e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f

Resubmissions

23/02/2024, 14:34

240223-rxp3paca7y 7

25/01/2024, 16:04

240125-th1a8abbek 10

Sharing

Copy URL

Twitter E-mail

General

Target

windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe
Size

4.8MB
Sample

240223-rxp3paca7y
MD5

54ecf446aadefeefc670db219d24aa42
SHA1

6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160
SHA256

e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f
SHA512

4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9
SSDEEP

98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW

Score

7^/10

Malware Config

Targets

- Target
  
  windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe
- Size
  
  4.8MB
- MD5
  
  54ecf446aadefeefc670db219d24aa42
- SHA1
  
  6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160
- SHA256
  
  e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f
- SHA512
  
  4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9
- SSDEEP
  
  98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSIS.InstallOptions.ini
- Size
  
  651B
- MD5
  
  7db6ae6fb6e11ce14465c21470cc5080
- SHA1
  
  2d425f7336553c474c61e7802b0141299d85e9a6
- SHA256
  
  f9e0b0fcd3cf9dfabee7f9a7542e3831d22f49312584088516402a420f19ae84
- SHA512
  
  2a5e0668f207e501f74c355dd6c055fcdc0e4f0d0281610cf6cbdf03b94ff7ea19cf1fc06ff7f481b3cd8fe94553bc4d0a1f13c13d5112bca53198dd90d507ca
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ioSpecial.ini
- Size
  
  211B
- MD5
  
  e2d5070bc28db1ac745613689ff86067
- SHA1
  
  282e080b4cf847174c5c11e4f9157b8c338ecb19
- SHA256
  
  d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
- SHA512
  
  a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/modern-header.bmp
- Size
  
  9KB
- MD5
  
  940c56737bf9bb69ce7a31c623d4e87a
- SHA1
  
  f2f3b4e7b9c28df6687ceeaed300a793e3bac445
- SHA256
  
  766a893fe962aefd27c574cb05f25cf895d3fc70a00db5a6fa73d573f571aefc
- SHA512
  
  81c60431619d7eb826b8da997c227c4f7077cc754caa15df6e0e7ae0e33690432bc2a27a7e295998f15e33a17b3d80e492d7cc09fd70dc43daf1cfe86b8746ff
- SSDEEP
  
  192:TYw3C/LSnMoejFXnknIHbGoijTr3dBZ9KPPsnY/T0x9j:TY3LSnlepnknIHKoUrdBZ9uPsY/Ix9j
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  bin/config6
- Size
  
  2KB
- MD5
  
  66525f8f3bf36e949a969b85bb1eda0f
- SHA1
  
  f8ed20c21720c3a541c6f49412c5e3055ffb5e65
- SHA256
  
  86e68d64c93a1a4d1613510d36f2a3e228d8275635a58008bd69a96ab46ca796
- SHA512
  
  fa7234fd0f6bcda784616679859cbab95fc681b90f69d74252cb61990bc6d6ae8e07e9f016f50dc80d8370badeff882233b5b8b68a59195f36310f8e525d9361
Score

1^/10
behavioral11 behavioral12
- Target
  
  include/graphviz/AGraph.h
- Size
  
  1KB
- MD5
  
  9213be9b76f721e8b3dacda0afdb5d34
- SHA1
  
  aca49c01c1c230433093bcc140e26db3e40cf455
- SHA256
  
  c5027b602d76f30168d3f3325331f5e6a05e87f46696ad8ca2f0287babdde718
- SHA512
  
  92503068d04ed22ed05df4e98e6412d8c59b173b7c7e49c0c7b86f903491afb4a300c8725ec8e99626f89b7577b8d1b51ccadfac69611d411ffad5aa700eb621
Score

3^/10
behavioral13 behavioral14
- Target
  
  include/graphviz/GVContext.h
- Size
  
  1KB
- MD5
  
  5c16796f2c126db74e132119778e2fdf
- SHA1
  
  efa86c05a7dabd3992bef2a2487d77df87fc0c12
- SHA256
  
  d9508d29f71fadab8d7fca83b5637795414ff74fa4fadae9714ac657dcbb27f9
- SHA512
  
  6e7cb4894dd9fdd73e6a4d11fe8a8122bb1e0b28bd639024953ecf20bb074909ef4357ed484d440c2a435ba7424be50cbc7bca1a2e8fe114adab1f9addfeedc8
Score

3^/10
behavioral15 behavioral16
- Target
  
  include/graphviz/GVLayout.h
- Size
  
  1KB
- MD5
  
  e5080449e1d74700a24f3e32248dd97a
- SHA1
  
  5d86370028e413f039b7a31a417187aad38bc4d1
- SHA256
  
  0a2dfd08bc95be17317c26c19f009ff9cdbcef40f5a3f2ce1412c3e0dcff8bfa
- SHA512
  
  1fa09cca111eac1facb9c8c024e1d1f987ef93f7a279ba29d915f12aab0d2b4aae1f5999c5d681b892f9d7c3aef3c899bad562430c4a1564986deed4a5401313
Score

3^/10
behavioral17 behavioral18
- Target
  
  include/graphviz/GVRenderData.h
- Size
  
  1KB
- MD5
  
  a1e203d032345049d7f49c578a11a7de
- SHA1
  
  9970a5ab813c5eb32391ef56390c6727c076680d
- SHA256
  
  b3aa11404ee808febd739fa0a6bb32cb68b164d90bd20c25bb1812f344133cc4
- SHA512
  
  ccb131db05da34a2f1e50021caf8dc39e983dd11d26d9a52616e62688013123bc6dcc6f6ca8bb85e8a22d4325951fba66294ef8473248e36b818417f4d8c6ceb
Score

3^/10
behavioral19 behavioral20
- Target
  
  include/graphviz/arith.h
- Size
  
  1KB
- MD5
  
  b4d5c378c29316b445ec77fdf4f48c2e
- SHA1
  
  1f62df755d4b67f55e35469fbab120833bf6abc2
- SHA256
  
  8c543470da3bdecd1a012a79618f4edbc8ef8f97af98435b09c9a0aaeef6a9db
- SHA512
  
  2013418b2487220029823d8a7eaccb18776736e07c397be6cb0bf4be4524c500ac484c3105ce1749835722943d138be858e20e78483eb294f774e6a0db42a587
Score

3^/10
behavioral21 behavioral22
- Target
  
  include/graphviz/cdt.h
- Size
  
  10KB
- MD5
  
  dc01d3bd3ff84be7470b319574472922
- SHA1
  
  a97a5bdcf53363f611f014edecf2798361b60b02
- SHA256
  
  613df36c43b370d312d5fe00980b088cc2459412db5c50d3616fc93f0d47a11c
- SHA512
  
  3f238d58ca91c00cc8e79c431930dd2f7ad254162d843ce3f5cfc980b5f546d0404f2f11a9c0b9a888ff30f2edcb7acd128511a7c54998557b69bc5795581898
- SSDEEP
  
  192:xBTkxMZj+xkHBdoAadGqq7ksdErI8hErIfJgvgvgfg0gpglghgagNgKgygBgNgwb:xB4xMJ+xWBdoHdpH2EbhEwJgvgvgfg0n
Score

3^/10
behavioral23 behavioral24
- Target
  
  include/graphviz/cgraph.h
- Size
  
  19KB
- MD5
  
  b814700db4f21d2caf790bafa285d5be
- SHA1
  
  d37391745ffe892c05859a022da6a07198c13677
- SHA256
  
  2082d67f5aee62d59e6d7d41a69b563a586baf0c8e934acf896e971a1774d92c
- SHA512
  
  f024cbaa693f79469fc0574bdf53008e50580fe81301d3ea787529e719e46a697a5baf12b079309e5c88079732579154d9604e215f4aef126c52479c0cf2582e
- SSDEEP
  
  192:r35xbBySCAcmlrkeMyEcXbNsAfzsWfV4KeZZrV5E5olNIqUMP:75xKCMgNz/mrjSwf
Score

3^/10
behavioral25 behavioral26
- Target
  
  include/graphviz/color.h
- Size
  
  1KB
- MD5
  
  e69b85d0dcd9a53009fad03162f19465
- SHA1
  
  bbbabcbcd8f17ceba30d3b8ddc36e96b6207e5f8
- SHA256
  
  92cfd3939c17575b3891bc454b69f39292eb3508837ca43d731b5f64aeb3051e
- SHA512
  
  9bb1a49377e9c9f1861657451c55492c275b57a298422e988f953badd9490e5cbc5306359f7dbf97fd34a0a228d5aa7350cb50e3416ef3ee1152edae777015a6
Score

3^/10
behavioral27 behavioral28
- Target
  
  include/graphviz/geom.h
- Size
  
  2KB
- MD5
  
  d9a3336dd4b68ad8ab4f7aa8d88ae1c7
- SHA1
  
  219b36d912bca59a1a1c2b4fc22d03d112243468
- SHA256
  
  e2709e9a05aa064ca24257cf5729506aa981f718f2f2aa0b0265193286199873
- SHA512
  
  f911b7847e35589c5b349b7235149b7a1d0d492a1fa9ab8a2eda99cb981f27b22a36ec247b51570917f63bf2a444a8ee9d5bf482efc74372107f0f2b66907c47
Score

3^/10
behavioral29 behavioral30
- Target
  
  include/graphviz/graphviz_version.h
- Size
  
  324B
- MD5
  
  14276ba8ce7f3480e65042ee3ad9f625
- SHA1
  
  afd2297a00736515789f2618cfbfa47b4a98fc4b
- SHA256
  
  dd254088a01396b339dddd9b46ed34d663fe4dabd7362a3c1a4a9509b0e98f98
- SHA512
  
  119b084f9537f5fb6ae07429c9eb3eb6b331d2877a1fafad6fe586153fd8d9f929b1fb4abc5bc6e4d41d7347a9901cb3cce69aeae0b8e50b09c1f34a6ac7f155
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32