4bbb6021ab01478496202bc0cfb7527b068a621093a823c8d02e696da8b6decb

Sharing

Copy URL

Twitter E-mail

General

Target

a117d2e7c775609af1a1a81cb12719e5
Size

9.3MB
Sample

240224-ghadksbb27
MD5

a117d2e7c775609af1a1a81cb12719e5
SHA1

fd58c558c54276a06911787c1a6e03fa17dc7a15
SHA256

4bbb6021ab01478496202bc0cfb7527b068a621093a823c8d02e696da8b6decb
SHA512

d4d06d406eba1cd2bc8135833ba2dcf849c36cc5dcbb01e1c01a97a86cc534b0cff583eaaa0a6bc5c9861ab97d51eeabedeebbd0b01c8606511be0c80f24f7b4
SSDEEP

196608:ZP29pyKInq5dVxAq2xLfEM24YJ6cSwirukXCY/RmIZcl9VvrwsM9p:ZPUAnq/rAhxwT3J6R5akXCYpYsp

Score

7^/10

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  9.4MB
- MD5
  
  0d5f882ff265554df34ebde89e0a897d
- SHA1
  
  8090c510c3838939d4a9015f06527ab8dc46c9b8
- SHA256
  
  75df21afcc97aa8efcbc43739d487d045e245aef351847faea4828da030d4feb
- SHA512
  
  8995ec060cb5fd62b4419bab73ad0d566e583c78020b87b9abf61bbfb902ecc0232ce7073f37fabd26dde9f83a049a388048377ee72172a98a53f335e1ab31af
- SSDEEP
  
  196608:xLWzSggC9iULjRagqE5RJZhvcajHt1WLA62DW9NNGfJxA639zOx:NWmMNL1rq6RJZF/jH2A6PNNc3Mx
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AdvSplash.dll
- Size
  
  6KB
- MD5
  
  416dd1f9853a601f16c70ee016ee855f
- SHA1
  
  226a5aa251118f5e337d22017dd0861f2d8b21d3
- SHA256
  
  2cf08655bd37f2999612ced3b79d35b537e2b0cd281bb1f452c427879634e7de
- SHA512
  
  27e104a657eaed4cc8f58588385af6354d41785df98c8fc02eb436cb4372e3c0047ec28eab5ab37ef70ddca46fc9cf1cc86fc0d95267fff759ae7e610b5f8d6d
- SSDEEP
  
  96:VQNyX2PtUZsM88eo93NaqqhN51xWabkkEkk/StChwoo:VFXYt38B9V61dk/kkStCh
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  43ba71f370a45aebcde86d76b83b208c
- SHA1
  
  1f14e3c253a5b7255b617084b45e51ef9d6717e4
- SHA256
  
  6d0a19614efb523f78477429df04b71459ee69b3d16231798dcfa539b3d2a64c
- SHA512
  
  36aaf1ccb7c1085ba9fbacbad6c1505c9e389be5e9bd52ee7046b48302b8239d6e34dfeeb32a2708c4fb7d5a85c1d202fbdabcdd6a2cced0099249640443b551
- SSDEEP
  
  384:0Klm7i+c3QW6ckPhyDEaLnz2bbBBIXwZ:hqi8BcyhEhL6bbTI
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  c0a60e2104eb0e4b0eac4eccdc048285
- SHA1
  
  7b14600bb1e3120b5cf9aa6d5fd41a6f20f62e42
- SHA256
  
  977c38bebc30b0b1de5338ab237ebfdfb7df87450f347d85fad28131f635c172
- SHA512
  
  d7bf507c90145373acda753b14eacc89190c61d760ea30aafc864498d09475dfd0336266eab4d95fd53ce03d1e57aa772e3ede29dc67b2f060ed12116e5c5130
- SSDEEP
  
  96:yLJdRZk8OkmE+WHw0FMXF6CWhFxKpKsaQhEfP0:yLjPk8OT30FFAHCP0
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  0c8ea8e6637bbf8408104e672d78ba45
- SHA1
  
  c231c7acaf9abb7da93f28e1b71bed164d57103e
- SHA256
  
  509a93177a7ae130bc3b6b5ec3236c7aa0811b8b86f8ab3442c65fdf8ff85b1f
- SHA512
  
  ee763a3cdbbba3b28e6a903ac942c7228bd8e54b19de21d6187e481f2916d833d9b9800e5ac2998f4aa26274cdfb20a8bfdd10f00f2a15d37bcc529b617e1f28
- SSDEEP
  
  192:+OSsJI/rqmIDNLU0dq51EgAiNbubv68LZ:QHQQ0d01Egbq768
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/bantam.dll
- Size
  
  99KB
- MD5
  
  17f56a4ae862934a2d7e702021bdc5a1
- SHA1
  
  a7a619a786331aada902f43560a1cb0b55b6992a
- SHA256
  
  01c8fac9f5f519dfd0314ee7eb70da64afc53bf82f7831a9c16add63fde0b729
- SHA512
  
  bf1f5664d65d02737ddd965b40beeda5eb1ce05f4760d509616ddd6c0ad209c72ad3c440911473d1757107e453d84c50d752628153b2d97d3f7f35227b5ed359
- SSDEEP
  
  1536:aoBakczJxYs6SO8e0FvxreYh1S75s13ro3GZhB:aI0JxYs698e0FZxhejGh
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/bdeadmin.exe
- Size
  
  966KB
- MD5
  
  b6f1e5456e5abb59dd9c37bab5f19139
- SHA1
  
  83a7d9bd80092fa489ff1a2745c24876af6ed70f
- SHA256
  
  7e0d3ed23e5340dc165bd4cb34712a270c2fef23acc80008f04aa6f38a3b9ee2
- SHA512
  
  7dca7375ab911a281c5773e2492ffd33541def091aedf8ce5beff9591f46533a81972d5df2e582b7be1037abc19067c234efb9833c00ddb3a8d519b0564c03c0
- SSDEEP
  
  24576:IEpzrmUHJ56zIgKDuENxM/jTRBpw7d3DR6vWl:NzCUYfa7dTf
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral15 behavioral16
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/blw32.dll
- Size
  
  44KB
- MD5
  
  02829fe799feeed0fb7e6d21ec16a693
- SHA1
  
  7e7fa1cb0806b74a8a9e3953967d812bf98f03f9
- SHA256
  
  64c4899b8ce8b488f74fb260cc8cb08e263474ae359ce70778616e2cb21e39a7
- SHA512
  
  e9ceadd922da7e3efde99c3ddbbf74ad2c99d35cdb2bbcfcee2c93719f770f367f321c9de09c47226d1463116382323510acc2eefcd3571e765f0e7393a4db2a
- SSDEEP
  
  768:fKDeQ/rUJ1Rmbp1OKnfDYpeF3CVu2/TAVdIbB4H4oGBE+/W0:K/M6TxnfDbFsrArImGZ
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/idapi32.dll
- Size
  
  575KB
- MD5
  
  4de81f3fd32b82b6bd813203205dd7c8
- SHA1
  
  f725e57294276bc03ba7c0b37d767b11ea87730e
- SHA256
  
  fc2faec98fd7167cf7d25fa773ec8ecead0dfc678ca1ffaf6b34f78bac91a91e
- SHA512
  
  73daa12e0533161e39abc2f3a33befd87b2ffaaa909c7801571b4944ba0f3e2bc27d324f0c27dfb963289cb66127d3e763e323a5ea292ed88e81f5ad2ac9f28e
- SSDEEP
  
  12288:zDBke8E5cre8ZacFRrVUl5eXH+1lIH3Yzpewk:zVke89e8jbWLeXH+1luspE
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/idapinst.dll
- Size
  
  111KB
- MD5
  
  96a9675ef362b107205a3ac894be81b5
- SHA1
  
  e71a3ee0b1e1213fc21ae50b1816c8f8f4e2d037
- SHA256
  
  d355ee6482a7726e874ab49f59f6d3bcc981e5aaf196bd915cc6841e0f163b17
- SHA512
  
  cf7a5cb179d93723216454188980a7de5aa26f7c02fde61d127880533f64c175ad9bc370ad18f0feb141d8cd682d43b0a2ad20893c9576d5c79cbfc9c4a33454
- SSDEEP
  
  1536:pT8jaZ1sAkSDdoRg6FxU7Zzk8h0xwWVrhGsVtv0rQCTmoECTa4:Lked+NFNu6wWVrXVtvST8
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral21 behavioral22
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/idasci32.dll
- Size
  
  113KB
- MD5
  
  ec39e51fa91da0a79aabdbb1ffc77bad
- SHA1
  
  6ed43f2f256d0aa38efb93f10d3ecb096efb61bf
- SHA256
  
  d01b27eb0da5f83c920f869cd4d8274039e5cd49b80f52741a59c2405f80c0d5
- SHA512
  
  c7622f3d72e17ec536aa0355517bc8acd91dcf77b010fa6d790f4f3d43e922428af78153d60ab3443356fcd0bb82f4de4bf7b5f5d85a0698ee242125014b25e3
- SSDEEP
  
  3072:lhFeyBuyJ4AOUAnfM1ERRcePy9FR18fAbdMGUV:l/eyJlOPnf8EReFR18fMa
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/idbat32.dll
- Size
  
  136KB
- MD5
  
  2538200ecc0d8023a78799b47dec87a9
- SHA1
  
  21b3ea7043fa1482aad7dddbb4ef231c22e14a18
- SHA256
  
  c616fe3782c16734e969d809c407d9d15620d5bc7177e5f619309b9b74125904
- SHA512
  
  556589952eecdc1cda3878229cdf9b27f3f2f3c5e7b1d7515cb43b3daf898f021eaebafe5d2cca0f96f16f7546653fa068d1eefcdf44964e03b582a36f695e3c
- SSDEEP
  
  3072:RC+I6OzXQNwxgT4HEM7yczHn1EqZRE80mSAUVF90pypyqiIRzwOJhV1MbPHLhWzI:01ziwxgT4HEM7yczHn1EWp1YRgHLhWzI
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/idda3532.dll
- Size
  
  587KB
- MD5
  
  6a6e8291fdfde36511c5b0f5a4db5f4d
- SHA1
  
  cdf8897129825421fece7066653d4eede52795dd
- SHA256
  
  195a7ca6a6933ebd514d560576b7d3053ca5e1286ce85bb44e3b65fac988420b
- SHA512
  
  43c219ba7a3b96dbc5b649c1f060b174ef6d35261053d5dbe8a4c47f31aae5555d4b22912a6e56e5009c92089ecdb161e2a1be00da22754895ce5001aeeaf547
- SSDEEP
  
  12288:KSXmNiTV47HV/aMqs6twUW3yQ8+zO55wUAg3hig:r2NoVsHNhqltw4Q8+CBhR
Score

1^/10
behavioral27 behavioral28
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/iddao32.dll
- Size
  
  632KB
- MD5
  
  f96d311b9a437035e7837f1c047c8eaa
- SHA1
  
  384ee1dc593b7156f638f2044740bf715c75f924
- SHA256
  
  88d1aa5f375c9a1c5aa1ea1486cc9ff2ac63fadc85b5992ae0b212be816b43cf
- SHA512
  
  836be316ff449c86ab785e7665d3b0f4bf981ece91c46b3533242aa545784147e35aba37ec4dcaffa182912a855b083004abc820b52225cbade9d1a42b651adf
- SSDEEP
  
  12288:E4vhj2+vb9+w4PaLf13tgcWJhxSXdcWW+8N:Eihj2Ob9pHp3+cECK9N
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PROGRAM_FILES_COMMON/Borland Shared/BDE/iddbas32.dll
- Size
  
  443KB
- MD5
  
  619ec7ac2d77d958faed83da6edda1fc
- SHA1
  
  6a1b9aafa67aaed65e7259226ee9e16aa8c09d19
- SHA256
  
  9955fcc1e214b15dce432a61d489d2de758169a70306d92a27f1c20ea6b45025
- SHA512
  
  7c8c4a2bada39369585f8230969a586494ea14a353f13dedd3092696acbd7d5f473ac95a6288ef355788aff68fcae6f8a6f1bcec47197551510c1080ef6a021d
- SSDEEP
  
  12288:kmTXk3dvrcmHKWOArwveWs1uhuTLL/ZFU60+Lu:54xrwveTVLbZFU60+Lu
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Enumerates connected drives

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32