19ac7b70d85ced0d12eaa2bd14cdab73cd116a9d027924401188c983092b96d2

Sharing

Copy URL

Twitter E-mail

General

Target

Mauqes.rar
Size

64.9MB
Sample

240326-ql9saaeb4s
MD5

dbb3834d6b99335a71ebaaf3a5ffc479
SHA1

dffcc9a0b5e7478195f9acf28d6041f001dcf31d
SHA256

19ac7b70d85ced0d12eaa2bd14cdab73cd116a9d027924401188c983092b96d2
SHA512

c4e0475cb4b02a6fd9a18e2f5e818b95f8990cff19ecf4487a90b149f268a2fd1a3160610010a357b8191b37acb1e53798bcc6b7c2e71a2d2e92ffb2a6b54a0a
SSDEEP

1572864:3M5gWjX+ri/bEhXNP/Id75xadvk+gDtT4LhEWiirsF2Le/7sYkqX7WYu:3MK2+ri/Y7PM758dc9WzrbqFkoWh

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Mauqes.exe
- Size
  
  64.8MB
- MD5
  
  75ccb6ed3c85a68633e0dd8319a2cf36
- SHA1
  
  9b91d8633ff2ec3069aa6f086be26f971c14b121
- SHA256
  
  6577c9762e056c9f38eccb34636bb7d6b4cfc9c1a410181024f8ee5706575536
- SHA512
  
  3a27ed18f9b3ffa3fcb76c292af2dc9cdfef5ac9cdded622a52e55858bc716f1f0732c2f4b7a9af115d95003fe966c26451da19c9a81f63406579ea8dd78c3ee
- SSDEEP
  
  1572864:VCr1rLLAaxZH/6zcJX/HbcaNOMJS1sfCt0VOWWiUSM2fh37:ERrLEu1/NJjcaPJSCfyOpWZSJfh37
Score

7^/10

spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  LICENSES.chromium.html
- Size
  
  6.3MB
- MD5
  
  6e638956244aaded2c92b77f9d421a81
- SHA1
  
  f5269556b6fe04cfca5a1da21af718641708a666
- SHA256
  
  652457f1b5ec60a81c8aff095366bcc068402c21eb380ba8286366bc4e9a029e
- SHA512
  
  f0e173761a6acd13b6c1b5eb896c361487a770a54f1842ffaa80c8ff780b37a1e801169786776c4afa7d9c75cd968dbaddabff082de55cf75cc4f9d871d08bc1
- SSDEEP
  
  24576:nPVZ5W5WS95zHIlGMmfu626s6W6a6q5AHOeQDph:SMn
Score

1^/10
behavioral7 behavioral8
- Target
  
  Project.exe
- Size
  
  147.0MB
- MD5
  
  d4c9a6a8c5eb9aa8ebc59dde8292ae8a
- SHA1
  
  fc2936c689fd1274d238614a78d478bf908e6c31
- SHA256
  
  aa40c83980ed619d06360e7599ac64c402ac4a87c34bcca76cda35508fd38004
- SHA512
  
  352ce88ba7799436ae71d9e2c641db4e6a4196feb06a4af587037f2f2dafde04c4892aaf01970c34eaf9aa69c056a613b250f70f0f04fa8f763a9efc427a7968
- SSDEEP
  
  1572864:2ezg6U0ZPZ4K5MLM4y48+jce/i5AS5oqSqBaW8fKkOeMS5sQ:RZiVI1o6s5s
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral10 behavioral9
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  cb9807f6cf55ad799e920b7e0f97df99
- SHA1
  
  bb76012ded5acd103adad49436612d073d159b29
- SHA256
  
  5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a
- SHA512
  
  f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62
- SSDEEP
  
  49152:IuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8cc:oy904wYbZCoOI85oyI
Score

1^/10
behavioral11
- Target
  
  ffmpeg.dll
- Size
  
  2.6MB
- MD5
  
  547a54bedf818b056cd3708fc98e01d4
- SHA1
  
  0284e305f3ae984332536951fe714e34113619b3
- SHA256
  
  915f8bc3a47fd40aa4e168439c5ecac0ee390f8869fba630a23d19cf4b42bc47
- SHA512
  
  ab1933568bd4e53b72bfe5b74eeac2020973e52a6bf94aea636cae2ab62bd8dc980ece5fa514d76863d96fc7525096e1fd51a31458273768a5ba14b26ec7785d
- SSDEEP
  
  49152:oYuqVaqc35GHXVNtcZ44yODvSEbO/1o/GRRpYN4MJ8eIknusyUUjkU+jLtyTzQVD:oYLVl54yODvH/ySJUiLtyTzQVkU5qkJx
Score

1^/10
behavioral12 behavioral13
- Target
  
  libEGL.dll
- Size
  
  464KB
- MD5
  
  fdfd06686a07aa01114ce4bdca1bfdf0
- SHA1
  
  4addd545f62d452cc0ca5638b9e0d5bacc047e21
- SHA256
  
  acf245d2c75d84b8e8f58e7acacc59353fa837a11aa106d0bc0a3bb95f7f42d5
- SHA512
  
  d7fd16d24d7cbf4b872da2e7d01e3ad389f798788dcbaeb93937015066b69a6c878605c7bf1819edc5ec5d4e6083b0ddcde153a7b513a7c736927366efeb7258
- SSDEEP
  
  6144:03rGS+e87yDqHfFetvM/jvtGgJ53B6Zj8s1al2zl0ovk1SY7e:WGS+e87A6eZM/jvtGgJZB6ZirS
Score

1^/10
behavioral14 behavioral15
- Target
  
  libGLESv2.dll
- Size
  
  7.0MB
- MD5
  
  0600e131a5d19e0cd756d491527759c1
- SHA1
  
  787e062fea838ad38f8e5de3caecdc6107decbb8
- SHA256
  
  40e38308cd9355748d5bff40fbd7905a6578622c8c749ad9d896b5a59a77b46c
- SHA512
  
  5bcbe88a7f7bd03d5bd0e131ae9676e7752bfb796617db6fe3ba548d2072385984f7d53887650c6f20a1294a813f41c75ce557088b0f7cfcde67b34ad890cddc
- SSDEEP
  
  49152:k74NBDqE4m61HyvJuB5GQLUCGjmWwsO4yERNETwOz3Svfnyh3lIE3dPwwGF3qG7v:o2a1SQGZCyBsgucFevlsh7B1
Score

1^/10
behavioral16 behavioral17
- Target
  
  resources/elevate.exe
- Size
  
  105KB
- MD5
  
  792b92c8ad13c46f27c7ced0810694df
- SHA1
  
  d8d449b92de20a57df722df46435ba4553ecc802
- SHA256
  
  9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
- SHA512
  
  6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40
- SSDEEP
  
  3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l
Score

1^/10
behavioral18 behavioral19
- Target
  
  vk_swiftshader.dll
- Size
  
  4.8MB
- MD5
  
  21452500b342813e07d8956a4f611fa6
- SHA1
  
  c66ea679876b94703caa90980923a6e54f842782
- SHA256
  
  6e9dbdc156952a73888218a9caa68bcfb99e138ec3125d5a78303788f5cd9b67
- SHA512
  
  761d9d67cf0ef7c2ec66407767a8ab4ed34c443515acc6420050e939d9e8d351f7f26d7dcc55c0de6439c690fc76c92fd8991b2ed01b4be6a9a7fe89c23dcdf8
- SSDEEP
  
  49152:eveyoM/h2BPSjPJEvoSNxxJanAf9dX2kcngUkomWPG2pu6n9MT5F9AZCeqx7l1ZI:cQM/agZaHt7A4P/
Score

1^/10
behavioral20 behavioral21
- Target
  
  vulkan-1.dll
- Size
  
  858KB
- MD5
  
  808da421576befce702b68fb109ac437
- SHA1
  
  1289b12ab2b52ac623431e4617e6e0e95f694472
- SHA256
  
  7583cec78c71c79081eee63f7e050be7b944ef73a7ad2d28470d3e55f38884ee
- SHA512
  
  f0de5161c85ffd115ade958f5768f3cf479c1a6678d3c51a9d2f092cdf48a3ba65cfe0a5c4417adeeba737ab316e5a5f6a25eb763b57481176345bfc5650fe2a
- SSDEEP
  
  12288:fefVW1lX8MvG9E0wsYox2Nmp6yWEaAT6bJUQzH3To+IAEir1iS:fOcTX8p20wsYHmXaATmXjLF
Score

1^/10
behavioral22 behavioral23
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  424KB
- MD5
  
  80e44ce4895304c6a3a831310fbf8cd0
- SHA1
  
  36bd49ae21c460be5753a904b4501f1abca53508
- SHA256
  
  b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
- SHA512
  
  c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
- SSDEEP
  
  6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score

3^/10
behavioral24 behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Process Discovery

T1057

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops startup file

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Drops startup file

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25