4552e84edd73799b3a6e8e6d8ad0cb231d44241748ecb072c82ee9211728236c

Resubmissions

26/02/2024, 07:27

240226-jabb1sge2s 10

23/02/2024, 05:04

240223-fqsdpabe3z 6

Sharing

Copy URL

Twitter E-mail

General

Target

4552e84edd73799b3a6e8e6d8ad0cb231d44241748ecb072c82ee9211728236c.zip
Size

8.5MB
Sample

240223-fqsdpabe3z
MD5

c4ac3b4ce7aa4ca1234d2d3787323de2
SHA1

e11ae6392aebab8a878bf4bfa3f6e68ced0c6658
SHA256

4552e84edd73799b3a6e8e6d8ad0cb231d44241748ecb072c82ee9211728236c
SHA512

97fe2c0985cd4b6e326704da10ea9bd18a6a7195d1f15337101a818982c5a10192f241004c65c79bab2d18d485c8601fd27bbeb76824e4a1f880ee9fa8baf11c
SSDEEP

196608:07rHWKqkGTSOwUD7sR3M4KBCmbhOj+UIs1mkSW4VrnJt:07rHb9OwnRX0lTsU3VrnJt

Score

6^/10

Malware Config

Targets

- Target
  
  npp.8.6.3.portable.x64/contextModel.html
- Size
  
  2.6MB
- MD5
  
  8f28087d8d0e716368314c2f1a159280
- SHA1
  
  7e383ae0f632c02ef98168b6c1a33fd449d6c393
- SHA256
  
  0b3731c524e6ba716f15087d85eae7e6225b6b51d4ae2fa6c142ff1523f57046
- SHA512
  
  aa21ab18a12a69ff25b24b1c255b0bdc7961985150b07a7f3f4b0909e212295bd781548cd8ea817f3144dfad845aff93df40a513bdb637db7b89bb08fff01eab
- SSDEEP
  
  49152:C+sGc1TASKVbmYIBotpg0TunuNeeigv0XIMw4h2pk4PxKS5VinRfepLm7j5:WTAfVbwotpgruNeW0VHhL3S5VicLaj5
Score

1^/10
behavioral1 behavioral2
- Target
  
  npp.8.6.3.portable.x64/langsMod.html
- Size
  
  646KB
- MD5
  
  2661f8272ada236cf3aeb9ce9323626c
- SHA1
  
  98683c358724eda64bd5c1df5df6d2af8bcedd15
- SHA256
  
  e451287843b3927c6046eaabd3e22b929bc1f445eec23a73b1398b115d02e4fb
- SHA512
  
  59179122d10d9bb17b5e929eccd1cbed6d4012d99622032fa883e82c2e704656ae66c0efe3daf9e42459ad7936d4838fceefc30eebf451158dd7cbdc0d18da5d
- SSDEEP
  
  12288:Ne9/rEo5t4OVoq54eyitAoC/9uwcitKUJAqxw5tG3:EFrECLVoQ4eyitAoC/9uwntKUfxw5c3
Score

1^/10
behavioral3 behavioral4
- Target
  
  npp.8.6.3.portable.x64/notepad.exe
- Size
  
  6.9MB
- MD5
  
  2cd84602fc2428e0db00dbce5e20dc80
- SHA1
  
  965a62dbba7cbb95b6a7694dc33963ffb105819a
- SHA256
  
  4e271372528a9b439d99a7376fc1ac9c67884226a2f7bcbe2f68694c80548287
- SHA512
  
  a6f715224a5e9ffb35833591bdc5cf1b76da479c2a6fd2108d921526708f918e6d5d2e9569c879d1d4c76e4606cdd271364b6f85acd8c811439bd08b61665fd2
- SSDEEP
  
  98304:QtGdbdZUv5vuLYgtbUK5b8PTnwe65w/mod:Rdbvou8guK52TP6525
Score

1^/10
behavioral5 behavioral6
- Target
  
  npp.8.6.3.portable.x64/plugins/Config/nppPluginList.dll
- Size
  
  204KB
- MD5
  
  18a0b5fef18fc27926a4aa3965374fea
- SHA1
  
  a1517a5c1356f00c63c60e464276b115ef7087e7
- SHA256
  
  fd046bbe51b6106ff41cf766ec002f2fd9e5ec18fb60c6c1b3224c0963036f85
- SHA512
  
  ea056caa9dfdd23df08bc47058246b4430e71ec4d2646055d11ed99e82d443397e48bc44a3c3532ff89e1b0eebb304453df3bb6935d558a91df6ce8da0b7d92c
- SSDEEP
  
  3072:8uQtUEW4pggQikeV29r97Fo/rg4aSuhJFAcT15fabjsKeBcHzmVR53vi:EtUr4/Dkq2FH51lQ/q
Score

1^/10
behavioral7 behavioral8
- Target
  
  npp.8.6.3.portable.x64/plugins/NppConverter/NppConverter.dll
- Size
  
  198KB
- MD5
  
  3469d4e293654053868b54ca8cf7c5c9
- SHA1
  
  48a77bd9369465efe93db1afc173836e38f1c63c
- SHA256
  
  d03c1a63ea0dfb0eb588168d36ffb6141f5780abe24c8c19873549788c1c7a6d
- SHA512
  
  3494869d7e1c80d8c6f1bb17cbc648e80ebdc6ce57fa9a66b1f341d3eb54304def7e5ce39ffd7e4798757ad6b966439c7feb15b7f56400bab98afce7259d047c
- SSDEEP
  
  3072:CsyQLpFufl6OPM07zq06MuUy8wqy9XGOeXLXTbi0A7zR9zk:NFLIl/M060Or6ucjb5AfR9
Score

1^/10
behavioral10 behavioral9
- Target
  
  npp.8.6.3.portable.x64/plugins/NppExport/NppExport.dll
- Size
  
  153KB
- MD5
  
  4f465c958622681513e45ced7fa456ad
- SHA1
  
  22766bd48fe89128c7242377053bcae532d35e70
- SHA256
  
  e0a90cd22bee74bf16b42961ea373303a74bebe3ac19107eb90c25c1687586c8
- SHA512
  
  9d27edb6c3ae548a56806dc63ff8259f52c089c1d0adf7193b9aed558735450555f434e73e5f264310cf555a7232bcc87668acf15a3641a18cff9414bb96eeac
- SSDEEP
  
  3072:2HWvf4whXRxCtyAKfbn52zwjMdsI54tWfdHak6yS:wWYwtRxCYAKfb5uwodsIjd6k6
Score

1^/10
behavioral11 behavioral12
- Target
  
  npp.8.6.3.portable.x64/plugins/mimeTools/mimeTools.dll
- Size
  
  145KB
- MD5
  
  6136ce65b22f59b9f8e564863820720b
- SHA1
  
  2e4b1e2bbe9ec23d9b1d83a800c06afdf4aafa12
- SHA256
  
  a001642046a6e99ab2b412d96020a243a221e3819eaac94ab3251fad7d20614b
- SHA512
  
  3a7eb234c80f9ecb212f0ef66a7fe6c97ba7d4272db2e50c95fb770ed8c1d5a712d0400fbf448ef27b7f78fe3c6d5db232c476e9799a8a02868e9226db248a7d
- SSDEEP
  
  3072:w3/HUI6sVStznX/89P/VcU4x5py8qLlCat4HVOtzNNG0vBxN049K7lH:w3H6sr0xzy8qLJ4VqNm49Q
Score

1^/10
behavioral13 behavioral14
- Target
  
  npp.8.6.3.portable.x64/updater/GUP.exe
- Size
  
  818KB
- MD5
  
  fabdd8cc1e50874481688659ea63b7ec
- SHA1
  
  d498dc918010810822902df29ce54ac1766fb446
- SHA256
  
  d056ae6e45a62a86199dcc7d0c696469374253fba05a45c877caf28b0b897df3
- SHA512
  
  1bda8cd73f00f0e7fd6a924ad6234dc47a183f3f4c5a40d5ca6cc0cdd116ee07fce7a1b744cba31ab2a491e89b23f653b5d38a74eaf5138e3289c799f99b7450
- SSDEEP
  
  12288:PySK0M5qRxaBr5wFNbgpA0WUVzOR63AczZXBS3CNmBDIOh68ADKbp34zZZ6dNNoQ:qqMo2aWqT2KbpIFZ6PNeTwt
Score

6^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral15 behavioral16
- Target
  
  npp.8.6.3.portable.x64/updater/libcurl.dll
- Size
  
  728KB
- MD5
  
  2d031d5f3a4e10a94b1c8297d269e2c8
- SHA1
  
  dda72a32b31883ea021311a986a7166d2239cba6
- SHA256
  
  afce00c928629a699b2c253f4536e23350098fa1318275fad0677c5e8b09f0b5
- SHA512
  
  b18bbf6741a0149c9fc2ec6d9a7a3e684ec5bcce4ca9cb559dbac1c6fe853a4fa2d5eec3e9b9ba46fd8658be726e95a33205764fa4eb7e24060d4aae6ca11557
- SSDEEP
  
  12288:GvnFnd1uk7byyzwn5l2rsc2QwEBhdoqyTvl0cWmlqhKyMv:GVekCoa5l2P2B6hdQvl03msMy
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18