d45f541b13139346d518b1ab79a5f70dda19ab6359327d7b76ab91a459813754

Sharing

Copy URL

Twitter E-mail

General

Target

UX Launcher.zip
Size

170.5MB
Sample

240323-w9cqcaag45
MD5

b11a143bc588f2230edff105bb72c1f3
SHA1

907d6c68dd46996bdf82cea4ca7458449016caf7
SHA256

d45f541b13139346d518b1ab79a5f70dda19ab6359327d7b76ab91a459813754
SHA512

681ac4753b3f70df7c2be6d599abfd11718f85a2b18fe4628840a067541d906698c27b31fdf31ca89898befd9ce55b3242667acd1f07afa099c8a1840f451057
SSDEEP

3145728:Yf1TG+IRUoVy2fRHn+GiW2jnFgVYN1TmcjsmieoCCvyUGmLF7AP31Nn9BYFnwlz0:miVbfRHn+Gkj061TXZFzCv1GmYlN/2nf

Score

5^/10

Malware Config

Targets

- Target
  
  CefSharp.Wpf.dll
- Size
  
  98KB
- MD5
  
  3daeabfd95e1b8e234e0f59a255de8b7
- SHA1
  
  898d299fcbd0e037d2e99a0e8ae037faa26dcf84
- SHA256
  
  b14b98d5de7423f6cd2a762b45a3e1738cac4abc435520cd75158e67ee77b09d
- SHA512
  
  0fa135c2e7585d06b8d4df7bba0d058bdf4917530bdadf494bda5fad778018b0a5db67aaa4018a6847feb58ed7cc6acf87d695e7830c7061bdc79e646117bb7d
- SSDEEP
  
  1536:hkjAkFlYUFk5mTkZ0wcKvvAmrrTvfuByGxiigcmN/uZPWIxKc1V+yAS2W:MAfUNnw7voq/igcmNWPWIxKc1RAi
Score

1^/10
behavioral1 behavioral2
- Target
  
  EO.Base.dll
- Size
  
  3.4MB
- MD5
  
  c6b629919df8b60730c92a4b47aac7c7
- SHA1
  
  cea05e154df7b337ce8fd6ec0d73866849951bd7
- SHA256
  
  875bedfa0733751d4b0397fb3a6d3ec7df60d4ac71c89cc8b8062a2dd07009a9
- SHA512
  
  6b2453e8c0c8c62939787ff95cdfab0f9b2835541aa491852781a63faef7dc19f4633b045064ae67f1c69568f13ae4d5ef9ccfcba6d70397c9034ef0fc23e350
- SSDEEP
  
  49152:90cc6IFi7CNHSEQ7cmXdgziCd5Ee1QKsxdbjUvOP36HTkd6EbIE:90cc6IFi75vt9CdbQ/dbZ
Score

1^/10
behavioral3 behavioral4
- Target
  
  EO.WebBrowser.dll
- Size
  
  226KB
- MD5
  
  011be04d3a479408f061fa5b51443ea1
- SHA1
  
  c10ecff19ec020226e1818a71210fbad5844b5de
- SHA256
  
  143f9796b5320b1cdff7db703af07811a7a7dcbf11d2e5b9a20ddbbbbffe305e
- SHA512
  
  18fbf68267030f75191b47f01e6a08e3a1802a3521ae81acebdfdfaca467c9b7f1b8a77c08914f3c80be0314cfbf767614667f189d60e691248c1072abecf640
- SSDEEP
  
  3072:bT8EaChb0/C5INzgX0QeXbgLPq09xeFFGqUSbCFvNMwKVQD3r84Uz0y/:bYEaCCCk8XIxtFCF1JDy/
Score

1^/10
behavioral5 behavioral6
- Target
  
  EO.WebEngine.dll
- Size
  
  70.3MB
- MD5
  
  eeece8cee1595bf44df4c7a46cefb417
- SHA1
  
  dd52074617c32285b0b275a9a4924c657ece4d2f
- SHA256
  
  701f287182057663bfe401fc78fc0e1b6547dc61937d70c511760a22f2c7c1a6
- SHA512
  
  16b92d9a09c0cfc69655047e4fff698bc510f7cd18478169074ddbfa4e80f48c830de2aa90682b0076f96c3e93bf8130006b0faf217e826352ff2bc1176cfa91
- SSDEEP
  
  1572864:rJsMamtS1931qjEliq7uioH1GHPDB0b3azbO1cXO0Lk0boZN:9cmtS19FqIlP7unHAH10b3azbO1cpLav
Score

1^/10
behavioral7 behavioral8
- Target
  
  NUnrar.dll
- Size
  
  123KB
- MD5
  
  329114a6d45a1f67db1831bac2be770b
- SHA1
  
  861403bfa051306a5f371d0bce06afa68fc9a4e9
- SHA256
  
  82d93e67d0c1bc5f92faca3cb3ad1cdd0ea130425db47cb3301721945a10f29d
- SHA512
  
  012ae8132d2c568f61cbc8e0e68abee4e0b37938a0612e7e0765271f42e7bd0dfd93a245bc75c0ad0f384bb62b275209edba05b541210ef9469abbf833b5c08c
- SSDEEP
  
  3072:o20kNKmVObPhs6qbdy5MhgOCJg3P+Wag21uN7E:50kNKmVAseMhgds+lg21o
Score

1^/10
behavioral10 behavioral9
- Target
  
  Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral11 behavioral12
- Target
  
  UX Launcher.dll
- Size
  
  703KB
- MD5
  
  37bb41c2a36458278f9e7e57db857eb8
- SHA1
  
  e11cd02bdbdc04a5f01dbe4225692e875ae140a4
- SHA256
  
  63abf02eb02e2e289909a4eb3f7f936a6c677694ea913d120a4502f85ef1f54e
- SHA512
  
  028e7ee50f8e091c7720246dc2a01c29617d20b31048d7fae464a2edc7179c47219ff22fa642ebdef8786d058395109ccec686a7f669525ebbdf726d9231aab9
- SSDEEP
  
  12288:Yh4R9wbCYxjsymQKZbzmpAs7OE+jO62Vn4sV3HykBdwq7X0z5CVr:rWx3wZ+biEJ1VhtNXK
Score

1^/10
behavioral13 behavioral14
- Target
  
  UX Launcher.exe
- Size
  
  258KB
- MD5
  
  c9b30c88c88d6574627201a21417abd8
- SHA1
  
  d4902d1579ec2b075a87d8d485e8ebadf52d8d83
- SHA256
  
  d11665b6803b2ce7a169afce89b28b48734702d39e1116f5bf08abe9b9042636
- SHA512
  
  740d40f984c3f16bae6470e1403c40ce401d8873451f0299878476dad780e7f9d5504e7ba2deaf75835f16468b620be5f9ddb729efeb9ba62aca9ea2c8ab9053
- SSDEEP
  
  3072:T6DhOHYMjlkvuk/1AdNR6LWWoQGtlPntArj+NKXA+JmhtoZ0u:TBKqf6LVmQj+NKLSoC
Score

1^/10
behavioral15 behavioral16
- Target
  
  cscppcom.exe
- Size
  
  4.9MB
- MD5
  
  04a8ed2b6c2c28ab276ce2f93dbb94d4
- SHA1
  
  d738e6254bf9b2b5584e483e37fabbc460e970c8
- SHA256
  
  893994002bd922c9c59b7d2c9619894dec365775c6b2d84dafbf416d2cd8ee83
- SHA512
  
  d7c4d6ba287ecbcdf6f302617431f0eb3c994ea5a6c4ede850106d4de1e7b03f3c80e49a86be3b6e66f4df81b7762963c9d52c28b7c4e61c6c80654a047ff736
- SSDEEP
  
  98304:E8yHjZ826FW3os/dMFCg9+a5nlUvVF6a3IyPFKlTbbpKm:Eztn6FuoydCh+wE/3ICKpbpK
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral17 behavioral18
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.Core.dll
- Size
  
  1.2MB
- MD5
  
  0695056020eb63f62877493e58cb34a4
- SHA1
  
  9c8135dc406cd42f2ceebec947c8113238e4fc78
- SHA256
  
  cd125611cdb5f3a74ee952951a692ee598daa5a7491e87676a4f68930117bb2a
- SHA512
  
  6a74c029cb1f9b96780d207710b00c9430c629174e08c462c5d8db4ae766946dcb464c7b0ec00cf9db947a873f9c8c5338ed02342ce053397cb533c5808dd236
- SSDEEP
  
  24576:2SmUYbNCuAzZ0vgnBoXoiYbhQspQ8SdWHubiWycQrQK0OXPwtibTL3:fabRAzZ0vgnBoXoiYbhQspQ8SdWHubiT
Score

1^/10
behavioral19 behavioral20
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.exe
- Size
  
  6KB
- MD5
  
  c8c4e02ad521bc6b83b4b6d5f90ee186
- SHA1
  
  177a3b55fcb4ff6d9bb645a287bf5063313b8578
- SHA256
  
  64b548f7b137759d8ee51f5d2b60a61f748715eb14b4fc5e2db02a2b7e51c793
- SHA512
  
  55929555e37ea8ad1a7e9720ead1284d385858e5974fd984637f31d3476a08b00a2bb5ca7677269e3f7a8f05b8006dee206cb0e529b471d78193634a23d22baf
- SSDEEP
  
  96:KI7x2I7l1CsmQBDp/xnXkoFZLetmAvNt61OYcXei+U:1F2IKsmQBxdXkoFZUsAYcXeU
Score

1^/10
behavioral21 behavioral22
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
- Size
  
  1.9MB
- MD5
  
  2d63bcfee8470ea6e0b1dc023181b06d
- SHA1
  
  d371ddbbd8387490db9f2a48cb4923b5dd44078a
- SHA256
  
  6c4105b8a81b24c58621a6dedd7774c222203ff8e7d2274ba28a64c8d1a724b5
- SHA512
  
  5e0c6588160bbfeaf5f67e51b7d6eb4aac977d9738dcc4fc8dbf09a24c55368bd82bd4ce07b49430e569476ac815b39674f485128e8094b50c1ba60072dfdbeb
- SSDEEP
  
  49152:FiGrpNMGkuzUqcf2koiYMnKt++e6P4ZcVQm6QhP0lsNxlalB695srQK0OvkQ62ga:4P3
Score

1^/10
behavioral23 behavioral24
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.dll
- Size
  
  36KB
- MD5
  
  11518dfc2043748eff8c526719ce3aec
- SHA1
  
  50652bd4282512541d0b6360200b3bceca45b109
- SHA256
  
  79c3821ca3a2ef0419e57e5234a6a6c25335ca6ad584cf6657e6b381533c46e1
- SHA512
  
  ac8de65410423094761f365997c2969b19690a15db6677d0a9bb9be52089ee85d6f0e7d51a4fcc714bcddae7b8454b913176725e2b5708f415328718f7ee0a9b
- SSDEEP
  
  768:EXPR8SEt+ryaT5W/+XtK5KwJlWsNWOrWO/ClaZ1uukLme9El9cEgJ:EXdryaQWqfbWLZlaZ1udLmO9J
Score

1^/10
behavioral25 behavioral26
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/CefSharp.dll
- Size
  
  1.1MB
- MD5
  
  c71d59ab2399a931c9c95e2e34ad8134
- SHA1
  
  6cadecf99e21f52af9bee9004454ee2797f7facf
- SHA256
  
  04d99ebdc08188798d80ae476655933afe0454e297e82ab04ce8ce04df035642
- SHA512
  
  10f2c668d2f94fcfa3d1cdbc93b1f5dca86e38855accb4055a4439d7d8a6d403f3399c1b794e517c05335759a3ac99012a7eb04427bf1074e618a3d265dec427
- SSDEEP
  
  12288:7Gpp9rWNcMVwBki3ze/NNEHzHclUIYcnCGtr9qMUXE9VWY:6MNqrcCo5EE9EY
Score

1^/10
behavioral27 behavioral28
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/chrome_elf.dll
- Size
  
  1.1MB
- MD5
  
  fbf3b0711733e2bf2d568ae8430489b7
- SHA1
  
  1b91b5c5c697e22547d5d15f5bbead57647ce971
- SHA256
  
  f9032348386637e55788348dc8ed5879daee978be8ab77cd42b0316427d6fbc8
- SHA512
  
  53028535e302657ef2d0d025c166a81b0f5862637e6241b4e97d8a81739d58939cd5285ea2856e8d43d6110115eeafed1e907de75a039f9318eb7759cbdcb197
- SSDEEP
  
  24576:SMY3gpgCjDvQ420RhKMh8skyyP+cbnOk:DY36gC4/0rj8skyyPX
Score

1^/10
behavioral29 behavioral30
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/d3dcompiler_47.dll
- Size
  
  4.1MB
- MD5
  
  222d020bd33c90170a8296adc1b7036a
- SHA1
  
  612e6f443d927330b9b8ac13cc4a2a6b959cee48
- SHA256
  
  4432bbd1a390874f3f0a503d45cc48d346abc3a8c0213c289f4b615bf0ee84f3
- SHA512
  
  ad8c7ce7f6f353da5e2cf816e1a69f1ec14011612e8041e4f9bb6ebed3e0fa4e4ebc069155a0c66e23811467012c201893b9b3b7a947d089ce2c749d5e8910c6
- SSDEEP
  
  49152:D5EfJYiVk9w6hAPqzag2At6i5K/8Ub6Lg3MEq/NHiQTtVr+5kb62QgdD6zoodr7P:l7iNPWHYE+Bnm8
Score

1^/10
behavioral31
- Target
  
  runtimes/win-x64/lib/netcoreapp3.0/libEGL.dll
- Size
  
  397KB
- MD5
  
  b83959bbba3e27c60d8474d940024e4c
- SHA1
  
  a4e50fa1eaaceaa64d89fd270ce0b58bfdc8998b
- SHA256
  
  6948e30a0d0eac9584071430d93f4e49645cbaf73ef821d723de6bc00ff13f79
- SHA512
  
  edab21cf052649b9ce9584f371ec7de572a27f85cc695b3ffc5f50f94a7dfc1dbc7486ffc956a9b09dcac991adc4cb9cb65f90ff19a5c009d95b47127dfce13b
- SSDEEP
  
  6144:DuMNe841dbd6ofvI6rbCdiphMBUS7brdusBvW:DDNe841tAo3IQhVS78d
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32