Overview

overview

7

Static

static

7

d35afa00f5...d4.exe

windows7-x64

7

d35afa00f5...d4.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

DomaIQ.exe

windows7-x64

1

DomaIQ.exe

windows10-2004-x64

1

DomaIQ10.exe

windows7-x64

1

DomaIQ10.exe

windows10-2004-x64

1

OfferBroke...03.exe

windows7-x64

6

OfferBroke...03.exe

windows10-2004-x64

6

config.dll

windows7-x64

1

config.dll

windows10-2004-x64

1

routes.dll

windows7-x64

1

routes.dll

windows10-2004-x64

1

setup__120.exe

windows7-x64

7

setup__120.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d35afa00f54091a23dfc4c99c98526d4

  • Size

    1.1MB

  • Sample

    240318-m87pnafh7x

  • MD5

    d35afa00f54091a23dfc4c99c98526d4

  • SHA1

    6b4fd02286712357bc11bf8c10e714ffea38b78b

  • SHA256

    14eccdc69e652fa809da24f40d08ac7038c2cbcb37bcb148acb7cb572e3fc8a0

  • SHA512

    65be7b2559781c741180e8fae1b36c922e2fea00876e335d220b83a53dbf1733b697042b52d2e768b74441446df8f880e467b8fcb1d6bf6da07726bfaf259769

  • SSDEEP

    24576:QFt5qRTJwr3rVrthcIF4gN8BoYU/qPYWSAClJ:s/vzhcI96tPYWcz

Score
7/10
evasiontrojanupx

Malware Config

Targets

    • Target

      d35afa00f54091a23dfc4c99c98526d4

    • Size

      1.1MB

    • MD5

      d35afa00f54091a23dfc4c99c98526d4

    • SHA1

      6b4fd02286712357bc11bf8c10e714ffea38b78b

    • SHA256

      14eccdc69e652fa809da24f40d08ac7038c2cbcb37bcb148acb7cb572e3fc8a0

    • SHA512

      65be7b2559781c741180e8fae1b36c922e2fea00876e335d220b83a53dbf1733b697042b52d2e768b74441446df8f880e467b8fcb1d6bf6da07726bfaf259769

    • SSDEEP

      24576:QFt5qRTJwr3rVrthcIF4gN8BoYU/qPYWSAClJ:s/vzhcI96tPYWcz

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      0116a50101c4107a138a588d1e46fca5

    • SHA1

      b781dce23e828cf2b97306661c7dad250a6aaf77

    • SHA256

      ab80cf45070d936f0745f5e39b22e6e07ba90aa179b5ec4469ef6e2cb1b9ef6b

    • SHA512

      55de6aeaad05b01a25828553d3ea9f1b32a8b0c35c42dc6106bed244320e3421ec6a6f5359b15f9d18dd1e9692ca5572b2736d9d48cceb07b9443601d00a5988

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      DomaIQ.exe

    • Size

      342KB

    • MD5

      5e738ce64ecf55da1cd48802a7c71728

    • SHA1

      8059044cb6db8138d4ce859d547f3edf44a5ae8a

    • SHA256

      9cfcc4e9519052814724aef4a32d591690ebaa271a14b2d8e45d2857f035bec9

    • SHA512

      89ec8a90f2f61de55ae88fdc79ab32e8a74fcfa0ac9f5757de0fcb4e5629ac5c43707304ce09ba41f4547b9882d505725a4f357c0a9b916421de6d300c2c30f9

    • SSDEEP

      6144:bMxDCNU8UqzcgEoysbFKAw4OgmQi6Wudtw/AJu0LSpm:lW8UEcfFGhsQ7O/AJuJm

    Score
    1/10
    behavioral10behavioral9

    • Target

      DomaIQ10.exe

    • Size

      342KB

    • MD5

      fb89f7aec7eee5da3d46020e97dbd456

    • SHA1

      6139d0a11e839d6d8ebed7b705f066ce8d01b82c

    • SHA256

      708a36fb9ac327e54d7e38fd2ee663638a79067edd335526554aeee36ff71510

    • SHA512

      4a9d79d34f94ea7fd481b27d552d3f33fafead909b7b4d50b82a06eaa3f3ef1f66c48ab193b5004ff21f1c185fb9b01e94160a7983c1232094671e6629e69efa

    • SSDEEP

      6144:poErxU+fKdOfsCCobzIZ9f+GgoLG91wBQiUDP:zU+fPfv3XIZ9FBQhDP

    Score
    1/10
    behavioral11behavioral12

    • Target

      OfferBrokerage_14003.exe

    • Size

      918KB

    • MD5

      6c1b5c6c79e62be28ddcd9572a0fbef1

    • SHA1

      0bc4e3dcbfc8e1adde5a1e24b9daef181d4c155b

    • SHA256

      8513fec3155332e9bd899389078f5782a4bc9ab10c77261ec13081c176a3dbcd

    • SHA512

      5bb5c199f93b459f8b746fd86f61810730ca0d1dce71063d28b3c6733a31fe472ab06991b1f831ee4d6fccb078dba735545fae21acd8d368e46f4adca22a2e16

    • SSDEEP

      12288:MxDDECzvX7grLahW3dRWt7gdFN8tEW9oI9+fSRZfgWJKB60SECzYrSy2X0GNA0A/:Mnt7H9FnRZfle6HEHrSv6TMTTTyP

    Score
    6/10
    evasiontrojan
    behavioral13behavioral14

    • Target

      config.dll

    • Size

      32B

    • MD5

      cf40c91f06b1c981bebc79153bd79f3b

    • SHA1

      377d9e252ebb23fc7d739036b741377c70465dda

    • SHA256

      fed48177eb20979fa1a9193da078bc4c8d9cd7f0b14d97ce319086dc909f1ef5

    • SHA512

      642cdb6eb518253d0bd5814fca6914b216a8f96a9c63d7da1008b869e9738d7511d84813b8f2ccce72d1919bb2cfebb6b91d48298007e8764e3f01c4148a86c0

    Score
    1/10
    behavioral15behavioral16

    • Target

      routes.dll

    • Size

      257B

    • MD5

      8fc132d017671cb9f0322ef97411aed7

    • SHA1

      ec7587f1ce58736442912f1152fcc76c735eb26c

    • SHA256

      a5d0ce7bd7d4c43cb49c2a76ceef62fe78733c22ad6132da73a871f29aeb5280

    • SHA512

      2d5145b253ca05f3b28bb35dac53611cb7513b0502f01307cd47e592789abe85f68e6c8a312e5b319a34a0e10be6fb60b42cbf0b6084c43a07fdb96196192d37

    Score
    1/10
    behavioral17behavioral18

    • Target

      setup__120.exe

    • Size

      145KB

    • MD5

      a90dc54ac25bd460ae68b3b718ce8fce

    • SHA1

      b2738e14fd684925e46b726f099955a81de328b9

    • SHA256

      4900ca5c8763e510ab897d37df1d6621c7585a87720f8aa47c05c5b505a6759e

    • SHA512

      c289c94c2d4bca10e24e2d1225862209affb7e35fb2e24e4d3d173e43c966bbf696ae8b9db896ecca5178616cb7bd2de44bb1211e00003a049355fea09f119f5

    • SSDEEP

      3072:samWXrLYuX6Dg61CZTakdl+hVL2j0/VdRr4bdUPQHpWoIgGLXYsHMS9hq:saL7sd9vYl+byjcRr4A4pWor0XYtSG

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks