eac0f3d162b8aa13eb8095fb3c871f6a787bc287f7afb9eb49993a3396c2a31f

Resubmissions

25/02/2024, 10:14

240225-l9r5xsab3s 7

25/02/2024, 10:08

240225-l6argaaa6s 7

Sharing

Copy URL

Twitter E-mail

General

Target

Shaderium1.4.0.rar
Size

67.1MB
Sample

240225-l6argaaa6s
MD5

3ac926cd05476cfdf19382f233296197
SHA1

2a5b724ba95ac78d27048e46af90a5ba36e829c8
SHA256

eac0f3d162b8aa13eb8095fb3c871f6a787bc287f7afb9eb49993a3396c2a31f
SHA512

2ab0704fe34d7ebb38e54c16e89900c88fae07ea948a9f11a6f0fe7f0ce6bccd818da94dfba739073ecbae91a4a1c4085b536424953f8e8a73e188d5322c1eb2
SSDEEP

1572864:LrziNx5qJRvEC8AA7qIsklM6uECzJRFnc35lkFcF7vz1PzL:Ox5qJRvtA7vM6HwJRFn8mqzL

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Shaderium1.4.0.rar
- Size
  
  67.1MB
- MD5
  
  3ac926cd05476cfdf19382f233296197
- SHA1
  
  2a5b724ba95ac78d27048e46af90a5ba36e829c8
- SHA256
  
  eac0f3d162b8aa13eb8095fb3c871f6a787bc287f7afb9eb49993a3396c2a31f
- SHA512
  
  2ab0704fe34d7ebb38e54c16e89900c88fae07ea948a9f11a6f0fe7f0ce6bccd818da94dfba739073ecbae91a4a1c4085b536424953f8e8a73e188d5322c1eb2
- SSDEEP
  
  1572864:LrziNx5qJRvEC8AA7qIsklM6uECzJRFnc35lkFcF7vz1PzL:Ox5qJRvtA7vM6HwJRFn8mqzL
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- An obfuscated cmd.exe command-line is typically used to evade detection.
behavioral1
- Target
  
  shadersandtextures/main/composite6.glsl
- Size
  
  6KB
- MD5
  
  9f1a7b087c80975905d7bcd9049441a2
- SHA1
  
  1fcb821e43db9727b124a45295b60b34b511963f
- SHA256
  
  19eadb70187f44f1d6842bfbd752a0c933fef2a1803105cfaacdd19ccca45c48
- SHA512
  
  3b4fccd34774ed8924c1dcab934f7b5cca4c275c58acdcd1efb9618bbff526a64fa854f8303c0a66a9688c24696032e3a2097020ca361cd31094cadc30621b33
- SSDEEP
  
  96:DCR8tXGrpYDqV9JljCT/YR/bf16nUz8rEEfEEIkKvvOi5pQFUQjH46:DCR8tXGrpYSjCT/816nUzkZIkGvb5Spx
Score

3^/10
behavioral2
- Target
  
  shadersandtextures/main/composite7.glsl
- Size
  
  1KB
- MD5
  
  a8532c8fdbc9292baa6236c5fc0ad9a0
- SHA1
  
  289b1fc3c9ce7689a9576c83956a81fcc62400ba
- SHA256
  
  938d69d1bc278555bd4a2ba4aebd079e551305926a054d3f93a6eb3b0f8bd60c
- SHA512
  
  24963fce3b1b788f4c2d470bc8c6020bc305171dfdfe99959a0eebff8876a99f590f3d2ab10a92a1bcded173825a735b702ef2c9b32b3788f1f320a6c6e094f3
Score

3^/10
behavioral3
- Target
  
  shadersandtextures/main/deferred.glsl
- Size
  
  2KB
- MD5
  
  3d49713ff479770fb98e9323f1d74102
- SHA1
  
  651e2c06291be8f757edb9be5ab2cee3e1e8038c
- SHA256
  
  0fcf6268774428ad6de8305882e73d3b66cbaea0f40d6a16b922c29539e81265
- SHA512
  
  175df507d7c2beb4d8a404c2e0848c86c89111d67d8a42af14ff3151b013b64229a4a42be827c1e39c2bc53934a2adc5691a444e9c54432f19b8aaaab8d5611e
Score

3^/10
behavioral4
- Target
  
  shadersandtextures/main/deferred1.glsl
- Size
  
  8KB
- MD5
  
  60fb1798c262d119226a39268aa0e480
- SHA1
  
  54e4480a454bb21cd5ce4f3c26a75513ef4adb14
- SHA256
  
  1ea9b833febe065f8bba165a6bce2c30263a1255171444ea9008525ee5ac670b
- SHA512
  
  c3a1e68e788e3aa2e4763dc50de16f787ee601e650d4f40323ed1f8f0817e28efd9bcba63d859ac36ac0835b2c077c60383c036ed6c3e7ee10ed4360926f52c7
- SSDEEP
  
  96:DCINYe3Dt8KFdLC9L7HdgwtZn4WZutvZrii+KGwCtYs8dXiij:DCINvt8Uatl4QujG7wCtYs8dbj
Score

3^/10
behavioral5
- Target
  
  shadersandtextures/main/final.glsl
- Size
  
  3KB
- MD5
  
  d4def58e14e301259eb0e16db6ebe2ae
- SHA1
  
  fe0847776103edc317eae524fa7aa5b3ad04c106
- SHA256
  
  36adaaebdfe23c160250ec2974fcfc0aa008a48e07531782ae3d27d169128bd0
- SHA512
  
  207b46949b9ab1e50dc59e6196127eab777d79234931cf1ff84d01e469340cf1e2e68dab5a4ea7877b20952616174a79c61a2d90b9616cd8d4c2a8c433dc0a63
Score

3^/10
behavioral6
- Target
  
  shadersandtextures/main/gbuffers_armor_glint.glsl
- Size
  
  2KB
- MD5
  
  fdaa9da15fb118772469dfd8bf3767cf
- SHA1
  
  d4e25b0b103adaecc441687b4d71661d35b409c3
- SHA256
  
  8c2c089c567111f72eb41389017fecd917e4c7b28e2cd1ae8a8a6f0cca2f0945
- SHA512
  
  e39fde80ef388ff3453dc2e8b3c0b3b0b19126e6ce242f5967f400b78e7153a3a377ab6ffa3bab061ddb882d52afba50523aa76ad3f5f5f3d5dfa273808273da
Score

3^/10
behavioral7
- Target
  
  shadersandtextures/main/gbuffers_basic.glsl
- Size
  
  3KB
- MD5
  
  7b8ce40b37b0f4f85e99bc1955436030
- SHA1
  
  8da411775af7a131ca73056dc45ceaa532af40d5
- SHA256
  
  3a6d0203ccf72d34b061fbd48bc1999e036f42a802edaaee771895f3b8a56373
- SHA512
  
  497851f129494dbf94dfd0199cc195bbe7b499957c07d43d4a61e254a239cab8fc9a630276b63d4701ff043a8b314f5f2a702417210d7307b62d202d62e7361f
Score

3^/10
behavioral8
- Target
  
  shadersandtextures/main/gbuffers_beaconbeam.glsl
- Size
  
  2KB
- MD5
  
  b8658fa9cde080972dfb233ada4b5955
- SHA1
  
  b77aa166a2c5b9df6df7f44c55b048bbc71fff32
- SHA256
  
  3970337b745273c9a2599370290f9ded9ab1e90f5be90521ea594d3b5440c0a1
- SHA512
  
  69e3830c215e45560946258636bd2d4accfb899688038843f6842bad55fce1ee926426fa2c9a4de2f841c2e44ce729cea7bcd8cce0eacc13c812b440bc464e28
Score

3^/10
behavioral9
- Target
  
  shadersandtextures/main/gbuffers_block.glsl
- Size
  
  7KB
- MD5
  
  bd23867c3b5719e32923683f30171be9
- SHA1
  
  3bbbe78060a1e01fa99ddf5f8eb2cff0e94edf30
- SHA256
  
  9043a3579342eef559f78baa742a3c8420e8b0816b327692d557460f1b94b6cf
- SHA512
  
  96fae521088c232a7561c7807e99d9a93ad71ee7ee5355c3e8bc2feb5d2c1545a312c1a36baf31121426beec98eaf48b58e1dc79fbeca19c583b24ff8f8134f9
- SSDEEP
  
  96:DC1eyRcCobtqgCZc74Qosqt1xupw7Sm+tjYI/F29gZ3tsBR:DC1pc1CZc7ts7ll9DR
Score

3^/10
behavioral10
- Target
  
  shadersandtextures/main/gbuffers_clouds.glsl
- Size
  
  5KB
- MD5
  
  8b6c775b9a4ede52a561c482d717041c
- SHA1
  
  a7039b4502dbb5f33e6cdbac1508253916bb17a2
- SHA256
  
  5a4d004c40a1463387d15826d2bf4f675bc83642dac48d8fa9c6be8fde1e1861
- SHA512
  
  fec8594c72dc7c1997694a337eac6ea28578e955b62c26eb756165f9cd481dee4c13c26856b4ff041aadc0786ab7f55a9c46367621425d4f1e373afd47c43a7e
- SSDEEP
  
  96:DCQXdwylTzVDVc4o/HCvMC5OTm+L0+xJCVkD5:DCQtTzbcrYsu+jCVO5
Score

3^/10
behavioral11
- Target
  
  shadersandtextures/main/gbuffers_damagedblock.glsl
- Size
  
  2KB
- MD5
  
  1860808bf153bcb071473930cd20bd13
- SHA1
  
  0b7848022d62decd7d09135fa65ac65ac0ef9564
- SHA256
  
  c64ca945ae37a6eea50253683fccc52f0a75d17629bcb48e3cbf59a321ca936e
- SHA512
  
  e3202fa3aacf86b5c7bb025995b12942b392b73d984af3c558a8a38f0642b5f38e3d99b083f36fa626410b28558a291592fd37ab3d953996650d1d2ec3792008
Score

3^/10
behavioral12
- Target
  
  shadersandtextures/main/gbuffers_entities.glsl
- Size
  
  6KB
- MD5
  
  31a4a9f1566007525ba9c732e96930d1
- SHA1
  
  38e3034420aa187bc585937789499ea62f6d1b78
- SHA256
  
  4903e8478d10738c2143ce73e4e37d02ec4c2c6d422292e5907705f40ab5c412
- SHA512
  
  ddc804ac51da31186c556ac5f8bc8f171ec7d8406ff910d0222cdda8e237f26a2c080428e83520c88a9117778b4bde3f17c1efeb2485fd65753bb18668fccee9
- SSDEEP
  
  96:DCraRcCibn2VgCZW7l9oGqt1xBwsmDm+tl8FDyJ3tsBR:DCWmj1CZW7XDLeFywR
Score

3^/10
behavioral13
- Target
  
  shadersandtextures/main/gbuffers_entities_glowing.glsl
- Size
  
  5KB
- MD5
  
  6ce64d83865665535bcf257bf2af2f58
- SHA1
  
  76d31309ba1450f769d07e1af6d63232a2d8c939
- SHA256
  
  ccc39733140adf319caafd7f6013d067bfc8f6b513595598439fac22261607e2
- SHA512
  
  88c5125bfa472038fbb95e72d35e39dcee8ae98444fd2b6f7c292d59cea8e92766731a1731d8714d8a027e91e09d8129aae75865e8bda310d46d6d0bc171138b
- SSDEEP
  
  96:DCpQRcCibtqgCZW7ljoGqtVx6wl1lV3tsB+:DCSm1CZW7Zal8+
Score

3^/10
behavioral14
- Target
  
  shadersandtextures/main/gbuffers_hand.glsl
- Size
  
  5KB
- MD5
  
  0f75063f6088e145a627d84ebed04b41
- SHA1
  
  39521a723bc319b5141adc8db496036223a44443
- SHA256
  
  a231f49ba375790d13da3a8585dbe412529860394c037d3ea9ac4d81372fa065
- SHA512
  
  dfe1cb45c3b68c8283d997c9b07339b8fbe3e73e5da71b9af2610d8607447e36c14971a9945dc6491da9e57d3e4fbf5a828bc4073c37dca75449db6217a5ad1a
- SSDEEP
  
  96:DCpwRiCibtqgCZW7kQoGqt1xBwsmDm+tlV3tsBR:DCSM1CZW7TDLCR
Score

3^/10
behavioral15
- Target
  
  shadersandtextures/main/gbuffers_hand_water.glsl
- Size
  
  5KB
- MD5
  
  0f75063f6088e145a627d84ebed04b41
- SHA1
  
  39521a723bc319b5141adc8db496036223a44443
- SHA256
  
  a231f49ba375790d13da3a8585dbe412529860394c037d3ea9ac4d81372fa065
- SHA512
  
  dfe1cb45c3b68c8283d997c9b07339b8fbe3e73e5da71b9af2610d8607447e36c14971a9945dc6491da9e57d3e4fbf5a828bc4073c37dca75449db6217a5ad1a
- SSDEEP
  
  96:DCpwRiCibtqgCZW7kQoGqt1xBwsmDm+tlV3tsBR:DCSM1CZW7TDLCR
Score

3^/10
behavioral16
- Target
  
  shadersandtextures/main/gbuffers_line.glsl
- Size
  
  3KB
- MD5
  
  3028bf067febbb79cdd89a07f2f638df
- SHA1
  
  17f552ad1d49cb8995d1ac0d9185b4a77d467f52
- SHA256
  
  afe51f188e582ea88e2c6ac98ccdcfa28f37348f8908d8780024aee350d45440
- SHA512
  
  e5d5174789129fed162c8de5095073c21d2dc3e6adea3936ad681ced0074c62c7c9d3445497258ae8afae03b72fe9193f6257e22bb2f7dbdf44d2a7e9ebc28bb
Score

3^/10
behavioral17
- Target
  
  shadersandtextures/main/gbuffers_skybasic.glsl
- Size
  
  834B
- MD5
  
  0944fd7500858af33d8f62b9e41fac6b
- SHA1
  
  00cb1fd1136561a43592d32fee23d804b72b5a99
- SHA256
  
  e0f2f6950adf9d8ec633b23e22f186265aaa6c991bc088be623212b4e5eea309
- SHA512
  
  250787516113197a93fb3698b8f97b870e29bf76dcbc40c2e59c7ce50ed5d5a8f955146ced04593089955b2d3e4074927a8b87ad1255e674ec14c61b1335fca6
Score

3^/10
behavioral18
- Target
  
  shadersandtextures/main/gbuffers_skytextured.glsl
- Size
  
  3KB
- MD5
  
  014f8b6b1e054060877eaa90a381eab8
- SHA1
  
  d925bbe737f95a54eff44ead3fc069282e0aa916
- SHA256
  
  6f81cea724160d0e829f20f51875f41a43054d61251a60f660abfa4ee2d606ca
- SHA512
  
  0cfa930be773781765eaa6f1a7572e8a740c5e6fe786bb1d3eb726d71f3ba25d998c2a790e41d3e6965191bbae526a1efd4facb9cda6e25d5fbe696e74f5e51a
Score

3^/10
behavioral19
- Target
  
  shadersandtextures/main/gbuffers_spidereyes.glsl
- Size
  
  2KB
- MD5
  
  7ecd86447bd4601028e1cad2ff406898
- SHA1
  
  50d2cf02647b78204676aa61ce8aa5996af6dcf4
- SHA256
  
  ba9972c36198233508ee592154bcd3c6c21ae79aa8ac0b6f270b019dc5b0fe36
- SHA512
  
  03eccca149e6d7e7116af996b001ab0a0223257ba89bfa208de8d89ec568491700fdc58563f8e2cf98586420ca18ee36c4add64a34e9a4ffe9433feac1371132
Score

3^/10
behavioral20
- Target
  
  shadersandtextures/main/gbuffers_terrain.glsl
- Size
  
  8KB
- MD5
  
  8a8b70dc1d45b096f4e104455781f37f
- SHA1
  
  2b75a20b8a5892aea34ca679d27fd461c45791bc
- SHA256
  
  119b5bd273ed25a36bf3fff8d389e1681959301a6c9594557fca377540fadfa4
- SHA512
  
  784bfbcaf6946a515e1c63b14fd1685343b185e7ad36af1e3b4b1bdaf3a50337518d07234c8cee1914ae1c753ceccdb3bce61eec1cf65b3f950ff044cd223555
- SSDEEP
  
  96:DCD3slRV3CpdwvNgCZc+UAbxtE0qt6xrw4Sm+teVuab3tsBR:DCOHc3CZc+UUW4jjaR
Score

3^/10
behavioral21
- Target
  
  shadersandtextures/main/gbuffers_textured.glsl
- Size
  
  5KB
- MD5
  
  712167cc6343c3b45ffe092d67f8eee8
- SHA1
  
  471316001bd707912edfa7f12f0eec475f8443ce
- SHA256
  
  a80645015ab2df7122d8a037cca0b0ba72bdafe5201b7c4976984177b7c937c4
- SHA512
  
  967738b2909d1509a9beb73fcb8f33716164f205e959df43ae5043562bfac0e343cbff4dec9d50893e7d779c87a0562b10ad8efcfae3fc6ef56d600b02f9786d
- SSDEEP
  
  48:SQCQcUXz+CrSYhZoJBC1baDKhZsw9SJISseAgDm+7RCrA2PnJAEfTZPJwsR49cIN:DCQczCrw+QMasmDm+7Oh/uaP+R9MVUDX
Score

3^/10
behavioral22
- Target
  
  shadersandtextures/main/gbuffers_water.glsl
- Size
  
  10KB
- MD5
  
  5886e4fa6396930150cb1416e9655108
- SHA1
  
  0f32295a9f0842fe836fa96caa7bbcab9fcf6f6f
- SHA256
  
  ad47e83487815727c27b4f156da25940d66ac90907ae0c65fd153ea388504b47
- SHA512
  
  d18add9f714f4b9dfda96c99424fa0b9b3b3de6570723aeab5b9fb9c474271c1be6d790d4a57f7dedeb27e6b27c68199f18c065f769d2386adfbdd36774ea88e
- SSDEEP
  
  192:DCNOazECZc7/akDxuQwKPkMjypfs4xvNk7GR:OsaQ/aQZ/kMjyVRxlk7GR
Score

3^/10
behavioral23
- Target
  
  shadersandtextures/main/gbuffers_weather.glsl
- Size
  
  3KB
- MD5
  
  379346e440249c33dc3b8a6521edbc1f
- SHA1
  
  c7e55773a0812b2c58d9f851412369390c558050
- SHA256
  
  ebb2875cea8f7c218ab29b49bb7b62da5dda0b023fff6ddd3d94a3736bd6fc72
- SHA512
  
  d8885160274d0444f050cc9b22291e705da5ca4f801f864dede0df9a0b0c4add4e44ca210841675caad2539ade500b04e83f856d00f713f2d73fb853b83ffcb3
Score

3^/10
behavioral24
- Target
  
  shadersandtextures/main/shadow.glsl
- Size
  
  6KB
- MD5
  
  f80b5596fb22b19e93045adb2d9a280d
- SHA1
  
  903ff8ce44e79515f6951572656b1e14d65244fe
- SHA256
  
  d0c249de07d69d86a999cd36d5c670fed107fffcb956e744d6835af20496aa42
- SHA512
  
  f3b4ea1a16d7558b47c2f3fac72a703b7023584ada1e09db68b9921928a17e78c091260ae56e77ce6d2ecb54e9d02e5a1dd26b11ab14f733ffc7b0a05cac87c6
- SSDEEP
  
  48:SQCgh9rUXZahOqW5WRp+JYqr9ds3aLvLBxRuLZmDObzUBZKAdN0IqmssiW5WcHGN:DCgbrJhOa+eQqarwsN0KVi8A9s40W
Score

3^/10
behavioral25
- Target
  
  shadersandtextures/shaders.properties
- Size
  
  10KB
- MD5
  
  bb50787703c4fa36a1c51ecea9b7364a
- SHA1
  
  1d32a825bbbd2d717712d4731088de65ea5d1083
- SHA256
  
  f67a4a7ff8703490f991c0d4572948cf2a9ab1d142042b43691099f9ce6468bc
- SHA512
  
  64624ec8d17b1fb8ca3e601f608007643d35d3a600f0c5ccbccaf6249b3d2f8f76cd282c0e6acc76932af39ad272b9903885eaa2f2552652a9e37733ca23575d
- SSDEEP
  
  192:c/TBGvFeFhkymhGFZjdR96RmIt+YVq39e8pViuxItFBXjhgKCeEtOgSIZOjU7+XA:WYFih996PobpViuxUBCOA7+XA
Score

3^/10
behavioral26
- Target
  
  shadersandtextures/shadow.fsh
- Size
  
  171B
- MD5
  
  d34d956a5d7b345813624145e27beaa2
- SHA1
  
  79a1e9f6753dd4498c523c4a4180a765188a8d40
- SHA256
  
  147b70d0ab2d42ee6abe3963a60f84825f8a9c6dc5fa0321acf04a47a496b66e
- SHA512
  
  2f0b2b2900d5f9f4e4a299ef40e7e6e720c0757dbcfc8d8996b6363ec7923f26031b54765c321fb2648ac7e0fd5ee4564d741f28ca25c047817b298d14433534
Score

3^/10
behavioral27
- Target
  
  shadersandtextures/shadow.vsh
- Size
  
  169B
- MD5
  
  a68811c4d4a94a1d8e1cb29f0dfe2fc5
- SHA1
  
  9307f7d57dc15cddd3bef7cdd99b2cc788fc2754
- SHA256
  
  bfd93dbee7bf55be06bcc35255d302405893e813cc33c4b7c1fbe697c43bbca1
- SHA512
  
  76613c12259e3b504d10f05904949b9048d6f3caa23595299cd02d0b93097f490bfe403c0b2181d646251f92ccc2ec4db38701355bfa923693f2ddb3cc11b870
Score

3^/10
behavioral28
- Target
  
  shadersandtextures/textures/clouds.png
- Size
  
  21KB
- MD5
  
  08accefce52fd23106aeb62b975fa9db
- SHA1
  
  128837882eaa36b9f0cc59a71d3b02c4bef51436
- SHA256
  
  4e2a09837db61693dff33aab65c47d8ef4254b0d4f22dce9022ad84e9c050ed2
- SHA512
  
  662e431155db92a2bb7678f2536f4a2678b6bae99702ccc166ba23bb6db5b2c3b27990b531b53d33f7a7f2c752270be9fa9e5d7b84dd68ee4d0d622d91a12899
- SSDEEP
  
  384:UClGbrGDaATK1zHQGaV8jHBvJEm3+xhzhQRkZpAT8hCuxLItPnMy4hnX4ltyovNa:f4brGeiK1zwGZzBv2zCRczCuEtPnMy4L
Score

3^/10
behavioral29
- Target
  
  shadersandtextures/textures/clouds.png.mcmeta
- Size
  
  68B
- MD5
  
  d07d57babdadee3fab45e1388b216209
- SHA1
  
  4b2f8f95bdc62bb816df5c2e65fe7661b07c5b84
- SHA256
  
  d8694bbb0202b35014edf84fa347037164d959e9c4f5d7e7dffdc78814a06bf8
- SHA512
  
  fc4c8b1906576dd4fe49db25d456a02d57d602c1931ae8afa8abb0d51ece112e8638e1664d37eed4a64c9296e91da882bd1f76d962cadcf2c505656fef6b3048
Score

3^/10
behavioral30
- Target
  
  shadersandtextures/textures/noise.png
- Size
  
  196KB
- MD5
  
  e32adbb2e65239d216ef1c64d0f05561
- SHA1
  
  3f7be852118822c2327c3eeae2e4a8629c6a29e7
- SHA256
  
  7679731ec623418c74552c12beba267a00f332d851ba5f255fbe185f5d72c419
- SHA512
  
  bd1a7f7f13777baf7560bc4e4d4fd630e0667549e7616fe4f977d1aff89dd401025e7757632413dac214de78d536e207ee6d4b65fda1540f2fbdb7c3cc8447fd
- SSDEEP
  
  6144:1gQeqaw7mdcOKFS7Vp9GFpfOSjIf3luatgmA:1BawOcOKFS9GT1jI91CmA
Score

3^/10
behavioral31
- Target
  
  shadersandtextures/world.glsl
- Size
  
  13KB
- MD5
  
  0bc829a740532ee460bba31b5ff8082a
- SHA1
  
  b52321b679e9abcd64aaee06164e539766fa2d9c
- SHA256
  
  a9dc937a860338dfc78d8390df50903cdcbee7ed0b8d1bda63e3845b506961db
- SHA512
  
  0fb057e5426b68751b93d996c8cfea04b77a1a829e8e2429036d80bc10043814cbeaa33e3afefb5ccecee8cb6c1b977724726e266015d24141b4f3353ebdd4d3
- SSDEEP
  
  192:4baztwHaztw2aztwfDtwMyHHHPHxyHXHfHZyHoH+H7yHAH0HvyH5HoHGyHGHCH25:sAtwHAtw2AtwfDtwZj
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Looks up external IP address via web service

An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32