9af7cff793aa9a53b890331046d268e3627bb2a6b5613cdb49619c07412ccc03

Resubmissions

27/03/2024, 09:17

240327-k82gjacb8v 10

27/03/2024, 02:33

240327-c2b93aag24 6

Sharing

Copy URL

Twitter E-mail

General

Target

9af7cff793aa9a53b890331046d268e3627bb2a6b5613cdb49619c07412ccc03.zip
Size

8.2MB
Sample

240327-c2b93aag24
MD5

92718e3da8368e0928e9344b45170125
SHA1

4c8743e3392e3e0db3d0c8979213823c747fab9e
SHA256

9af7cff793aa9a53b890331046d268e3627bb2a6b5613cdb49619c07412ccc03
SHA512

d2c7a9d7008f8e1cc4ce20745368841de68f23cab11ed257e17ea6df44b3f81e40d18441a9762c772b8d8a100bf6827912431723ab2c1c56db6ace9f3f621b9d
SSDEEP

196608:E2GWKqkGTSOwUDpZm4NPaRzviayZenDJuOGZWCU/Z73zN7:E2Gb9OwQmeaJiay8NuzWb/Z73p7

Score

6^/10

Malware Config

Targets

- Target
  
  npp.8.6.4.portable.x64/langsMod.html
- Size
  
  2.6MB
- MD5
  
  8f28087d8d0e716368314c2f1a159280
- SHA1
  
  7e383ae0f632c02ef98168b6c1a33fd449d6c393
- SHA256
  
  0b3731c524e6ba716f15087d85eae7e6225b6b51d4ae2fa6c142ff1523f57046
- SHA512
  
  aa21ab18a12a69ff25b24b1c255b0bdc7961985150b07a7f3f4b0909e212295bd781548cd8ea817f3144dfad845aff93df40a513bdb637db7b89bb08fff01eab
- SSDEEP
  
  49152:C+sGc1TASKVbmYIBotpg0TunuNeeigv0XIMw4h2pk4PxKS5VinRfepLm7j5:WTAfVbwotpgruNeW0VHhL3S5VicLaj5
Score

1^/10
behavioral1 behavioral2
- Target
  
  npp.8.6.4.portable.x64/notepad.exe
- Size
  
  6.9MB
- MD5
  
  8279706ad64d33bf4eceb2c1becef274
- SHA1
  
  582cd15c2d1bf27da142ced63ffe490818bf4fa7
- SHA256
  
  712abdd019cd2e4d96cee74d94eafba8f21ffc35c99a656c228a179ba6f5b310
- SHA512
  
  69d5f5a2ceaa10a822d24af6c0cfba91804886c7fdb634931c2c6149dec29b98a7770fa7e3cb8630a525c088c39a84382ad30556aa9d4092e4b2e356af39cf9d
- SSDEEP
  
  98304:1UZbk6fd56GkLWD9hWfa3s+wuP8ThKV/mo:ybkRVLUhWUz/PIK55
Score

1^/10
behavioral3 behavioral4
- Target
  
  npp.8.6.4.portable.x64/plugins/Config/nppPluginList.dll
- Size
  
  204KB
- MD5
  
  e7ab0446d3d300d93ab65dd9f94dd59b
- SHA1
  
  999f0dd30d4aa5224ade7b1bb2d4410494ee7324
- SHA256
  
  83bd50d9c6d57a58e75838e92c4d5cc61d1cc604b4db033559c756b857f267fe
- SHA512
  
  93016a843cee731c7b6195e36b218806734506e1aa44648731510962db1f8e405d1fc1952936a23340397c6b4fbb11ff0b832646970a79644042457cab3b159d
- SSDEEP
  
  3072:cuQtUEW4pggQikeV29r97Fo/rg4aSuhJFAcT15fabjsKeBcHzmVR53vi:ktUr4/Dkq2FH51lQ/q
Score

1^/10
behavioral5 behavioral6
- Target
  
  npp.8.6.4.portable.x64/plugins/NppConverter/NppConverter.dll
- Size
  
  198KB
- MD5
  
  7ce0e43b22274d55d7c8fbe937fdd70a
- SHA1
  
  b8b42b145e0fad49c3f497dd291d95629b24bc0e
- SHA256
  
  15b522475027a659988edcd0b9efa18f2cf9d04ecf5f88d1c577eb8be1f55156
- SHA512
  
  98c40c83b9e4c7f92f83a3c8fc8974c818edadc89b1aeb59922062b514fac47be9a3cf90859ee07dc9f641066a4d65182dc6b7641c41bde55c601bf08302533e
- SSDEEP
  
  3072:esyQLpFufl6OPM07zq06MuUy8wqy9XGOeXLXTbi0A7zR9zk:5FLIl/M060Or6ucjb5AfR9
Score

1^/10
behavioral7 behavioral8
- Target
  
  npp.8.6.4.portable.x64/plugins/NppExport/NppExport.dll
- Size
  
  153KB
- MD5
  
  b29065b03a282b5560464fcc657945b2
- SHA1
  
  b4f9cec583775c22ed7fbc967743df9effeb7d2a
- SHA256
  
  f235cc34e126b47847b9aa89bf5ead47948de4d190b5fe2117ae6deff47e63e6
- SHA512
  
  3872f4d85a88363c2538b41d85b6cfbfc14b1abe2b452cb9f71cbe310f53cc2522f1f072fc33853d17662a3cb39c656d698559b4a40bf5d9cffdfa11c47116d6
- SSDEEP
  
  3072:JHWvf4whXRxCtyAKfbn52zwjMdsI54tWfdHak6y/c:lWYwtRxCYAKfb5uwodsIjd6k6d
Score

1^/10
behavioral10 behavioral9
- Target
  
  npp.8.6.4.portable.x64/plugins/mimeTools/mimeTools.dll
- Size
  
  145KB
- MD5
  
  3b1f714950b8d0134866dbc75e66eff6
- SHA1
  
  6564dfc3c079fe789546350271e4cc19ba0ccdeb
- SHA256
  
  148b29123bb0c28614858460d7a10707469fecebd6a9ff1da98a0c76a89a9819
- SHA512
  
  376ae4b80c1518c724ac75dc78388747d7ae18b624a39cf74398c404bbf7a283c8c4fe8eb27673b9c99e1195aabbb81a2f08fccb01e192ee07ac1f7c2afdb630
- SSDEEP
  
  3072:w3/HUI6sbzc1/x5py8qLlCat4HVOtzNNG0vBxN049K7lH:w3H6sX+/xzy8qLJ4VqNm49Q
Score

1^/10
behavioral11 behavioral12
- Target
  
  npp.8.6.4.portable.x64/updater/GUP.exe
- Size
  
  818KB
- MD5
  
  7073a8f48d526090a30c5c7e6191ca08
- SHA1
  
  2908951eb08202ae355a4e5a6f06076725bee725
- SHA256
  
  35663bf0e84cd3f9ba8949375fae8451263954154274ad4454b86920252424dc
- SHA512
  
  74705e6275b8a9e9e2eaf99e0c64ef041a52fc78ddf20190cfbe96a2e7412d92a90d912c17b996c3c4f7d5cb4f3f647ccfe4da56a0e592f15e7b86644e319753
- SSDEEP
  
  12288:ZySK0M5qRxaBr5wFNbgpA0WUVzOR63AczZXBS3CNmBDIOh68ADKbp34zZZ6dNNoJ:QqMo2aWqT2KbpIFZ6PNeTw
Score

6^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  npp.8.6.4.portable.x64/updater/libcurl.dll
- Size
  
  728KB
- MD5
  
  608dcba727dd4d046051968605e71553
- SHA1
  
  859eb7b3b1eb4c79b6d90b2eff0429c6a766f499
- SHA256
  
  012c73ef798e6656e0f2180c5b1f2175be4e72bfae830d1f2521a2566d2d0ec5
- SHA512
  
  16fd945825c6d7f55854a53bea1a780bf350c6134c9b41f2d8440c376c38fd7f6ec83ae0c3bd3063245938465b18b38158d35e7bea6ff69bda2f6e93ce2bf8f6
- SSDEEP
  
  12288:KvnFnd1uk7byyzwn5l2rsc2QwEBhdoqyTvl0cWmlqhKyMv:KVekCoa5l2P2B6hdQvl03msMy
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16