1017af31a073195593b55b196796718c9da5b119d43bc89c4b4d0e4b6611d280

Sharing

Copy URL

Twitter E-mail

General

Target

Rift.Installer.zip
Size

695KB
Sample

240225-zshf2scb72
MD5

9930b2808659651df25dc8702ed71abd
SHA1

738880f56ef531e2ea8fea0cca72d693e821d31c
SHA256

1017af31a073195593b55b196796718c9da5b119d43bc89c4b4d0e4b6611d280
SHA512

d1ffef7cc30f81d1c79ee767177747320f8e3bc1fb62d714f8b06cb6e63337fff69b2809c6a8e239c77858f62eaedd5b146cda973a63ee32833ab6a05931b29a
SSDEEP

12288:HX3J3H5k7PIK7Opi+aJeecAuo6O4squiI/Czc80hSo2Yn8jAri14vbJU/Jxt3c:3ZX5kLI++IEoucs0YE8gi1y2e

Score

3^/10

Malware Config

Targets

- Target
  
  Microsoft.Win32.Registry.dll
- Size
  
  40KB
- MD5
  
  e1d9a5b63a29e0be888ca6952700ab83
- SHA1
  
  819607a0c5acd057219e22cc1174a2e3078b9d6f
- SHA256
  
  340933ad6701077ae9b8035e4671803d86074ab32f2de8165acfdb954bd260f6
- SHA512
  
  5e153bc90195e20e503c8c04b1361598947de3500c8c6f6fd6baf0e245aa5afc7d84bf55787d11914a28c0e8186a29360a94fcc8b816f482045b7032ea8738d3
- SSDEEP
  
  768:JipxaP/LOgSJzldoB7ViedPHAsmlxPvyyE:AaP/ybu7ViCPHZmlx3yT
Score

1^/10
behavioral1 behavioral2
- Target
  
  Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral3 behavioral4
- Target
  
  RiftInstaller.dll
- Size
  
  52KB
- MD5
  
  86bc3fd651116d4c814a0aa1f47fd233
- SHA1
  
  33816a2da78157253eafe9ea0dbb0a922a3d318d
- SHA256
  
  2be1e49b6ad48acec04ebcd7a6c3c6ece234f0f33ce31b3932e46bace92afb2b
- SHA512
  
  1fda85b32e8cc4e2f0c02e04df4f3ba14f18faee8b833f2af93855a96f10c5eea5a3249bc96c7b4b4e3e07b49c0773a9dc388266ab5efd1ed4cce506be671626
- SSDEEP
  
  1536:KGmnrCHj74PhjXfir6bLebSi4bqBgDViPzm8Vcl:orQcJKrQdi4bqaUzm+Y
Score

1^/10
behavioral5 behavioral6
- Target
  
  RiftInstaller.exe
- Size
  
  186KB
- MD5
  
  dad87240f86e602ed610a01d46c67e9b
- SHA1
  
  2d548cf8922dfcd94ae3820851f8d747ce04dcbd
- SHA256
  
  2a5562434e1d9c4c8afaa794509e7d01626a6be5a13c3a35419dab6c7d30b231
- SHA512
  
  78376eba5cefe2ef17a8dbc82643b93d86b909f77f676a5d40132360c8b6094ba2b7cf3a8b0fc2ad64609c7dbc307b8c7c13dc26adb41145fcaaec63a6eaf4ac
- SSDEEP
  
  3072:n6eSqsywT/IiODn5Ikt8pKO9WpheWyutIRvuc54uxixi4bqaUd3+Y:nLDn5I7p8henFgPbyp+
Score

1^/10
behavioral7 behavioral8
- Target
  
  System.Diagnostics.EventLog.dll
- Size
  
  52KB
- MD5
  
  87072a8e0d0612fc3f91b7d4a5e21f2c
- SHA1
  
  d68036e26435524193439e70d0b14252fe4b3950
- SHA256
  
  c2d2e40907a42c232f50167753722da6c450adaaf6864fb4f1f477975ff3e527
- SHA512
  
  4639cae26d2ec2625e87097cbecc9e779bd5cc7c25d0028e237169804c92759b18865dfa0fc00c6073536efc24a02754cbade0c0c801e4669fcbd35dfb3aff19
- SSDEEP
  
  768:xh+bxanMCMn43GxsGbdqdMBDBjX+PFki6ej6mL+7NQ1OaY74OMv:xSxaabwGxihWNP74OM
Score

1^/10
behavioral10 behavioral9
- Target
  
  System.Security.AccessControl.dll
- Size
  
  54KB
- MD5
  
  2aa3be1a5e32b7fc89ee5460a2c4db18
- SHA1
  
  ff27582916b77d75df896399ede0b9e8ffe369ef
- SHA256
  
  93084849c17a21f641c13c9f17545cfe18c1ec097561f3f0ebbbe26f358ba120
- SHA512
  
  f470fe10e0033a8d96de8a747243eb1f90e07108873270d4ca538a02f46ab20232fd715b05a2f23357c0d58b0c845c4e7ea35f453b90aeda2942f36d57d6d498
- SSDEEP
  
  768:dfYY2UVC44RvZy5cgPWOUl9QR2OreWBkyNFazSuVN:WYtV+hy7WOUlYbrlAzhVN
Score

1^/10
behavioral11 behavioral12
- Target
  
  System.Security.Principal.Windows.dll
- Size
  
  36KB
- MD5
  
  a1f634780387ab0b5219a8741366f4a2
- SHA1
  
  0cf42e1bd78443ae1d6c16223a7ff463c5105d21
- SHA256
  
  7828dfd952a9fd49404477baff714849177d9f18c0654adafadbdcafb4b21f47
- SHA512
  
  77a1a74ed08c746c0de4d523d0128233ebe8af601127bff5a2531a8f062ac83d2e6c792b54ab17ecb0cd4ef4a9ce3216975953ceae8ebaf26374bf809a79bfd0
- SSDEEP
  
  768:Ur8Jx0w6kYq/fru6/EBiOBGyU3J8R64N3:NYq/fL/EB9BGyMJA649
Score

1^/10
behavioral13 behavioral14
- Target
  
  System.ServiceProcess.ServiceController.dll
- Size
  
  33KB
- MD5
  
  8cec91314808d30c9274b59b152b4f29
- SHA1
  
  272702eb399e2d0457dcbcf61e88afa684109b60
- SHA256
  
  c44bd57b8fe3366864c22069491b723db9c6978e930e509bc75404e1d30baa28
- SHA512
  
  38475d6bdf2fe4f7e4a2bcc8e3a34c1452056319f584dad5c355fb12aa7182f9d697c53e56b681e63581e6cc994ee950d0b53468e703ec33e8c7d634e3289d58
- SSDEEP
  
  384:s35fIYoim9rpcDo9f/rgN4KTg/7AGL2/ABNfV2D1Nlt9fM8VKWiWV1upaWB/uPH6:2WVEDYf/cNjO7AUN92D1NltyHMwtKI
Score

1^/10
behavioral15 behavioral16
- Target
  
  runtimes/unix/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
- Size
  
  36KB
- MD5
  
  0035b12417dfd1d22d43d696968cb54f
- SHA1
  
  76ae451be0b87ac0a7cd5de80edbe117ae191535
- SHA256
  
  f470c7ee0f99f5ceaa25f51970988cfbcddbe0f8dd8491ca3e9cf4f9f52fdb75
- SHA512
  
  600a2ce00f779d0a2f87ca23cf3c6d280067666879a3978923056b094815830aea9caba7a5e32bfc6a0b973c8d2a6d706eea1f73658ead840cc05ae705841f43
- SSDEEP
  
  768:hr8Jx005YLlU2mM0faosEbTnQD+o3J8RkK4Rw:4YpFosEbTQD+oJAkKIw
Score

1^/10
behavioral17 behavioral18
- Target
  
  runtimes/win/lib/netcoreapp2.0/System.Security.AccessControl.dll
- Size
  
  99KB
- MD5
  
  5ca4f84f2270a788fa2beef07a4789b1
- SHA1
  
  10471c83f8f24880edc09ccfde4464119ca7e9fa
- SHA256
  
  94d32fbe707c5a162c1f7e37b092f0ec39f5c03152609a140c9f85aa4f8768ec
- SHA512
  
  e5b7f40396515db845e48967f704438ea06359a4e4ff728fe98e44807a935bf44aa0e1c26d1976a4ee8d587f970cdb40f95f0659910fcda6f8f935968882042a
- SSDEEP
  
  1536:f8dCzHuriAqBpmBe2mmEdrrrzDhHbVudX0lqxDU:UMzHu+AOmBlmmEdrrrzDh7VudEqB
Score

1^/10
behavioral19 behavioral20
- Target
  
  runtimes/win/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
- Size
  
  79KB
- MD5
  
  e9f61f68df63cf7ac8353ca16a4dbd26
- SHA1
  
  0b94fa28a00c427536cc948e2b0ecd1f6a67a010
- SHA256
  
  0add93a25fd4e011db55cac9e7c062b807d98447bc8272cf3a24b06b7437c16c
- SHA512
  
  793a139769f93d74b59f7d46846d3023dc46e129c88a6bace865be9d97806832433248e65886c8d080e241201ad4aa04b4b664db42e612ad5408838afa4af89e
- SSDEEP
  
  1536:la2wV3WjgCUdS3gDJyUyEy7pZpH1I/GQhaH41D2wlJAw149Tw6:l7wV3YgUCKE6H1d41D2wcK
Score

1^/10
behavioral21 behavioral22
- Target
  
  runtimes/win/lib/netcoreapp3.1/System.Diagnostics.EventLog.Messages.dll
- Size
  
  781KB
- MD5
  
  6a205c78d14fa91efca3ae531d1ff7e8
- SHA1
  
  9e26e81dfdba74ae261912993de875d13bb0891c
- SHA256
  
  6444dfa03609248effd398e8562af484ad0163a6c47cee6d3a287ffdef809ad2
- SHA512
  
  fd797f528519bd9b864394c2a45afa5c7f94f58d1f2b55e0017987fb521c9f7292dbe1366be778e60352fa8f9a08c10b7299aea39deeee3a164bb105857fe7ed
- SSDEEP
  
  192:g/r3V645uWOL8/pCuPHnhWgN7acW5RjroUEKup3JdqnajvsKyhr:gx6Yi/uPHRN7y/oU7aJdlrsKK
Score

1^/10
behavioral23 behavioral24
- Target
  
  runtimes/win/lib/netcoreapp3.1/System.Diagnostics.EventLog.dll
- Size
  
  131KB
- MD5
  
  9556e85af3dcc23d7ea4592594e37a49
- SHA1
  
  d3544e10ad8f257b519f14894bad74d8f59b3342
- SHA256
  
  6070a3333a163ca1dca98aa97565d1c4d7bad12b51cfeeedbe4436f7d8a472f2
- SHA512
  
  2af44d97b6fb48aaf3342e6a99467cc9886b643b4eea27c44af27c8a40307d003a4315814824dd079df52b47af8a22cc01a368e6834ba043e59b90598239aa46
- SSDEEP
  
  3072:Nra+X1Yw5G/e4Y5zAbC9Ag/qs5B1zSDUjSZG/ekrFAZ7z7b:Ne6uuG/XY5zAYwojS0eZ7j
Score

1^/10
behavioral25 behavioral26
- Target
  
  runtimes/win/lib/netcoreapp3.1/System.ServiceProcess.ServiceController.dll
- Size
  
  61KB
- MD5
  
  dc0d3fad9416f70d88f545df166f921a
- SHA1
  
  e1536f8e46460ce52a4d9860a213ae89f90bf460
- SHA256
  
  a085b9fb385a8fffaa7647a8065e56b236d0d76cd9ba8be53e4c186df4e7104f
- SHA512
  
  7e6de3226e55423ea9443ef9e4f2d04dcecc9d7aa449d7458b760bc0f9ba551a7e2cf6cabe4d1b32a3d382efbad7bfeda5c613a9ff5eac8dd887d43f556f9623
- SSDEEP
  
  768:06KSLUYqEBuQ2DzNac9OavH+cbXc7J7lCMSIn7N92D1NltyhMpnF:067wYjg1zNJZHX+J748N0pyhMpF
Score

1^/10
behavioral27 behavioral28
- Target
  
  runtimes/win/lib/netstandard2.0/Microsoft.Win32.Registry.dll
- Size
  
  52KB
- MD5
  
  f775a8103a6034d25fbb2934f5e1b979
- SHA1
  
  e449296d1ae86c6417b3067f6aa5108946c5e15a
- SHA256
  
  5738f1e014d65979898848781075db25eede1f14d7e38d68cea6a4c49bc2b2c4
- SHA512
  
  9f52dd9e4cd78ffc240a794752c57158a504071ee45284ee71f93d25b938554c999d60324fdbdbd5b2602429297df4ef6175da44b076a7d6aab1fead5a8a53ab
- SSDEEP
  
  768:+iyJzkVFn/CEmIF+/x+iJsUYFoNN9B7UwNbhtVi2viXmlxVs/:UJzkGZA+/zJsSrL7HdtViEmmlxVs/
Score

1^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30