Overview

overview

6

Static

static

3

CoreUIComponent.dll

windows7-x64

1

CoreUIComponent.dll

windows10-2004-x64

1

essential.exe

windows7-x64

1

essential.exe

windows10-2004-x64

1

secur32.dll

windows7-x64

1

secur32.dll

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c44e315c93b669dbd953710c36dc1d532e27e74fd3b93a1dcbcd112323440751

  • Size

    3.2MB

  • Sample

    240227-h7zkfabc29

  • MD5

    c940a1bb7667bac39f8e4be2f07e2f46

  • SHA1

    819115db5f7c0aaae96c005d287b34ad7030a189

  • SHA256

    c44e315c93b669dbd953710c36dc1d532e27e74fd3b93a1dcbcd112323440751

  • SHA512

    ccf15e20ef3ea25358c5228175244fee5b37ab448af85782bf542a3e306ff772c6a303c16b332a6b7dfa1728c3b57ed2237ca97a1eaba96d476bfc926e8bb1aa

  • SSDEEP

    98304:61mKWYy5jOuaob8OJr2fitHhiDBsCCpsIES0xtNk/QMLF:6QeOxh4BsCCpt/QMR

Score
6/10
persistence

Malware Config

Targets

    • Target

      CoreUIComponent.dll

    • Size

      147KB

    • MD5

      05fcace605b525f1bece1813bb18a56c

    • SHA1

      a3218432f34aaeabe253d07efab27bb7fff2061c

    • SHA256

      720afa3e1216a9eb68b66858d50de0326f52afa279ef9ee0521aee98b312382f

    • SHA512

      bcce1ea35ec0422895d7ed1ca9139ab7f695b101c2667e596dfb8d5488f695a9171df674ab2e9c8dd66f4b620fd1853caf8f4f3123acaf81a1a714b583bb009d

    • SSDEEP

      3072:bDqLoXus3liGvU99QPCrpgZFAVpBAq9Ttne/3m48:bGLye99Qarp4+rmqNk/36

    Score
    1/10
    behavioral1behavioral2

    • Target

      essential.dat

    • Size

      4.7MB

    • MD5

      4ed5d74a746461d3faa9f96995a1eec8

    • SHA1

      d9d513e6ddfe9e83df4540deed3c421f80c5ec41

    • SHA256

      23f6cefdce551431675506cb1c438feb2c66d38d1c77ebefe0fd5042e677ff80

    • SHA512

      d9d632a337b091ce8682197fb77b29e201fbd3113d988bfa69d6c7f672e05bd958147221afdbaa1baa8269a6d35d8aca522b1011bbd32fa4485427f28dc3f0ed

    • SSDEEP

      98304:adLUEBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYDcvwu3707iQMMvozt:aZ220JyNtjSkQYagF

    Score
    1/10
    behavioral3behavioral4

    • Target

      secur32.dll

    • Size

      54KB

    • MD5

      f58e0dfb8f915fa5ce1b7ca50c46b51b

    • SHA1

      9acb977f13fce7ec38275887ddbbc0f42532e907

    • SHA256

      90fa29cc98be1d715df26d22079bdb8ce1d1fd3ce6a4efb39a4c192134e01020

    • SHA512

      4ebab09c4319c4604e7dad00f669e572ecf79d9db74a1a6f6ad833ea4be2ce3ead1548196a9b15a052ad006af28afa2005bd5523b8215e1f51fce9671a73580d

    • SSDEEP

      768:rC8sPHjgxRIO5h7Ji10Ed4WKn84n2ZePq+RTdFvnM+cmVqDj64Bj:ri/Mf7oiEdXKn84n2ad/vbcmVWjXBj

    Score
    6/10
    persistence
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks