH+n2Qg
Score1/10 -
-
-
Target
classifier_tester.exe
-
Size
3.0MB
-
MD5
7b36666ab10406e4b2a4268b6a69d96d
-
SHA1
c64142ed94e7d735df76a4bb9f76ec1a9ec25a95
-
SHA256
366227b517dc161e3322817643e4db16d08b25bc839f9a38f3dfbc99a80b1c86
-
SHA512
7eebf67e80eb4e8e158003a5701f6c9b66e700594aab272de769b52a4de3f2860ccc5e8e31ac59570fd996b300ad52d235d3be2018c79f64d7e2afc35431c15d
-
SSDEEP
24576:gBZs0TjNXrCywHTRLdej2+R2aIiSWh3zt0cNCtFP6sf8FaHx9pEzZKv:g3FZXOZd+2+R953ztp+JUZKv
Score1/10 -
-
-
Target
cntraining.1.html
-
Size
17KB
-
MD5
f6970966d007281906fd3619eead8966
-
SHA1
4c23bab8bc73bf4aa490e909d6588a3d1bba84f3
-
SHA256
b3126a6539713037715c71d29e95d8b8c4173e98b57ce82f34887fa1a1ea3600
-
SHA512
fb25d562e3eb16647a1ae43348037bd0cc151bff432d2083e04ca8c05c70e7621cb341384fe86d8562a1bcacaa752be003ad04b9ed4c9e4dc9f021919312f4c0
-
SSDEEP
192:Q25icth7o14c2mgjzapG9hAKlg7Ce+xgrXQto8npJ+u3S1VwMKhMsY01EppM9a7w:Bic/7NlHRVXnP73SXoFn1EppMkm9BD
Score1/10 -
-
-
Target
cntraining.exe
-
Size
2.9MB
-
MD5
21a3f3ffc1538874e142bbf765ae02db
-
SHA1
e8b7ea3364f83847f0f93a3765994bdb21a1b71d
-
SHA256
992fee8455456c3425381b84277b0a63af04a7951ca2eef5c91a7b891fef1ba4
-
SHA512
5dfb0907a907f9d2d297ad54717460975558c31518a9b410553f31c51d52340896d7cf4cb041e1494426af835ba6882402d2838748db1086db07f07f02557d5e
-
SSDEEP
24576:MyIsAdeLhFcgcn2cUPnuidY1JtoRsf8OEZcwRKn:npqgTcK2idf+ARKn
Score1/10 -
-
-
Target
combine_lang_model.1.html
-
Size
20KB
-
MD5
5b9a433afeadd3b259bdb4b68032bdc1
-
SHA1
94c0ad66d4720953b1efdbe64661803bd778aab3
-
SHA256
358b5b9b8038701f64d8cfe72aa99b3523cf992ae6159bc8e5cb91ac373b984c
-
SHA512
922cf8efd60b19df04b92540cf65aa4c1152ec3edcaad0c2bc997558c7cdb71949ebef63dfb518effbf0e34659c80cce66e5b00708cda8e648dd59760e51bb81
-
SSDEEP
384:6ic/7NlHRVXnP73SXoFn1EppMkm9iyo1eU/+8ybwD:Zc/7/HR1D3nippMif28/D
Score1/10 -
-
-
Target
combine_lang_model.exe
-
Size
3.2MB
-
MD5
ccf7899e8a6bf4eb8dc13b15156f8eb4
-
SHA1
2603c6a161930695329468d9c95b820a917a99d3
-
SHA256
3a90175a3ce58f1547d6e5df1e9e0168da12523cffa21a41fe1e284ad839e1e1
-
SHA512
1d71e972d1a215a5276c2cf9bd0608856942ea94c26013fb6bfc9e239f469cbf0f6a6ed93d5aa57767179cde341485237425aefa30a7a6881e4fb7f30872bb7d
-
SSDEEP
98304:hj8eNS+wKZReYuXKKi2wFdA1PRnCBqQRutO:pjNS+tjK4AlRnVS
Score1/10 -
-
-
Target
combine_tessdata.1.html
-
Size
26KB
-
MD5
3beb894861db8c7d2681182f8824aa5f
-
SHA1
961e833f8e3b0ccc7b41713d55d2bbd615124071
-
SHA256
da1575bc84b05dcea790db78af08e1dea310622b3af28b5abedd13baf386fd62
-
SHA512
adb5f7106cd040a55828850d9634f948299cfe1941d1302860bd9822d8ce59ed7fe1ab3c31418675f80789c4c80e8252e6ad3fd0c6c71cb6c4b6ca855c961ad0
-
SSDEEP
384:Jic/7NlHRVXnP73SXoFn1EppMkm9OQG2E4pA3xn7qEYf2r/gAJ1qiqND:Qc/7/HR1D3nippMOQGZ4pA3ZqEYfVD
Score1/10 -