General

  • Target

    da8aed8ef20ec9c875511d563f45d83b

  • Size

    645KB

  • Sample

    240321-dreg4saf33

  • MD5

    da8aed8ef20ec9c875511d563f45d83b

  • SHA1

    9ea28dceec1dec64402618dfc95f7e55c5aea3a2

  • SHA256

    97a9b5a3f99fc57f91a8b665f0b5c5645755cf23cd7acb6735d7939ea01be2dc

  • SHA512

    43dc38c1376ed27d69210d375ba9e34e3c9ece6759c374095d7179ebd045ef527aa4db9f3a582b7f45328d788702da0813ffa773529a9a14ad45ad9f916718a3

  • SSDEEP

    12288:/2fSf1Gm+CWms/oK5N29k5gvO9xpyQS5eq9eBRHZ5j:/2fS8eWClm9xp5S5V9el5j

Score
8/10

Malware Config

Targets

    • Target

      da8aed8ef20ec9c875511d563f45d83b

    • Size

      645KB

    • MD5

      da8aed8ef20ec9c875511d563f45d83b

    • SHA1

      9ea28dceec1dec64402618dfc95f7e55c5aea3a2

    • SHA256

      97a9b5a3f99fc57f91a8b665f0b5c5645755cf23cd7acb6735d7939ea01be2dc

    • SHA512

      43dc38c1376ed27d69210d375ba9e34e3c9ece6759c374095d7179ebd045ef527aa4db9f3a582b7f45328d788702da0813ffa773529a9a14ad45ad9f916718a3

    • SSDEEP

      12288:/2fSf1Gm+CWms/oK5N29k5gvO9xpyQS5eq9eBRHZ5j:/2fS8eWClm9xp5S5V9el5j

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      79be350c8381293abb045bbd2a7b5f0a

    • SHA1

      0b4e6d482cae461e36c2b47661ef586545162e23

    • SHA256

      3091623495d6e81bc0aa9182a55b0f93d3b2238102a44fd66943e46ed7eeaf51

    • SHA512

      1d39bc13f2825bb4aee5832bc5c60603b62b3475e0075028a146981764e6796e68fdd752627f37f8bb198dcfce5a62efb6a6283366fc4874a8915008aa0a4c28

    • SSDEEP

      192:/6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTSK72dwF7dBdcQOz:/6JaVh4I5rpPbTS+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      9a628e53707c1621e0312cc1a3b22455

    • SHA1

      060a3873f942b1556e0ffdca10e27d5718aedd0a

    • SHA256

      421bb86ccb4dd4744cae51b38e50b28844ceeae3040870aed404159e27b52b2b

    • SHA512

      706bbb2ea3f99a3144dce8b016805bcb362564072d248f4f13f75d1d00d47a80488e3bbe5dcd093cffb6c5b452c501bbe20591cc72d0b8b9ae1be97a570a3a32

    • SSDEEP

      48:q+IqYBUYBFxhRwYCI0owYlOdkPm4LYZ5sR5uHe26vqAa4GEVu:lYBUYBL0Toa7+Q5sAeG4GEV

    Score
    3/10
    • Target

      IEDriver.dll

    • Size

      68KB

    • MD5

      c663b1a22f5ec244c66012577f524f2f

    • SHA1

      b1e435935b7b072a909e27469331f36fac585878

    • SHA256

      0aa4d5f05682365538f55469472981c5b142d65742017572b1c58042d14bd5d0

    • SHA512

      6def58828e243f24f384dcde2bc039c6d52263602789e6624eac77202b7faab5bde9c702d5703173714906fd8fa8fa8fed7f6041cf9cddb10b4cc7b9c3cd967c

    • SSDEEP

      768:f7iNilHqb1OK+VEogNehPrcnLea1Sdfg3gdZzrbuMZO6pxt:GNi4b1OK+O8Ronaa1Sdf24ZyMZ7

    Score
    1/10
    • Target

      IEManager.dll

    • Size

      100KB

    • MD5

      ef43d049ed277e108b4b603c32fabf7e

    • SHA1

      3d54064871a8050d653c764886fe7f2ab0667100

    • SHA256

      deeb75345dcd46b83f07cbf7ed780ea9ac6a096eb5825e2cd16eef9a5485ae46

    • SHA512

      f356f04608dad8a46cb4c84135bc8b371f1bb47c62ffd6d7869423db360de30147aeab83e5fc2d18e5fe02778f66651bd78130613a3d4fc9c060689fef5310aa

    • SSDEEP

      1536:DLYNipp6BIF2IW9n1e2IyDmTk5xhxRnAlda4I0JWctTEnttbx:D0NiEI8ngIvnM+0JZtTOtbx

    Score
    1/10
    • Target

      IEMate.dll

    • Size

      984KB

    • MD5

      32349d46e6ad3bdfc0b6f2199ac7e7c9

    • SHA1

      df29f87004d97afd5776d19c1ab57ed1f84eba4a

    • SHA256

      59c319be8db500dafd09980088fcf23597c388e32d0be3010879a1e10f778220

    • SHA512

      d3b4e23c988ac8b5f66cdd02b0be6ef6dd33149813c0f77ec91bb2899c6319c560efe46212fefd8640b22b3e28e10ec7079409d25b3598279122ba17c4fe7066

    • SSDEEP

      12288:BnsWvjVLwMu20N+Dto3f7olmAWKfLbjNuOuL9JUxjRDTtA6bDhrmOTNPF:nvjVLwx+DyfsoGLbjNuOuLqhbpXR

    Score
    6/10
    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      IEMateLib.DLL

    • Size

      81KB

    • MD5

      0465eaddf43355ccfbc93a0b4ef7856d

    • SHA1

      c17749841cfaaf25c6d50e053b6df083ee4b14e3

    • SHA256

      b5d09ec144e5de7394b3db9482f1683f7beca7c4a46ab0146d6828bb90b3ef34

    • SHA512

      d0518eab1e5c1cf92ffc1d151ecbbe2ea16eb27acdd057e38da5898fe7e3ebca08a8232d406365ac854d4a389d708d004833642efd677f15f80aefa6d0e6656a

    • SSDEEP

      1536:26ES8CqfFQxFLPAwSzOaQje1YsjXjnOPRhRukSNh5Cs7:26EnKvowfaQjeusLrOpRSNH7

    Score
    1/10
    • Target

      IEMateLib2.DLL

    • Size

      13KB

    • MD5

      fc4f8dfa44716b983ecc7931d69c7c24

    • SHA1

      28ed07b80855a069fe69661727709ce9618ccac6

    • SHA256

      11a729f235b510d65760a0ebfed77a3dc58eda4c53f2b0ba1b697e3ad84f3349

    • SHA512

      43cd0fe30326a73dca364fbc988fe57d5af29bf4bde78e4d0773d72116b20945e3b47aeadd4a13c6c92aa6b27fdfd56d49f180ad0b1e0b3af87d296532529db1

    • SSDEEP

      384:mTb8eLwPnN6jdg+1TE1mVFzRuAL059VlXf1tfK:mm/NYcmnL0rVR9tfK

    Score
    1/10
    • Target

      IEProtect.dll

    • Size

      64KB

    • MD5

      5067fa7e799ac5b3db6b34dd9049c9bb

    • SHA1

      00524ed641fd16100eaa92dcb3405b3415b89ec7

    • SHA256

      a8508a1b320b0d30a81e51fb3f36750487e6db09379ee5eccd1807ab67041536

    • SHA512

      13a512d23fd682932ed99895fab45c2139eacd166787d5c51ce3cd1e2081d06c9c93638477f438b320209da201d1075c15d7a87f4d3816714294f2823edd6a50

    • SSDEEP

      768:xzegYDClIWtyMyNSkLafVXpz7Kpw0kyu1L5UiLc4Y1IfN3JIhhjiPXO:oFDivsMyN+5R7yw0kyuh3c4Z9J6j6+

    Score
    1/10
    • Target

      NsPlugin.dll

    • Size

      5KB

    • MD5

      4e442e6c28c068c8f2ab1634d9674207

    • SHA1

      9ea7a8f333ab0c0ba092a779d637204b05ddc75b

    • SHA256

      96117692ef2ffd29251d0c9240cd671dac87a331c617864c327ecb5b4af9e4da

    • SHA512

      7657f90ceb2a07906fa45534de1c15c1f25d0e99fe941767badbf308f01c996a44ff237fac5418124e6bf3bc2e0166be9f7f742f2f9c10bbeed7338450d7315a

    • SSDEEP

      48:qNnbBCONSw0aPfVvDVgzI+tpuOt9Ot9wClVfiff3YyBL9wvF:snbcONR3re1tpuwwwCMf3rL9O

    Score
    8/10
    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks