8d2f02a55a6957c8b8013d5df7837cbc836fa1e599d7d7eed4f1ef4a42f7fb8f

Sharing

Copy URL

Twitter E-mail

General

Target

ba9c3681c1ad3132956447723bd9960d
Size

12.3MB
Sample

240308-fy8qmsga63
MD5

ba9c3681c1ad3132956447723bd9960d
SHA1

6c01910f9cbf69ec60f6dd952698c886de648f6a
SHA256

8d2f02a55a6957c8b8013d5df7837cbc836fa1e599d7d7eed4f1ef4a42f7fb8f
SHA512

75b920789073eee65a3c75e27856741767239865367dacb32d3dc0d8ea89f1a10419c2aba3b20ba872b257cc19456fe6f1778a45a7fbe00f2db326e35108442c
SSDEEP

196608:HEWrAk3VFU6Bz5FRfKnLn9EfLx+pHcxLAZ8YeUvw3aD4KoAeepS+jjWuu:keAklq6vFeJYt+pEAZ8YX484Kod/j

Score

7^/10

Malware Config

Targets

- Target
  
  SnagIt 8/2KXP/SNAGITD8.DLL
- Size
  
  20KB
- MD5
  
  ba5c00be01e2c67d407fe874f31dbd2e
- SHA1
  
  18479dba8f82d3f2e0bf1eac16a281a3e520f9be
- SHA256
  
  cdbd77f74566b5cbb3e7b6d286b5e6f7f3358d2934646c15b0113301456857f4
- SHA512
  
  b2bc61715afd78cecdce1c9c6bf3729f34a3573219a71971461f58cb67e9034103ee3d1a5cd936773ba3e5b9c9f04da79b84bb23c6844de27d998bcad335210b
- SSDEEP
  
  192:b09aNLDqrSqYiADy8+BghcFt6+gg8dBrXaVskTJqIbIekL/CldolMzMjGwP7/MkS:b8aNLD63AH+nXZGNStJSRLCcguYblD
Score

1^/10
behavioral1 behavioral2
- Target
  
  SnagIt 8/AccessoryInstaller.dll
- Size
  
  93KB
- MD5
  
  756e7ec7a3d0d72f8e652f8d7f00fdff
- SHA1
  
  744686f9f42b676f9c1512b6604c3885dcd2d3d8
- SHA256
  
  0bf8c64e2cf7c97add4479e18a142f0d471e9195b4a05480ba404229853241ba
- SHA512
  
  60fb9ea3868faa0eb04cede9a5374ef93139ca6131f6ce3c63166fc4199e362ce1e23f75bf188229ec99addd60b83849fddb558e72342a97659123339307eb3f
- SSDEEP
  
  1536:oyKC6g6nrGgXu06pA+JYurSCVdumXpM75ikr4HBXSxOlSwidXZBq2u:qCLcMKCOOM7RrMFMOlRi5m
Score

1^/10
behavioral3 behavioral4
- Target
  
  SnagIt 8/DLLx64/SnagItBHO64.dll
- Size
  
  63KB
- MD5
  
  cdbe6d64457b58149c61cd2bf2ddd9f3
- SHA1
  
  91b93808d6c5415a70833e5f873b01e4c1b578e5
- SHA256
  
  83307e40b3a5c635b81edbbb133472014f9113923c3ef5680cfe9378a950efed
- SHA512
  
  f0044cded05cf946cc891b76210c71bba1ca2c0f9990c9ab7d5b37531eec6fb852c0cdda144cec8f523a71cf6d9e9e62a8c45b1af730149fa6ba997592eb5a50
- SSDEEP
  
  768:RQIK2kxllsXGqG9b/5qW6AtA0zDA8z890tRancqdoZq2nXioO520euvgD+2L3CbC:JkTllqG9b/gFyDDhPoqr1O524oD+22C
Score

7^/10

adware persistence stealer
- Registers COM server for autorun
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral5 behavioral6
- Target
  
  SnagIt 8/DLLx64/SnagItIEAddin64.dll
- Size
  
  204KB
- MD5
  
  766954ee1b145458611924f97b9d3094
- SHA1
  
  85619e6b768b3cc2e80ea388a8d41ef2f2b37fe9
- SHA256
  
  77b954721de1dc5fdb508fdd98df0ed0563e4e72624dc581878762c6adf1311d
- SHA512
  
  de5eeb32aac8f684828371d3b5fc17620dcfb063d2dd4fb5bf69cc2efcd731134128b215289e4988eef699740a212d3a08adc771b48e307dc3ca13a1d3082c40
- SSDEEP
  
  3072:iKZ+HQDvmK1h3xa1YT/EXo8u6MU/BG2M60ui3AopJvAp1J31ZBXXCvJBA50jUO5F:iWvY/B3SUp111ZBXSj7UO5/hGB+
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral7 behavioral8
- Target
  
  SnagIt 8/DLLx64/SnagItIEAddinRes64.dll
- Size
  
  75KB
- MD5
  
  9cb8a4cb12c0704458bcca30b98b3f48
- SHA1
  
  7842aa4ae8461db2dd986928af7da87fac949d77
- SHA256
  
  80daa6647b22c81c5ba34554a7b42804a9ed5c79f88341d84dea1ae11e283e68
- SHA512
  
  88272f64b2a6ddf4690bfaa2f4a8e194bbc9dee73ac71b042bd072980e2dc0adcbb098fb40eca6d076342aa6a30f1997e7e79398757b6503940458951b2f16ad
- SSDEEP
  
  1536:pjNYlxIBDAcx5dm4RLrRxO17llrVStDMngdiI2XFJ2C/:VNYlSBDAcx5dm4RLdwfJStaB/
Score

1^/10
behavioral10 behavioral9
- Target
  
  SnagIt 8/DLLx64/SnagItShellExt64.dll
- Size
  
  362KB
- MD5
  
  6312df206e105a00d333d37601d31adc
- SHA1
  
  9e3f7557f21bcd7742ca102e82f0765226c81e52
- SHA256
  
  a4579f6a37ed40ec6a162af3df6c5b47690615feff629de37226263115e3f250
- SHA512
  
  d5fbd92bf794ca0ecb28dc7c1b52cf8425f272b5b1cff06c3eb5070b4b35098ecda9712d60fcb3fe3be7b6ace9e272fbf53848a55bb7d5391cdd9b3a42b9bee9
- SSDEEP
  
  3072:nBDN4cFmkuRmTO9PkwIwUupMUzofbsXY0zx4lRqekCK+5XcbIqNGngerCdTd8XZx:BDN4dGOwvnw36XcsyCCdT6XZO25ljToc
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral11 behavioral12
- Target
  
  SnagIt 8/DLLx64/msvcp80.dll
- Size
  
  1.0MB
- MD5
  
  5ae0f01f02a03558da0cbd249e4df263
- SHA1
  
  64735ab4635b587647a11a599e39d2233d9de6f0
- SHA256
  
  5b217da5d138a26c038af25e9723c0028a4de36ef2575526da6a56570d2422b7
- SHA512
  
  041eb111c37c986ec01c8340f0715be272e9da0fdf321562bad112b19d399bd4cb494406b82643261994eefa1b862493d88337f54babc8aafe4cae6de0cfb2f4
- SSDEEP
  
  24576:05ek+Ir9UiKQ4HMd+StGaKzXWewk7/1EQuN/Zo6fxIftB3gwC4+Vxo4vwYpz4axZ:05ebiKHMddGaKzXWewk7/1EQuN/Zo6fJ
Score

1^/10
behavioral13 behavioral14
- Target
  
  SnagIt 8/DLLx64/msvcr80.dll
- Size
  
  803KB
- MD5
  
  465cebd7da2ceaba5e552fc9118a1415
- SHA1
  
  995060cabe3ddf199b400ad0d80ff5660626793c
- SHA256
  
  c56f17ac76671697d9338757149e09d45d15764386a23420a6bd01c7faed3fd6
- SHA512
  
  fc6ae27e0c4aa3fd24eb166e8ae2620a0f88ae9e22d0237022005161e6992fc1a2e787dcdefb4a1c0a488568af11153880f0e36447d7c969ba8ab5d0730334b1
- SSDEEP
  
  24576:haoz3gasZbfpeAf8Tvg7O8zF9JL0pWeAgo7VmhydM:haw3gasZbjpFf0k
Score

1^/10
behavioral15 behavioral16
- Target
  
  SnagIt 8/LFCMP12n.DLL
- Size
  
  350KB
- MD5
  
  355c5984b338292a1fb8718bc09351aa
- SHA1
  
  dc98274c8ffed8ec0f2c331d70e2bc4ca9b7ac8c
- SHA256
  
  24dad328f6e7ac926ec359eb6c610bdbee9bacbcf325f3cebd8bf97cea7304b0
- SHA512
  
  0f6c5ce9c4dbca0ccaec7c5c2af3f64dfb2fb61b3d70a0510fe9debd567ed05a3361e2d1f2e088e3ea941f9318e0d0a1f6e9673fe564e7bb822a354dbf62239a
- SSDEEP
  
  6144:87vpBQFIEmU19QXF+QhGcPYGxw0B9RxynHsjimJxU6sYUtOvBd0kjC4gT7:87vnQjmU1SXFrhPPYGx37xU6sYUtOvB/
Score

1^/10
behavioral17 behavioral18
- Target
  
  SnagIt 8/LTDIS12n.dll
- Size
  
  253KB
- MD5
  
  4dff6da6d4713342e0d9bde2a9d06d9d
- SHA1
  
  4784c2d1a6f492e72ac2ea9da987d30123882b81
- SHA256
  
  131cbf66e9df15cb025aa466408e3d6798fb1b9c95b4318115a72e71db2f4e5b
- SHA512
  
  e80757bee0693ed80417c35ba3233fd818dca8a954276b273180d661f74128ece889783d2ad79f5fa418869b731ca4bf7ed3b36b33d4cfdeacfbc67a529389e5
- SSDEEP
  
  6144:NXQTLuPccHHpBwnaklAZVcLDIOTAdr8luvwQAqd2dq4bW0Mms3jBwr83orIWbLIq:JQTLuPccHHpBwnaklAZVcLDIOTAdr8l1
Score

1^/10
behavioral19 behavioral20
- Target
  
  SnagIt 8/LTSCR12n.DLL
- Size
  
  149KB
- MD5
  
  d299f5b13e5dcb0816bcfb250380b9e3
- SHA1
  
  3363e3bda9d71fa90fd0aaea366ebd4e1af02331
- SHA256
  
  7f9228d47d22c6b5af8dabfd84e467310869f6e55536b7785bf479eaf67b55ee
- SHA512
  
  ef3e449308dbbd89e8cb40cc6fe6b0a40498a385396e1e57b8483a4586d8d2cf098748166c3be760248d38d7177a1a6be15f3c4d9e4c983aa608ab132f80cf82
- SSDEEP
  
  3072://oJyRC0fRiia4y0r0mKaIj4A4DJVgt9kvPgE:YQrR7a4y0QmRIjb2g
Score

1^/10
behavioral21 behavioral22
- Target
  
  SnagIt 8/Lfpct12n.dll
- Size
  
  59KB
- MD5
  
  2658a41fb17b7dcdb0d3122b9ca26fcc
- SHA1
  
  3333dfb0148476b3f937247985c3239c3894e5cb
- SHA256
  
  c3c66ed07a0ca3b05781b6b4e2e6fdd2cdbd2c732005cd60d2deb40c0d29cced
- SHA512
  
  9afd556d5eedef868aa540b1ff905fdb64e7a83c8d8abfa8b8066ab13905f4511ad751742ffb0440ac68e5aa6a41ab5f9492b00a6de23557f72e0aadc2e89378
- SSDEEP
  
  1536:PNSYxF9hu3SIPHGG666sTL/Uvvw+4kq8g2:PNVHXIPHn666sTL/UnRE8g2
Score

1^/10
behavioral23 behavioral24
- Target
  
  SnagIt 8/Lfpng12n.dll
- Size
  
  177KB
- MD5
  
  6f3495f4a3f0ea6e1979b0d50d5a2860
- SHA1
  
  b5f60759085a99b51d808b914752c6db040c3f2a
- SHA256
  
  851db9279bb38ed0a490f32a6f00835c930b498f27dc69a79a74d05ae4b818b4
- SHA512
  
  d0f9fe139bf5c3edae714b2dc63f89a8ae60553502e1dfe7d09770312bf1ef0c04cbeca762723d586737d36c272414434b5e06524e3367fffc7559cd7ee01f41
- SSDEEP
  
  3072:fUG+z6fUixCY/iXdhR9Z7CsVhxEtA2occmnDgpjTuLaVFTWjonGRgAe:MFeCDNhR9Z7CsVhxEtAjcc+Dgp/uLaV9
Score

1^/10
behavioral25 behavioral26
- Target
  
  SnagIt 8/Lfwmf12n.dll
- Size
  
  48KB
- MD5
  
  5fa3f1ec8b01a35105752421075ca20a
- SHA1
  
  c3e5018e84a8368e3bbc81282725cfe4df7df48c
- SHA256
  
  02690807b4b0103a458903cf9c32257c6518bc274392e583a752c47e5b40e925
- SHA512
  
  efbda349dac826e514ccaf238f2b4a6b42b185f4e17fb646f84d6e276df8a448250938209ae13e8319e74e12b6f86c209844d5c8b204521589cb18678ae82717
- SSDEEP
  
  768:H0GGBzAf+aOkqJxxM8n4Y6DuRNCDWlo2tH4NSPl8jg2NN:tGFG8nxD/CDK45g2N
Score

1^/10
behavioral27 behavioral28
- Target
  
  SnagIt 8/MFC80CHS.dll
- Size
  
  40KB
- MD5
  
  f6133b250f6bd0cc875bba1960676cfa
- SHA1
  
  8d6e69784821e2516f428459c16dca2fc0e3e453
- SHA256
  
  381484b3d03e8d79abc68461b5a1bae5bea569f4c76c3a58a8dd9afad4f1c19b
- SHA512
  
  57b6c74a6116bc587f9499fb08e0243083ae499c2283a0aa413b5aafed467aa03a22202bf1650acd3bcadd866a3275721c7dc73d3b633cd27f6f48ba1fdbd389
- SSDEEP
  
  384:2DNemsf/tAGqyVUIrvVWJWRUJwxV0fwItnFiHyt6S26r81Jd5AJd:2ZXs9AGDTrvFVx4wItnFfL26r81nE
Score

1^/10
behavioral29 behavioral30
- Target
  
  SnagIt 8/MFC80CHT.dll
- Size
  
  44KB
- MD5
  
  85e69c7a1bfafb898a7ae1e5b068eef0
- SHA1
  
  d29e58b12338de7665084f831f47afc1f5d71dcd
- SHA256
  
  0d23a5ad939b42f7fc6aa8d4b103419121198f05a5a39502d477f74dc9a30332
- SHA512
  
  b9ff2486082d399b7abd50cbbf5b91b21b6df791f4eb02700080e5caf59b79a07b144cb045e7ef95a3fcacd36317fad1e617d9760d54b1e4462fd3a62fd52e9d
- SSDEEP
  
  384:5DNumYF9/tAGqyVB+dvEcW2WReMUn5xm9za2JokMw6TERPB1ECA:5ZHQ/AGDadv0cn5x4pqwPPB1EC
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Browser Extensions

T1176

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Registers COM server for autorun

Installs/modifies Browser Helper Object

Registers COM server for autorun

Registers COM server for autorun

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32