28dc03e724a2a49527b04861fba16e65c995e97efca2b5204cd9687c7f5a9b92

Sharing

Copy URL Twitter E-mail

General

Target

d34a0c5a449dc32eec59faa00683f96d
Size

192KB
Sample

240318-mma4kafc6t
MD5

d34a0c5a449dc32eec59faa00683f96d
SHA1

3520ca6418577a4b6ed5e345acca874f2e584e54
SHA256

28dc03e724a2a49527b04861fba16e65c995e97efca2b5204cd9687c7f5a9b92
SHA512

f66877a5a15fbb3190fc47311ae2cc3cc4c5764405e9be4930ce04ae265f37ca22d121923395ac9a535bb22f9fef3666c841d869cee0c7c27994be37487acf26
SSDEEP

6144:Ie346TdcK2ElbxBuKHBS1EEQoVGkJpDBhk6RZY:bRt2EllBuKHcEEQonDdhkP

Score

7^/10

upx

Malware Config

Targets

- Target
  
  d34a0c5a449dc32eec59faa00683f96d
- Size
  
  192KB
- MD5
  
  d34a0c5a449dc32eec59faa00683f96d
- SHA1
  
  3520ca6418577a4b6ed5e345acca874f2e584e54
- SHA256
  
  28dc03e724a2a49527b04861fba16e65c995e97efca2b5204cd9687c7f5a9b92
- SHA512
  
  f66877a5a15fbb3190fc47311ae2cc3cc4c5764405e9be4930ce04ae265f37ca22d121923395ac9a535bb22f9fef3666c841d869cee0c7c27994be37487acf26
- SSDEEP
  
  6144:Ie346TdcK2ElbxBuKHBS1EEQoVGkJpDBhk6RZY:bRt2EllBuKHcEEQonDdhkP
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  torrent.exe
- Size
  
  186KB
- MD5
  
  9bb1de9e0f82c295a2715cf91a6e91b6
- SHA1
  
  c34a30f9e0c5d534cb9f2209345eb3545ad49f34
- SHA256
  
  08933263580d8eb633f57d0e0011e17421c3f776b5a83f876ff1cf14dada0aac
- SHA512
  
  2acf6f27a8d9fe0fb78f5b03a541a698278b80dd69f23a56beb431ea25fc5e6983fbbb389f3a7f33b2fcabc3fbf691888ee0dc485dd55add3f9e3f71ceffdfa9
- SSDEEP
  
  3072:ggXdZt9P6D3XJnZKsrNdUYmYeECZiEP26G/OjO9o4sNFGQ3VJkEDUZ7VkwBRZS2g:ge34RssrnjPCZizOjkgpDGhk6RZ2
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsRichEdit.dll
- Size
  
  5KB
- MD5
  
  02f1858b3131ffc3fc5e3a5391d3a489
- SHA1
  
  454a6d749cf55ff990bd9f57941aca9d1f1674f6
- SHA256
  
  f00bd6d3e7c7b8e8ad18b7dc6275fb80cc720fb164200a6506f50f6e66998b12
- SHA512
  
  8147fa8014a5065f4fed7de1fbb9c2ee2c1b94d63596f7bbcf6821ecd41a73d25ebdfa1e71ca74d7598cba063042b6dfcaf050a23d0c855a7b6fbc94147ab41b
- SSDEEP
  
  96:Z3CA+/dN6g2Aznq+1kaNar7ta6mKAJN0u4KOhB7lkZ3hBjB8wZ:Z3G/D26EaNar7QKzLdZkZX
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  babyloneula.rtf
- Size
  
  30KB
- MD5
  
  ab33d442fbe56bed665be7d24a9cbe31
- SHA1
  
  27e9ba88aabdbb62bc9f4964d96685d92268d5dd
- SHA256
  
  b91c19bcab4f0fed3fe1f79d8b03e6b93ce7be1aa6ea41390e225690628cf434
- SHA512
  
  ba5787509b8047dc3e2f9d22dc859e6006b05612c64efe79dab8f6f28486d0bd621589c749a760c40e158958ac60c27901aee95f208387d722bd12ad1e5c8d65
- SSDEEP
  
  384:/FLuSWzNEzsEskF+6Hagj09QwsGgzqsPelAWkKCkps2adHVjA+EOALeduEkmQW58:/FL0VFIHLzqsPelppsdcQymQWZO6UYRG
Score

4^/10
behavioral17 behavioral18
- Target
  
  gunzip.exe
- Size
  
  89KB
- MD5
  
  3b47da704260eb2eb12f5d53c347e6c3
- SHA1
  
  d3d468ad6a5a6591cbfe98d969796022c73d6bdc
- SHA256
  
  5ab48ea0bebacecf300a1b607aaf990c3ecba244d16b4d558c671709d67954ae
- SHA512
  
  435f5c933b90b66b2517c01308ff6c56bd07fe72c79d54eb002ef19822ea445384814f63932b2cf5b92b1adcc91f994c9294d052bf73e0516b5bdc3f3ce08103
- SSDEEP
  
  1536:3EtrFj8pr9lIYAbe68GcCK5x4ezt9yKNkN1GfWSx8tE/g9:3WrFjKpmYuqGcCK4ezto2kNs+tE/g9
Score

1^/10
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

ACProtect 1.3x - 1.4x DLL software

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20