Overview

overview

9

Static

static

9

RocketRemo...up.exe

windows7-x64

4

RocketRemo...up.exe

windows10-2004-x64

4

Firefox/pl...er.exe

windows7-x64

1

Firefox/pl...er.exe

windows10-2004-x64

1

Firefox/pl...ui.exe

windows7-x64

1

Firefox/pl...ui.exe

windows10-2004-x64

1

Firefox/qipcap64.dll

windows7-x64

1

Firefox/qipcap64.dll

windows10-2004-x64

1

Firefox/softokn3.dll

windows7-x64

1

Firefox/softokn3.dll

windows10-2004-x64

1

Firefox/xul.dll

windows7-x64

1

Firefox/xul.dll

windows10-2004-x64

1

Geckofx-Core.dll

windows7-x64

1

Geckofx-Core.dll

windows10-2004-x64

1

Geckofx-Winforms.dll

windows7-x64

1

Geckofx-Winforms.dll

windows10-2004-x64

1

Google.Aut...or.dll

windows7-x64

1

Google.Aut...or.dll

windows10-2004-x64

1

HelpFiles/DE/1000.htm

windows7-x64

1

HelpFiles/DE/1000.htm

windows10-2004-x64

1

HelpFiles/DE/1001.htm

windows7-x64

1

HelpFiles/DE/1001.htm

windows10-2004-x64

1

HelpFiles/DE/1002.htm

windows7-x64

1

HelpFiles/DE/1002.htm

windows10-2004-x64

1

HelpFiles/DE/1003.htm

windows7-x64

1

HelpFiles/DE/1003.htm

windows10-2004-x64

1

HelpFiles/DE/1014.htm

windows7-x64

1

HelpFiles/DE/1014.htm

windows10-2004-x64

1

HelpFiles/DE/1017.htm

windows7-x64

1

HelpFiles/DE/1017.htm

windows10-2004-x64

1

HelpFiles/DE/1018.htm

windows7-x64

1

HelpFiles/DE/1018.htm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RocketRemoteDesktop_x64_Setup.exe

  • Size

    240.2MB

  • Sample

    240223-ghxtwacg56

  • MD5

    6639c01388d5350deb3ffaee6eba5e01

  • SHA1

    a71881aa21c19ec46b214ff3f5d19153544e073f

  • SHA256

    6050e0b5edaa6709b429456f3d109e5cfe2db7f67adb05cb12f5988b26582f84

  • SHA512

    154022dc047e2ae5e3e6b0ec87c69d505e8c696544ee8983d94aae438af61d71e28b3059724f0becc0c979f046e1c874a8c7456783dcdbd7760dc1b0ac5857fb

  • SSDEEP

    6291456:yH3+2mB2mJgcOuLJ+jDcYjAEm17gNGQJKg0bn+R00Nv4:83BmBFADckAEKKh0i9Ng

Score
9/10
cryptonediscoverypacker

Malware Config

Targets

    • Target

      RocketRemoteDesktop_x64_Setup.exe

    • Size

      240.2MB

    • MD5

      6639c01388d5350deb3ffaee6eba5e01

    • SHA1

      a71881aa21c19ec46b214ff3f5d19153544e073f

    • SHA256

      6050e0b5edaa6709b429456f3d109e5cfe2db7f67adb05cb12f5988b26582f84

    • SHA512

      154022dc047e2ae5e3e6b0ec87c69d505e8c696544ee8983d94aae438af61d71e28b3059724f0becc0c979f046e1c874a8c7456783dcdbd7760dc1b0ac5857fb

    • SSDEEP

      6291456:yH3+2mB2mJgcOuLJ+jDcYjAEm17gNGQJKg0bn+R00Nv4:83BmBFADckAEKKh0i9Ng

    Score
    4/10
    discovery
    behavioral1behavioral2

    • Target

      Firefox/plugin-container.exe

    • Size

      92KB

    • MD5

      7a19876065cd4ae261362f0ce1da9f0c

    • SHA1

      31fb64691ec45e05488a2408e5be44f2d4177af0

    • SHA256

      a840156ce865e9acff6093cf6a1726f8397c4601aaba610683bdc827ab923210

    • SHA512

      e985cde323c7ac1f89e0f840583472c1c47797c8b9e5a4e9c094506bb9f19e8e729eca12798cb224f724b4984ce76e16cddde5a87439de30c265a0ed64ae7495

    • SSDEEP

      1536:P78PXQoa17xon5B4rBKmU8CTdj+dDJ34lTQcGNf4lZ5DuiHPTDEz9:PyXCAB4rBKv3+VJ3XcG5AHPcB

    Score
    1/10
    behavioral3behavioral4

    • Target

      Firefox/plugin-hang-ui.exe

    • Size

      26KB

    • MD5

      8a981edaa2993c93d756e873690a7137

    • SHA1

      84937bdcbae77a6008a6c69db897a8129bcb2979

    • SHA256

      32f06c18fce0d5823497ca095f1412dbd087ef5ddcc2d3f22778b13635c6f2f9

    • SHA512

      1ff716f71769ca121daf579e0ba1209d5c8c87e8ef6a92f3530eb1748d5b9bf61180776a6b6f76e33d1c1b8709392901e9ee4e7e6668ca335c435bbe3eef13d6

    • SSDEEP

      384:n/eedRfp5VXsO2H8D5g9VbnyIg7uep7G5ZXXQA7XE2fA5zXb1iY0T7AJ:/ZP52H0eVbn/59XE3LxZ+EJ

    Score
    1/10
    behavioral5behavioral6

    • Target

      Firefox/qipcap64.dll

    • Size

      10KB

    • MD5

      9930d171d607f3c2bcf824446d6ccb0e

    • SHA1

      a22f99c5592ac20c2b4d9174555c57c128cba8f9

    • SHA256

      455c9ef784e06ee4af6fdb3b6f4dcf8fcfd8646bb930528147f6da671f0aaa5d

    • SHA512

      ef6f0575ac04aac45c96364d815de9faef52b83659fcad80e337491065e4271b665ac08c667653bd7a2d486b9db0c5f6ac62544eeb6864016ca6af03b0fa3321

    • SSDEEP

      96:H8Qk8urzA2pxKNq0ko0IcDwCjVTJgbyQXF64nDlwiaFR+tsD/ElsL74SEMgg9:HwzpYPkJR5x+y7ClPaFEtsD/XEMv

    Score
    1/10
    behavioral7behavioral8

    • Target

      Firefox/softokn3.dll

    • Size

      171KB

    • MD5

      ce0550d279451e4ed7645e48d6f60898

    • SHA1

      669926e39fef6da1dde337bc0a03417adfcf87c7

    • SHA256

      80266993d10151eda9cab349d514d5a688ac7e0aed7d02a6791f731d4f9ca11f

    • SHA512

      02ae1657709d24a396c294a81e09ae1a3b55fdae570b3bcd5f656994ad744c373830b7f9a7fd334519463fea5ff0e65b0f4634fae229ea8dd95a5b6abab72757

    • SSDEEP

      3072:/evQKDiy+IyWMPDEtjiFVi2mLrdDy1TomRV2TK9n8TY4vwqeNZ9/:GoooYX25tom6KcvPwZ9

    Score
    1/10
    behavioral10behavioral9

    • Target

      Firefox/xul.dll

    • Size

      72.4MB

    • MD5

      d521fc05984568467a1d84cbe43ba1ba

    • SHA1

      42c31a6fde1511c0281476d02b62aac1bf02f9f7

    • SHA256

      ecc94be9f5e799870165d3e4c1020dc63bb09be5b08d3dfda5d1c42274a5139f

    • SHA512

      4ca5321a4915857610b6471264c775c6385069abcd0446d198c4fbb413b75aa8d790d2e3aa2d99802100b9f963acdc99faf501d0eeb10de2ba39bdefc9695956

    • SSDEEP

      786432:lDl3yAzvUhNv6YzLh5mu+MmM4uYNTOvFT7:lDl3NzvUhNB6WFT

    Score
    1/10
    behavioral11behavioral12

    • Target

      Geckofx-Core.dll

    • Size

      1.7MB

    • MD5

      c6cd4cabdb14821e61e55c4b36b60093

    • SHA1

      d7d944c052b34a7e62a4c13222af1a4cf4bb5d36

    • SHA256

      8ee6cad33b0e09ecfb9381d84114b32ed1613fff9b30529adc2ce18a5aa10d94

    • SHA512

      383a090d07c2d6d159876452b87d570bfe6d5bda20816f8316c6c7d0d38b067984c57fbc19e41046701fa0c5a4bba7b42d167dfd681807a6479a31e13eba8ea1

    • SSDEEP

      49152:DE2U6tj1xob4CaYFYoe0LmebQX51Z+bFI06hFqgN5qv+bIEhhqfhtlh:3RRch

    Score
    1/10
    behavioral13behavioral14

    • Target

      Geckofx-Winforms.dll

    • Size

      123KB

    • MD5

      154bee696de09b0cf9ad24fdbd110ba0

    • SHA1

      f51a8e1d8d8cd9f02b80f426752309c16f54b4d8

    • SHA256

      7d57db452740af20be9b66c375d6c0aac39d8485846378a26ea2e44ca9e66602

    • SHA512

      36d9f6582c921f86289e012a95ae75de07cf36235cc4f7bb255cb92ea7ccb19b3360c76f9cc63a92f94e4bf6939b3c75be228484bb7db0c69c9822f4b9ab0f78

    • SSDEEP

      1536:MuXKP2+RvrZHNyCGy+XmbVjiWFYIk81Mg8+bJFrNl0KpMIU46BsMIcwFRUJbQ:MBrZHNpGXxWlDpM662MIcwFaJbQ

    Score
    1/10
    behavioral15behavioral16

    • Target

      Google.Authenticator.dll

    • Size

      13KB

    • MD5

      76cb28fc63761c81e3e4f7c0fd08fc68

    • SHA1

      f20b6a5d6e22f85dc967d19fef564990cbaf9b7e

    • SHA256

      2bf1210484576281ebd24d5cc9d388c50dc7debaf224e87b7408a46d7bdbcbda

    • SHA512

      b5a5c450ad6770a9c9c3da255e0b05636f13238af70acde17daeff0a5a5349751c931900931fd8628badb7afe0ce8dd83c6ddfb9440e8ec6ffec3e060f9b99d0

    • SSDEEP

      192:00CHLaNoey3tbHJ2wMwaz5H2bob2CkVIJTe1ITcoWj3RP71V7WeVMB4Y446s31Pm:qLaNly9l2oaz5WbMkVq8ITC1nSvkNcK

    Score
    1/10
    behavioral17behavioral18

    • Target

      HelpFiles/DE/1000.htm

    • Size

      4KB

    • MD5

      7c62251292bbfe7b1aa1bf90147abaa2

    • SHA1

      b57d8318a67bb4146a9bbfc8b91c61bdb7f6287b

    • SHA256

      1611e67dadd7844e7837fed1bf339e7de89af479a13939d151c46409cc4b5c8d

    • SHA512

      bc52dcd2754fb2b85404adfa21d27ebd44ff46d9d45d677d0ad65c2a80c1560df4db32c21ed86f1ed52f3fc3b24bd8cbbea9d0ed7c0e4f66a26dfa8b0e3f05ee

    • SSDEEP

      96:MvI3OxL2uPUlBBxBMjOPZczlRW9ZyLv3QXT:Mt4MjOPZczlRW9ZyLPg

    Score
    1/10
    behavioral19behavioral20

    • Target

      HelpFiles/DE/1001.htm

    • Size

      4KB

    • MD5

      513e360d91f2d276d569de1c5a9ab8f4

    • SHA1

      e721ce858fa97dddd5814fca508f7e2cb6a1a78f

    • SHA256

      e716840dfc918604dd19dbbf57401a73c2b5f205133c13ab9f92c19028b0d583

    • SHA512

      8b3eb2acca7e660f4ad845932578f9c8bc644b5fdc75210d02b1f28b4adf9821cce683d312a7b9561c810886f6f9699627975f78953477e41c18b8085449df9a

    • SSDEEP

      96:MPI3Oxo2uPUlj8tJ3wBMjC4dizlLKWTLe3QXT:MilJ8MjC4dizl2WTLMg

    Score
    1/10
    behavioral21behavioral22

    • Target

      HelpFiles/DE/1002.htm

    • Size

      4KB

    • MD5

      47eeed25f7eeef8dc2d4da9233e65086

    • SHA1

      d6662b95ca91066377243bf566e70f19f88f8883

    • SHA256

      877e95f113baee106c7dc2db3e2098da3f9efdad9a2404019d44406024a7a83d

    • SHA512

      c9434f323d9268bd1eb0b4525e0ec38aa6b1571e97885848faaf9d809988e97980a57db9b1f31c2111a60a685e7d6b4cd227104307bd2da1b697680b26752f24

    • SSDEEP

      96:MdI3XxP2uPUlZUUWkMSBMjLxzlSKWEde9JDBH3QXT:MoTUWkBMjLxzlFWEde9JDBXg

    Score
    1/10
    behavioral23behavioral24

    • Target

      HelpFiles/DE/1003.htm

    • Size

      5KB

    • MD5

      57bc3b6fb16c9f133fbc4cd672e0459e

    • SHA1

      2744dfc33f586b297ccedb5ecad92b5c058f30de

    • SHA256

      f9fab92724b68aabec120fcac6edb32d3b0d6389e2e0f37ec0f2af6612e34dba

    • SHA512

      a648054579c2fe756ba2e8aa09396b7fc532911a53777c5c8b305aa86ee97f0af1d82baff2fa750ab508dd05b6fb83c6503c7f114a7017b7144bd2c63e9ca801

    • SSDEEP

      96:MaI3Ux9b2lUlbg1w7vx5tDHXqJxZx6Oz5oj+sch/Yb3GcqLK0tue0NmCxm3NGUdA:MmF2otDselchwbMJt50NLG4Uu

    Score
    1/10
    behavioral25behavioral26

    • Target

      HelpFiles/DE/1014.htm

    • Size

      2KB

    • MD5

      8c4a4a0a2a4784d989c1540832837b41

    • SHA1

      fbb1378fa2ea8ce5a6f84d26348e16a406402859

    • SHA256

      e6323d5b94b54f69dcd4468425975bb875da83200f321ed7a3bf14a909851aea

    • SHA512

      ea4027e71d4965bda93df040036d16dd63fe9375141ef7f5b0c6e7717c7b73c00a17913d2b1b171a787bc3dab1aa3abc638dc7c3b086a6fb4b83fd074101da01

    Score
    1/10
    behavioral27behavioral28

    • Target

      HelpFiles/DE/1017.htm

    • Size

      5KB

    • MD5

      e9596eaa72fc8971ddbe04c24ebf5e07

    • SHA1

      5948081aa79b53ebc3b1e9a6d2bbf91578f2617d

    • SHA256

      ef997dd8137dcdccca4a8479388bcfc846805e52167291b15dab3b7ebd1c1492

    • SHA512

      3130c3b00ab431635999c29147a5917d5ba6a0a319ed47544bb17d7aa6b9fffb2cc6015aee7e24df6ec816822f05845a98cb42fb9fcca9e94f849179adba12e5

    • SSDEEP

      96:Mjv3fx012iUikwRz35LKDHqlRf0na6g9v6gSGFJuDHy1XQdT:Mi7k6eL3ZGFAjyw

    Score
    1/10
    behavioral29behavioral30

    • Target

      HelpFiles/DE/1018.htm

    • Size

      2KB

    • MD5

      4b9fe7a1986eb6f3d5eeb2f7c09dfbee

    • SHA1

      ca363e8b3b7145f1c2e6021eb87274acbaa74b6a

    • SHA256

      ba71122f2cff5935b80795902d8a6242c869bc013415a887429e609f5ead9adc

    • SHA512

      a77636271674d0e2ae093cd2765cf268e529ee066741933c0c1ca8009d8b2c7827d66656012279e5622e4aee1de3784412432e8424d1144bed0adf6f1eea0837

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

8
T1112

Credential Access

Discovery

Query Registry

8
T1012

System Information Discovery

8
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

cryptonepacker
Score
9/10

behavioral1

discovery
Score
4/10

behavioral2

Score
4/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10