ad22b402125cdb9127b46025bba11b344117e893a79c43c87e0e2bf29ae3260a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

939063f86f6eacf0d7b303df8979fa41.bin
Size

9.6MB
Sample

240225-dac8qabb9w
MD5

939063f86f6eacf0d7b303df8979fa41
SHA1

4668372affc7835e629b329f91834603d00b608e
SHA256

ad22b402125cdb9127b46025bba11b344117e893a79c43c87e0e2bf29ae3260a
SHA512

7053b28b5af0763ac2a96cf273283bb6d8c58435bd3b81963c6e067d824f2cf325a2b0d7ece0f6eff7e69d4d3b9b6a886f3b7375585db78b915d41d92c4944cb
SSDEEP

196608:u5vWhG3Yg36l9dlNj3HZtOLPk603asQkmHLxtZttxiO5H7fCi/:RsIe6l7KA62QkmH1xtjxqi/

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  BalduG3FixOnly/DESCARGA MÁS JUEGOS GRATIS.url
- Size
  
  113B
- MD5
  
  438433a51e67896ebdb909226217830a
- SHA1
  
  867df7e8d986eadbab203b98b2c0dec77a833df1
- SHA256
  
  96a001f21ba2aa780ca1b0aad681724e5554d9275dc6888188c405ef70b382db
- SHA512
  
  d2cff74b3513ca9105af44c49c66dfaaa7793a8720c136a1bc7e595a3d1f17c70269c3d20ca139e899d4aa3af8c8c8b498a39a8cfa24eeb6b92130bfe47ab697
Score

1^/10
behavioral1 behavioral2
- Target
  
  BalduG3FixOnly/bin/OnlineFix.url
- Size
  
  46B
- MD5
  
  59bf167dc52a52f6e45f418f8c73ffa1
- SHA1
  
  fa006950a6a971e89d4a1c23070d458a30463999
- SHA256
  
  3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
- SHA512
  
  00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  BalduG3FixOnly/bin/OnlineFix64.dll
- Size
  
  11.0MB
- MD5
  
  43e572459a59f7abcfaa1341b73a49fd
- SHA1
  
  f1b660679e734089f32b7984320f00fcc91e6da4
- SHA256
  
  09d3a0e6a8d2aa0f08cc636e1232b684dea13f7b7b0deddc1d68afb6ab60f4d8
- SHA512
  
  5e753c4ff5c4c613af0164b8ec4cf515ac00244c954ab07d35c422a2cd0b6bc729c8ad48dd82837093c7752c87d9b609252022a4eda8de2a115edacc8b320fb2
- SSDEEP
  
  196608:ZjJVWQg/vgFVWigVLI62OllSk9RKAB4+3/IcDJGUFYCL6SXtM1Ug2U:KXguxIuldRF4+3ggzKCNi9
Score

1^/10
behavioral5 behavioral6
- Target
  
  BalduG3FixOnly/bin/steam_api64.dll
- Size
  
  291KB
- MD5
  
  d4129749f93980bd6d6ecc6ebb7e085d
- SHA1
  
  449f5be5666f9b14996efd7098e22302a71c4dca
- SHA256
  
  e6a1be372c6080dd830df4d4cafe4ca6e219583672bfed67c5851b737b454cbb
- SHA512
  
  99b5087bf8ac055f0cb0bee3c283f80be4cb6976906ac9b26fb6198e319c0ef8d06895e8ca97412f7366b15294fc2eb27e98f6ed9d4a3b5f2badce63558677ca
- SSDEEP
  
  3072:B8Y+BDOgGIWcXSEJeRhqTMdU55UuT7+7JtN3RUOj65lhTbCMTiGu2ZvJpKCZyq+x:BYPNrQheMW5vTKxRo8CgCZyqO2CMnOYS
Score

1^/10
behavioral7 behavioral8
- Target
  
  BalduG3FixOnly/bin/steam_api64.of
- Size
  
  291KB
- MD5
  
  f3db5801dc9b75da671b39041e2e8bcf
- SHA1
  
  40d0ae44e090db49b2309fb152fbd3e11124a376
- SHA256
  
  a44e5537939ae4eebc69000589aa9b2437a667813a1657cc779198bae9b815a9
- SHA512
  
  9abeb8542ce48f3d263e9924a82cafa80b42b730636f1df6e594679482b6638997563b5d752d5505f25596a5d0e2f56f1255e4a94bb9523d47c180bc131e22f9
- SSDEEP
  
  3072:B8Y+BDOgGIWcXSEJeRhqTMdU55UuT7+7JtN3RUOj65lhTbCMTiGu2ZvJpKCZyq+g:BYPNrQheMW5vTKxRo8CgCZyqO2CM4OYS
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10