7f77e3fcc3789c8bb2aff6bcd8b25fd575e615bb50fbd9328e404dd1cc41edc1

Sharing

Copy URL Twitter E-mail

General

Target

aa0bfa2a66ac906ce4805abc00fb4982
Size

955KB
Sample

240227-yvvzgsae3v
MD5

aa0bfa2a66ac906ce4805abc00fb4982
SHA1

604382fd16029e37615f592f07c86ce4fd6f4161
SHA256

7f77e3fcc3789c8bb2aff6bcd8b25fd575e615bb50fbd9328e404dd1cc41edc1
SHA512

104c61cd43300254c20ee0fe17cddc7e3feee9ea6fdcc7187233ce2aadf2ad0a9343020e7580596f933c4f4e827f62f3cb01c5e7e5d1bcba0bb805bf8276cde2
SSDEEP

24576:LFtiJgJBteczX6XswGX8hcIF4gN8BoYU/q:uJm6GX8hcI96t

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  aa0bfa2a66ac906ce4805abc00fb4982
- Size
  
  955KB
- MD5
  
  aa0bfa2a66ac906ce4805abc00fb4982
- SHA1
  
  604382fd16029e37615f592f07c86ce4fd6f4161
- SHA256
  
  7f77e3fcc3789c8bb2aff6bcd8b25fd575e615bb50fbd9328e404dd1cc41edc1
- SHA512
  
  104c61cd43300254c20ee0fe17cddc7e3feee9ea6fdcc7187233ce2aadf2ad0a9343020e7580596f933c4f4e827f62f3cb01c5e7e5d1bcba0bb805bf8276cde2
- SSDEEP
  
  24576:LFtiJgJBteczX6XswGX8hcIF4gN8BoYU/q:uJm6GX8hcI96t
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  0116a50101c4107a138a588d1e46fca5
- SHA1
  
  b781dce23e828cf2b97306661c7dad250a6aaf77
- SHA256
  
  ab80cf45070d936f0745f5e39b22e6e07ba90aa179b5ec4469ef6e2cb1b9ef6b
- SHA512
  
  55de6aeaad05b01a25828553d3ea9f1b32a8b0c35c42dc6106bed244320e3421ec6a6f5359b15f9d18dd1e9692ca5572b2736d9d48cceb07b9443601d00a5988
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  DomaIQ.exe
- Size
  
  336KB
- MD5
  
  917bec53ecee716ab419598442d8500c
- SHA1
  
  880e9b696e847a438296cc4746ca28f0cad8ab17
- SHA256
  
  f5f431bec3e21613f7c4ddcb904c87a9eef0b16870799e79cb0792281088cda5
- SHA512
  
  183d157def277fb41ac438391b8ee2fd32858812508fa9ddda029b02d21e6834d4ab270015672b6520de9173bc6acc6311ec1b25f0c0840d73925fe2d772ad7c
- SSDEEP
  
  6144:iMLnP9W4gNafqcCyG+frFKazdenHJBzrVh:i09WtNaycZG+jFKawHJhX
Score

1^/10
behavioral10 behavioral9
- Target
  
  DomaIQ10.exe
- Size
  
  340KB
- MD5
  
  dfe97aeef7e4bb36a261406bfb2db452
- SHA1
  
  f683c4b4c286b4c8dbcb809a4e676b43ea872e5b
- SHA256
  
  eafa2798644ec67fc72b1690e35b6ba2f73d759821f406c827b9f1543ef0d0d7
- SHA512
  
  9710067c7efe56b89b0540b19f39cb93794e13aee760ebf8ec3c5c4d546acada0741dcd9760f8ece6e4c64f42da5d0d28381b528c03c9fd6451eae3f05b6ef83
- SSDEEP
  
  6144:zhMOxSHkNks5mbndKmki95K4vemYxLCrUAj:fxSHkWRbdKmRntpFj
Score

1^/10
behavioral11 behavioral12
- Target
  
  OfferBrokerage_14003.exe
- Size
  
  918KB
- MD5
  
  6c1b5c6c79e62be28ddcd9572a0fbef1
- SHA1
  
  0bc4e3dcbfc8e1adde5a1e24b9daef181d4c155b
- SHA256
  
  8513fec3155332e9bd899389078f5782a4bc9ab10c77261ec13081c176a3dbcd
- SHA512
  
  5bb5c199f93b459f8b746fd86f61810730ca0d1dce71063d28b3c6733a31fe472ab06991b1f831ee4d6fccb078dba735545fae21acd8d368e46f4adca22a2e16
- SSDEEP
  
  12288:MxDDECzvX7grLahW3dRWt7gdFN8tEW9oI9+fSRZfgWJKB60SECzYrSy2X0GNA0A/:Mnt7H9FnRZfle6HEHrSv6TMTTTyP
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral13 behavioral14
- Target
  
  config.dll
- Size
  
  36B
- MD5
  
  02f6e45f4408f64951806d585e6e9c4a
- SHA1
  
  864ac959cfbcae1513fbf399c151cacfd83daeb3
- SHA256
  
  8bc898ba04219478b52197de2cb44de8fd26fda76f838531eaea44d24257126d
- SHA512
  
  31e4017a9b5e7fce76d650c7916926e8319a2bc55e2c00af8685234943c734b7a5765185dd959f69cf4c4b53186a522dc4e434dc22a7b1001738493954ea60cc
Score

1^/10
behavioral15 behavioral16
- Target
  
  routes.dll
- Size
  
  257B
- MD5
  
  8fc132d017671cb9f0322ef97411aed7
- SHA1
  
  ec7587f1ce58736442912f1152fcc76c735eb26c
- SHA256
  
  a5d0ce7bd7d4c43cb49c2a76ceef62fe78733c22ad6132da73a871f29aeb5280
- SHA512
  
  2d5145b253ca05f3b28bb35dac53611cb7513b0502f01307cd47e592789abe85f68e6c8a312e5b319a34a0e10be6fb60b42cbf0b6084c43a07fdb96196192d37
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18